6.2.11 (2015-08-02)

- Bug #1070 "PNG regression in 6.2.9 (they appear as their alpha channel)" was fixed.
- Bug #1069 "Encoded SRC URLs in <img> tags don't work anymore" was fixed.

CHANGELOG.TXT

@@ -1,3 +1,7 @@
+6.2.11 (2015-08-02)
+	- Bug #1070 "PNG regression in 6.2.9 (they appear as their alpha channel)" was fixed.
+	- Bug #1069 "Encoded SRC URLs in <img> tags don't work anymore" was fixed.
+
 6.2.10 (2015-07-28)
 	- Minor mod to PNG parsing.
 	- Make dependency on mcrypt optional.

README.TXT

@@ -4,12 +4,13 @@ TCPDF - README
 I WISH TO IMPROVE AND EXPAND TCPDF BUT I NEED YOUR SUPPORT.
 PLEASE MAKE A DONATION:
 http://sourceforge.net/donate/index.php?group_id=128076
+or via PayPal at paypal@tecnick.com
 
 ------------------------------------------------------------
 
 Name: TCPDF
-Version: 6.2.10
+Version: 6.2.11
-Release date: 2015-07-28
+Release date: 2015-08-02
 Author:	Nicola Asuni
 
 Copyright (c) 2002-2015:
@@ -20,6 +21,7 @@ Copyright (c) 2002-2015:
 URLs:
 	http://www.tcpdf.org
 	http://www.sourceforge.net/projects/tcpdf
+	https://github.com/tecnickcom/TCPDF
 
 Description:
 	TCPDF is a PHP class for generating PDF files on-the-fly without requiring external extensions.

composer.json

@@ -1,6 +1,6 @@
 {
 	"name": "tecnick.com/tcpdf",
-	"version": "6.2.10",
+	"version": "6.2.11",
 	"homepage": "http://www.tcpdf.org/",
 	"type": "library",
 	"description": "TCPDF is a PHP class for generating PDF documents and barcodes.",

include/tcpdf_static.php

@@ -55,7 +55,7 @@ class TCPDF_STATIC {
 	 * Current TCPDF version.
 	 * @private static
 	 */
-	private static $tcpdf_version = '6.2.10';
+	private static $tcpdf_version = '6.2.11';
 
