From 789a9d2629fd0f40d951444e9bf68a552e391cd9 Mon Sep 17 00:00:00 2001 From: jimmacfx Date: Wed, 26 Sep 2007 08:15:05 +0000 Subject: Remove metacam and jhead exif support, mainly due to a possible exploit. git-svn-id: https://forgesvn1.novell.com/svn/original/trunk@20 4fa712ea-3c06-0410-9261-c11b4c06c003 --- www/inc/config.inc.php | 33 ------- www/inc/exif.inc.php | 236 ++++++++++++++++--------------------------------- www/index.php | 13 +-- 3 files changed, 81 insertions(+), 201 deletions(-) diff --git a/www/inc/config.inc.php b/www/inc/config.inc.php index cdbcb8c..14e8ad8 100644 --- a/www/inc/config.inc.php +++ b/www/inc/config.inc.php @@ -44,12 +44,6 @@ $scnamegallery = "Photo Gallery Index"; // initialy not as lovely $app["url"] = "http://jimmac.musichall.cz/original.php3"; $app["version"] = "0.12pre"; -# =========================================================================== -# EXIF metadata app path (helper app for php3 and older php4) -# uncomment the method you want to use if you want EXIF data reported -# --------------------------------------------------------------------------- -## use internal function of PHP 4: - $exif_prog = "php4"; $exif_show = array("DateTime"=>__("Time Taken"), "Make"=>__("Camera Manufacturer"), "Model"=>__("Camera Model"), @@ -59,33 +53,6 @@ $scnamegallery = "Photo Gallery Index"; "ExposureTime"=>__("Time of Exposure"), "ISOSpeedRatings"=>__("Film/Chip Sensitivity"), "Flash"=>__("Flash")); -# --------------------------------------------------------------------------- -## use metacam (give absolute path to the binary on the server): -# $exif_prog = "/usr/local/bin/metacam"; -## what EXIF data to show (if unset, all will be shown) -## some example fields for metacam: -# $exif_show = array("Image Capture Date", "Make", "Model", -# "Exposure Program", "Exposure Mode", -# "Focal Length", "Exposure Time", -# "Aperture Value", "ISO Speed Rating", "White Balance", -# "Flash", "Scene Capture Type", -# "Metering Mode", "Max Aperture Value", "Shutter Speed Value" -# ); -# --------------------------------------------------------------------------- -## use jhead (give absolute path to the binary on the server): -# $exif_prog = "/usr/local/bin/jhead"; -## what EXIF data to show (if unset, all will be shown) -## some example fields for jhead: -# $exif_show = array( -# "Date/Time", -# "Camera make", -# "Camera model", -# "Focal length", -# "Exposure time", -# "Aperture Value", -# "ISO equiv.", -# "Exposure", -# ); # =========================================================================== ## Gallery Directory # This is a path relative to the directory where original is installed diff --git a/www/inc/exif.inc.php b/www/inc/exif.inc.php index 7b8262d..00068c8 100644 --- a/www/inc/exif.inc.php +++ b/www/inc/exif.inc.php @@ -55,169 +55,89 @@ function formatEXIF ($k,$v) { } -if ($exif_prog=="php4") { - // php internal handling - // $file is LQ image - $exif_array = exif_read_data("$file"); - reset($exif_array); - if ($exif_show) reset($exif_show); - - if ($exif_array["Make"]) { // only render all this - // if there is EXIF header - // fancy table look - echo "
\n"; - echo "\n"; - //co ukazat (podle exif_show) - if ($exif_show) { - while (list($kx,$x) = each($exif_show)) { - while(list($k,$v)=each($exif_array)) { - if ($kx==$k) { - echo ""; - echo ""; - echo ""; - echo "\n"; - } - } - reset($exif_array); - } - } else { - //ukaze vsechno v tabulce - while(list($k,$v)=each($exif_array)) { - echo ""; - echo ""; - echo ""; - echo "\n"; - } - } - echo "\n"; - echo ""; - echo ""; - echo "\n"; - echo "
"; - echo $x; - echo ": "; - echo formatEXIF($k,$v); - echo "
"; - echo $k; - echo ": "; - echo formatEXIF($k,$v); - echo "
" . __("Less info"); - echo "
\n"; - echo "
\n"; - - - - - - // selected EXIF header on one line - echo "
\n"; - echo "

"; - reset($exif_array); - if ($exif_show) reset($exif_show); - if ($exif_show) { - while (list($kx,$x) = each($exif_show)) { - while(list($k,$v)=each($exif_array)) { - if ($kx==$k) { - echo ""; - echo formatEXIF($k,$v); - echo " | "; - } - } - reset($exif_array); - } - } else { - /* vsechny exif headers inline */ - while(list($k,$v)=each($exif_array)) { - echo ""; - echo formatEXIF($k,$v); - echo " | "; - } - } - - echo "" . __("More info"); - echo "

