diff --git a/CHANGELOG.TXT b/CHANGELOG.TXT
index c609d2b..a7dde3f 100644
--- a/CHANGELOG.TXT
+++ b/CHANGELOG.TXT
@@ -1,3 +1,7 @@
+6.0.093 (2014-09-02)
+ - Security fix: some serialize/unserialize methods were replaced with json_encode/json_decode to avoid a potential object injection with user supplied content. Thanks to ownCloud Inc. for reporting this issue.
+ - K_TIMEZONE constant was added to the default configuration to supress date-time warnings.
+
6.0.092 (2014-09-01)
- Bug item #956 "Monospaced fonts are not alignd at the baseline" was fixed.
- Bug item #964 "Problem when changing font size" was fixed.
diff --git a/README.TXT b/README.TXT
index 5d18612..6d279ee 100644
--- a/README.TXT
+++ b/README.TXT
@@ -8,8 +8,8 @@ http://sourceforge.net/donate/index.php?group_id=128076
------------------------------------------------------------
Name: TCPDF
-Version: 6.0.092
-Release date: 2014-09-01
+Version: 6.0.093
+Release date: 2014-09-02
Author: Nicola Asuni
Copyright (c) 2002-2014:
diff --git a/composer.json b/composer.json
index 009c50d..4310754 100644
--- a/composer.json
+++ b/composer.json
@@ -1,6 +1,6 @@
{
"name": "tecnick.com/tcpdf",
- "version": "6.0.092",
+ "version": "6.0.093",
"homepage": "http://www.tcpdf.org/",
"type": "library",
"description": "TCPDF is a PHP class for generating PDF documents and barcodes.",
diff --git a/config/tcpdf_config.php b/config/tcpdf_config.php
index b0931e5..864a9d2 100644
--- a/config/tcpdf_config.php
+++ b/config/tcpdf_config.php
@@ -2,7 +2,7 @@
//============================================================+
// File name : tcpdf_config.php
// Begin : 2004-06-11
-// Last Update : 2014-01-25
+// Last Update : 2014-09-02
//
// Description : Configuration file for TCPDF.
// Author : Nicola Asuni - Tecnick.com LTD - www.tecnick.com - info@tecnick.com
@@ -217,6 +217,11 @@ define('K_TCPDF_CALLS_IN_HTML', true);
*/
define('K_TCPDF_THROW_EXCEPTION_ERROR', false);
+/**
+ * Default timezone for datetime functions
+ */
+define('K_TIMEZONE', 'UTC');
+
//============================================================+
// END OF FILE
//============================================================+
diff --git a/include/tcpdf_static.php b/include/tcpdf_static.php
index 9e68990..e657446 100644
--- a/include/tcpdf_static.php
+++ b/include/tcpdf_static.php
@@ -1,9 +1,9 @@
* @package com.tecnick.tcpdf
* @author Nicola Asuni
- * @version 1.0.003
+ * @version 1.0.004
*/
/**
@@ -46,7 +46,7 @@
* Static methods used by the TCPDF class.
* @package com.tecnick.tcpdf
* @brief PHP class for generating PDF documents without requiring external extensions.
- * @version 1.0.003
+ * @version 1.0.004
* @author Nicola Asuni - info@tecnick.com
*/
class TCPDF_STATIC {
@@ -55,7 +55,7 @@ class TCPDF_STATIC {
* Current TCPDF version.
* @private static
*/
- private static $tcpdf_version = '6.0.092';
+ private static $tcpdf_version = '6.0.093';
/**
* String alias for total number of pages.
@@ -2450,13 +2450,23 @@ class TCPDF_STATIC {
/**
* Serialize an array of parameters to be used with TCPDF tag in HTML code.
- * @param $pararray (array) parameters array
- * @return sting containing serialized data
+ * @param $data (array) parameters array
+ * @return string containing serialized data
* @since 4.9.006 (2010-04-02)
* @public static
*/
- public static function serializeTCPDFtagParameters($pararray) {
- return urlencode(serialize($pararray));
+ public static function serializeTCPDFtagParameters($data) {
+ return urlencode(json_encode($data));
+ }
+
+ /**
+ * Unserialize parameters to be used with TCPDF tag in HTML code.
+ * @param $data (string) serialized data
+ * @return array containing unserialized data
+ * @public static
+ */
+ public static function unserializeTCPDFtagParameters($data) {
+ return json_decode(urldecode($data), true);
}
/**
diff --git a/tcpdf.php b/tcpdf.php
index 951bc00..78694a0 100644
--- a/tcpdf.php
+++ b/tcpdf.php
@@ -1,9 +1,9 @@
* @package com.tecnick.tcpdf
* @author Nicola Asuni
- * @version 6.0.092
+ * @version 6.0.093
*/
// TCPDF configuration
@@ -128,7 +128,7 @@ require_once(dirname(__FILE__).'/include/tcpdf_static.php');
* TCPDF project (http://www.tcpdf.org) has been originally derived in 2002 from the Public Domain FPDF class by Olivier Plathey (http://www.fpdf.org), but now is almost entirely rewritten.
* @package com.tecnick.tcpdf
* @brief PHP class for generating PDF documents without requiring external extensions.
- * @version 6.0.092
+ * @version 6.0.093
* @author Nicola Asuni - info@tecnick.com
*/
class TCPDF {
@@ -1848,6 +1848,9 @@ class TCPDF {
$this->internal_encoding = mb_internal_encoding();
mb_internal_encoding('ASCII');
}
+ // set file ID for trailer
+ $serformat = (is_array($format) ? json_encode($format) : $format);
+ $this->file_id = md5(TCPDF_STATIC::getRandomSeed('TCPDF'.$orientation.$unit.$serformat.$encoding));
$this->font_obj_ids = array();
$this->page_obj_id = array();
$this->form_obj_id = array();
@@ -1982,9 +1985,6 @@ class TCPDF {
$this->setSpacesRE('/[^\S\xa0]/');
}
$this->default_form_prop = array('lineWidth'=>1, 'borderStyle'=>'solid', 'fillColor'=>array(255, 255, 255), 'strokeColor'=>array(128, 128, 128));
- // set file ID for trailer
- $serformat = (is_array($format) ? serialize($format) : $format);
- $this->file_id = md5(TCPDF_STATIC::getRandomSeed('TCPDF'.$orientation.$unit.$serformat.$encoding));
// set document creation and modification timestamp
$this->doc_creation_timestamp = time();
$this->doc_modification_timestamp = $this->doc_creation_timestamp;
@@ -16372,7 +16372,7 @@ class TCPDF {
$matches = array();
if (preg_match_all('/([^\<]*)<\/cssarray>/isU', $html, $matches) > 0) {
if (isset($matches[1][0])) {
- $css = array_merge($css, unserialize($this->unhtmlentities($matches[1][0])));
+ $css = array_merge($css, json_decode($this->unhtmlentities($matches[1][0]), true));
}
$html = preg_replace('/(.*?)<\/cssarray>/isU', '', $html);
}
@@ -16414,7 +16414,7 @@ class TCPDF {
}
}
// create a special tag to contain the CSS array (used for table content)
- $csstagarray = ''.htmlentities(serialize($css)).'';
+ $csstagarray = ''.htmlentities(json_encode($css)).'';
// remove head and style blocks
$html = preg_replace('/]*)>(.*?)<\/head>/siU', '', $html);
$html = preg_replace('/