Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 713
  • Last Modified:

PHP htaccess Watermark Apostrophe Problem

I have a PHP script which places a watermark on images on my site.  The problem is, any image with an apostrophe in its URL no longer displays.  How can I modify my code so that this no longer happens?

Here's my code:
<?php
    
    /*
     * This script places a watermark on a given jpeg, png or gif image.
     */
    
      // loads a png, jpeg or gif image from the given file name
      function imagecreatefromfile($image_path) {
        // retrieve the type of the provided image file
        list($width, $height, $image_type) = getimagesize($image_path);
    
        // select the appropriate imagecreatefrom* function based on the determined
        // image type
        switch ($image_type)
        {
          case IMAGETYPE_GIF: return imagecreatefromgif($image_path); break;
          case IMAGETYPE_JPEG: return imagecreatefromjpeg($image_path); break;
          case IMAGETYPE_PNG: return imagecreatefrompng($image_path); break;
          default: return ''; break;
        }
      }
    
      // load source image to memory
      $image = imagecreatefromfile($_GET['image']);
      if (!$image) die('Unable to open image');
    
      // load watermark to memory
      $watermark = imagecreatefromfile($_GET['watermark']);
      if (!$image) die('Unable to open watermark');
    
      // calculate the position of the watermark in the output image (the
      // watermark shall be placed in the lower right corner)
      $watermark_pos_x = imagesx($image) - imagesx($watermark);
      $watermark_pos_y = imagesy($image) - imagesy($watermark);
    
      // merge the source image and the watermark
      imagecopy($image, $watermark,  $watermark_pos_x, $watermark_pos_y, 0, 0,
        imagesx($watermark), imagesy($watermark));
    
      // output watermarked image to browser
      header('Content-Type: image/jpeg');
      imagejpeg($image, '', 85);  // use best image quality (100)
    
      // remove the images from memory
      imagedestroy($image);
      imagedestroy($watermark);
    
    ?>

Open in new window


Not sure if this matters but here's my .htaccess code:
RewriteEngine on
    RewriteRule ^(.*\.(jp?g))$ /videogames/watermark.php?image=$1&watermark=watermark.png [NC]

Open in new window

0
davideo7
Asked:
davideo7
  • 3
  • 3
  • 3
2 Solutions
 
Ray PaseurCommented:
Have a look at this article.  It may not be the perfect answer, but you may find an answer in the design pattern.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_10065-Adding-a-Watermark-to-an-Image.html
0
 
davideo7Author Commented:
Ray_Paseur: I get an error when visiting that URL:

"Permission Denied
This article is currently still in progress and yet to be approved."
0
 
Dave BaldwinFixer of ProblemsCommented:
I can see that article without any trouble.

An 'apostrophe' is a reserved character in URLs and must be encoded as %27 to be included.  More info here: http://en.wikipedia.org/wiki/Percent-encoding
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Ray PaseurCommented:
I think the article has been published now.  Can you please show us an example of the issue?  I cannot find anything in the posted code that leads me to an understanding of exactly what is happening.  Is it because you have images named something like "bill's_photo.jpg?"
0
 
davideo7Author Commented:
Ray_Paseur: Exactly that.  An image titled "bill's_photo.jpg" would give me the problem.  I think it's actually a problem that can be fixed in the .htaccess file.  It appears that I can view the article now so I'll take a look.
0
 
Dave BaldwinFixer of ProblemsCommented:
"bill's_photo.jpg" still will not be a 'legal' URL...
0
 
davideo7Author Commented:
DaveBaldwin: What do you mean by that?
0
 
Ray PaseurCommented:
I think what DaveBaldwin may be getting at goes to the way that a string value with a quote or apostrophe made its way into your file name.  There are some things that are just axiomatic in computer programming, and using the correct character set (actually the correct, minimum character set) for file names is one of those things.  If you limit your file names to letters, numbers and the underscore you will have good file names that always make sense and always work correctly.  You can add the hyphen if you've got file names that contain ISO date representations.  If you start adding things like apostrophes, percent signs, etc., you will find that your HTML and PHP scripts must become more complicated in order to deal with these oddities.  So my instinct is to filter those sorts of things out of file names.  Here is a filter that might work for you.
$safe_filename = preg_replace('#[^/A-Z_0-9-\.]#i', NULL, $external_filename);

Open in new window

Finally, you need to be aware that Windows platforms are case-insensitive and Linux platforms are case-sensitive.  This might matter if you move your scripts from one to another.  You might also look at the PHP function filter_var().  HTH, ~Ray
0
 
Dave BaldwinFixer of ProblemsCommented:
I mean that in the 'rules' for creating URLs and file names, not all characters are allowed.  Read here http://en.wikipedia.org/wiki/Percent-encoding and here for Windows http://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx .  And here's the 'official' word if you want: http://www.ietf.org/rfc/rfc1738.txt
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now