 	/**
 	 * String alias for total number of pages.
@@ -2476,77 +2476,90 @@ class TCPDF_STATIC {
 	 * @public static
 	 */
 	public static function fileGetContents($file) {
-		//$file = html_entity_decode($file);
-		// array of possible alternative paths/URLs
 		$alt = array($file);
-		// replace URL relative path with full real server path
+		//
 		if ((strlen($file) > 1)
-			AND ($file[0] == '/')
+		    && ($file[0] === '/')
-			AND ($file[1] != '/')
+		    && ($file[1] !== '/')
-			AND !empty($_SERVER['DOCUMENT_ROOT'])
+		    && !empty($_SERVER['DOCUMENT_ROOT'])
-			AND ($_SERVER['DOCUMENT_ROOT'] != '/')) {
+		    && ($_SERVER['DOCUMENT_ROOT'] !== '/')
-			$findroot = strpos($file, $_SERVER['DOCUMENT_ROOT']);
+		) {
-			if (($findroot === false) OR ($findroot > 1)) {
+		    $findroot = strpos($file, $_SERVER['DOCUMENT_ROOT']);
-				if (substr($_SERVER['DOCUMENT_ROOT'], -1) == '/') {
+		    if (($findroot === false) || ($findroot > 1)) {
-					$tmp = substr($_SERVER['DOCUMENT_ROOT'], 0, -1).$file;
+			$alt[] = htmlspecialchars_decode(urldecode($_SERVER['DOCUMENT_ROOT'].$file));
-				} else {
+		    }
-					$tmp = $_SERVER['DOCUMENT_ROOT'].$file;
-				}
-				$alt[] = htmlspecialchars_decode(urldecode($tmp));
-			}
 		}
-		// URL mode
+		//
+		$protocol = 'http';
+		if (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) != 'off')) {
+		    $protocol .= 's';
+		}
+		//
 		$url = $file;
-		// check for missing protocol
+		if (preg_match('%^//%', $url) && !empty($_SERVER['HTTP_HOST'])) {
-		if (preg_match('%^/{2}%', $url)) {
+			$url = $protocol.':'.str_replace(' ', '%20', $url);
-			if (preg_match('%^([^:]+:)//%i', K_PATH_URL, $match)) {
-				$url = $match[1].str_replace(' ', '%20', $url);
-				$alt[] = $url;
-			}
 		}
-		$urldata = @parse_url($url);
+		$url = htmlspecialchars_decode($url);
-		if (!isset($urldata['query']) OR (strlen($urldata['query']) <= 0)) {
+		$alt[] = $url;
-			if (K_PATH_URL AND (strpos($url, K_PATH_URL) === 0)) {
+		//
-				// convert URL to full server path
+		if (preg_match('%^(https?)://%', $url)
-				$tmp = str_replace(K_PATH_URL, K_PATH_MAIN, $url);
+		    && empty($_SERVER['HTTP_HOST'])
-				$tmp = htmlspecialchars_decode(urldecode($tmp));
+		    && empty($_SERVER['DOCUMENT_ROOT'])
-				$alt[] = $tmp;
+		) {
-			}
+			$urldata = parse_url($url);
-		}
+			if (empty($urldata['query'])) {
-		if (isset($_SERVER['SCRIPT_URI'])) {
+				$host = $protocol.'://'.$_SERVER['HTTP_HOST'];
-			$urldata = @parse_url($_SERVER['SCRIPT_URI']);
+				if (strpos($url, $host) === 0) {
-			$alt[] = $urldata['scheme'].'://'.$urldata['host'].(($file[0] == '/') ? '' : '/').$file;
+				    // convert URL to full server path
-		}
+				    $tmp = str_replace($host, $_SERVER['DOCUMENT_ROOT'], $url);
-		foreach ($alt as $f) {
+				    $alt[] = htmlspecialchars_decode(urldecode($tmp));
-			$ret = @file_get_contents($f);
-			if (($ret === FALSE)
-				AND !ini_get('allow_url_fopen')
-				AND function_exists('curl_init')
-				AND preg_match('%^(https?|ftp)://%', $f)) {
-				// try to get remote file data using cURL
-				$cs = curl_init(); // curl session
-				curl_setopt($cs, CURLOPT_URL, $f);
-				curl_setopt($cs, CURLOPT_BINARYTRANSFER, true);
-				curl_setopt($cs, CURLOPT_FAILONERROR, true);
-				curl_setopt($cs, CURLOPT_RETURNTRANSFER, true);
-				if ((ini_get('open_basedir') == '') AND (!ini_get('safe_mode'))) {
-					curl_setopt($cs, CURLOPT_FOLLOWLOCATION, true);
 				}
-				curl_setopt($cs, CURLOPT_CONNECTTIMEOUT, 5);
-				curl_setopt($cs, CURLOPT_TIMEOUT, 30);
-				curl_setopt($cs, CURLOPT_SSL_VERIFYPEER, false);
-				curl_setopt($cs, CURLOPT_SSL_VERIFYHOST, false);
-				curl_setopt($cs, CURLOPT_USERAGENT, 'TCPDF');
-				$ret = curl_exec($cs);
-				curl_close($cs);
-			}
-			if ($ret !== FALSE) {
-				break;
 			}
 		}
-		return $ret;
+		//
+		if (isset($_SERVER['SCRIPT_URI'])
+		    && !preg_match('%^(https?|ftp)://%', $file)
+		    && !preg_match('%^//%', $file)
+		) {
+		    $urldata = @parse_url($_SERVER['SCRIPT_URI']);
+		    return $urldata['scheme'].'://'.$urldata['host'].(($file[0] == '/') ? '' : '/').$file;
+		}
+		//
+		$alt = array_unique($alt);
+		//var_dump($alt);exit;//DEBUG
+		foreach ($alt as $path) {
+			$ret = @file_get_contents($path);
+			if ($ret !== false) {
+			    return $ret;
+			}
+			// try to use CURL for URLs
+			if (!ini_get('allow_url_fopen')
+				&& function_exists('curl_init')
+				&& preg_match('%^(https?|ftp)://%', $path)
+			) {
+				// try to get remote file data using cURL
+				$crs = curl_init();
+				curl_setopt($crs, CURLOPT_URL, $path);
+				curl_setopt($crs, CURLOPT_BINARYTRANSFER, true);
+				curl_setopt($crs, CURLOPT_FAILONERROR, true);
+				curl_setopt($crs, CURLOPT_RETURNTRANSFER, true);
+				if ((ini_get('open_basedir') == '') && (!ini_get('safe_mode'))) {
+				    curl_setopt($crs, CURLOPT_FOLLOWLOCATION, true);
+				}
+				curl_setopt($crs, CURLOPT_CONNECTTIMEOUT, 5);
+				curl_setopt($crs, CURLOPT_TIMEOUT, 30);
+				curl_setopt($crs, CURLOPT_SSL_VERIFYPEER, false);
+				curl_setopt($crs, CURLOPT_SSL_VERIFYHOST, false);
+				curl_setopt($crs, CURLOPT_USERAGENT, 'tc-lib-file');
+				$ret = curl_exec($crs);
+				curl_close($crs);
+				if ($ret !== false) {
+					return $ret;
+				}
+			}
+		}
+		return false;
 	}
-
 } // END OF TCPDF_STATIC CLASS
 
 //============================================================+

tcpdf.php

@@ -1,7 +1,7 @@
 <?php
 //============================================================+
 // File name   : tcpdf.php
-// Version     : 6.2.9
+// Version     : 6.2.11
 // Begin       : 2002-08-03
 // Last Update : 2015-06-18
 // Author      : Nicola Asuni - Tecnick.com LTD - www.tecnick.com - info@tecnick.com
@@ -7026,7 +7026,6 @@ class TCPDF {
 					AND (($info === 'pngalpha') OR (isset($info['trns']) AND !empty($info['trns'])))) {
 					return $this->ImagePngAlpha($file, $x, $y, $pixw, $pixh, $w, $h, 'PNG', $link, $align, $resize, $dpi, $palign, $filehash);
 				}
-				$info = false;
 			}
 			if (($info === false) AND function_exists($gdfunction)) {
 				try {