\n"; - echo "
\n"; - } - - +// Only use php4 internal handling now. +// $file is LQ image +$exif_array = exif_read_data("$file"); +reset($exif_array); +if ($exif_show) reset($exif_show); + +if ($exif_array["Make"]) { // only render all this + // if there is EXIF header + // fancy table look + echo "
\n"; + echo "\n"; + //co ukazat (podle exif_show) + if ($exif_show) { + while (list($kx,$x) = each($exif_show)) { + while(list($k,$v)=each($exif_array)) { + if ($kx==$k) { + echo ""; + echo ""; + echo ""; + echo "\n"; + } + } + reset($exif_array); + } + } else { + //ukaze vsechno v tabulce + while(list($k,$v)=each($exif_array)) { + echo ""; + echo ""; + echo ""; + echo "\n"; + } + } + echo "\n"; + echo ""; + echo ""; + echo "\n"; + echo "
"; + echo $x; + echo ": "; + echo formatEXIF($k,$v); + echo "
"; + echo $k; + echo ": "; + echo formatEXIF($k,$v); + echo "
" . __("Less info"); + echo "
\n"; + echo "
\n"; + // selected EXIF header on one line + echo "
\n"; + echo "

"; + reset($exif_array); + if ($exif_show) reset($exif_show); + if ($exif_show) { + while (list($kx,$x) = each($exif_show)) { + while(list($k,$v)=each($exif_array)) { + if ($kx==$k) { + echo ""; + echo formatEXIF($k,$v); + echo " | "; + } + } + reset($exif_array); + } + } else { + /* vsechny exif headers inline */ + while(list($k,$v)=each($exif_array)) { + echo ""; + echo formatEXIF($k,$v); + echo " | "; + } + } - -} else { - // the old code, handles e.g. metacam and jhead as EXIF extractors - // loading lq means it won't work if the convertor doesn't copy EXIF data - // (newer ImageMagick can) - // PATCHES WELCOME - exec("$exif_prog \"$gallery_dir/$galerie/lq/img-$snimek.jpg\"", $exif_data, $exif_status); - if ($exif_status!="2") { - if ($exif_style=="descriptive") { - // fancy table look - echo "\n"; - while ($x = current($exif_data)) { - eregi("^ *([^:]*): *(.*)", $x, $y); - //filter according to $exif_show array - if (!$exif_show) { //all fields shown - echo ""; - echo ""; - echo ""; - echo "\n"; - } else { - reset($exif_show); - while ($z = current($exif_show)) { - //echo ".$z. ::: .$y[1].
"; - if (trim($z) == trim($y[1])) { - echo ""; - echo ""; - echo ""; - echo "\n"; - } - next($exif_show); - } - } - next($exif_data); - } - echo "\n"; - echo ""; - # only show if EXIF header exists - if ($y[1]!="File") { // don't show when no EXIF - echo "\n"; - } - echo "\n"; - echo "
$y[1] :$y[2]
$y[1] :$y[2]
"; - echo "display in-line
\n"; - } else { - //simple plaintext look - echo "

"; - while ($x = current($exif_data)) { - eregi("^ *([^:]*): *(.*)", $x, $y); - if (!$exif_show) { //all fields shown - echo "$y[2] |"; - } else { - reset($exif_show); - while ($z = current($exif_show)) { - if (trim($z) == trim($y[1])) { - echo "$y[2] | "; - } - next($exif_show); - } - } - next($exif_data); - } - # only show if EXIF header exists - if ($y[1]!="File") { - echo ""; - echo "display table\n"; - echo "

\n"; - } - } - } + echo "" . __("More info"); + echo "

\n"; + echo "
\n"; } + ?> diff --git a/www/index.php b/www/index.php index ad143ad..894ba99 100644 --- a/www/index.php +++ b/www/index.php @@ -36,13 +36,6 @@ $cmnt=''; if (isset($_GET["cmnt"])) $cmnt=$_GET["cmnt"]; $show_thumbs=''; if (isset($_GET["show_thumbs"])) $show_thumbs=$_GET["show_thumbs"]; -$exif_style=''; -if (isset($_GET["exif_style"])) $exif_style=$_GET["exif_style"]; - -/* -if(!$exif_style) { - $exif_style="descriptive"; -} */ $page = new C_www; //default colors @@ -329,7 +322,7 @@ if (!$galerie) { if ($show_thumbs) { print "\n\n
"; print ""; + print "\">"; print "\n"; print " : \n"; while ($thumbfile = $imgfiles->read()) { @@ -367,7 +360,7 @@ if (!$galerie) { // show the popup button print "\n\n
"; print ""; print "\n"; print "
\n"; @@ -382,7 +375,7 @@ if (!$galerie) { - if ($exif_prog) require("$root/inc/exif.inc.php"); + require("$root/inc/exif.inc.php"); /* Image comment really poor naming here, it is caption. */ -- cgit v1.2.3