PHP htaccess Watermark Apostrophe Problem

I have a PHP script which places a watermark on images on my site.  The problem is, any image with an apostrophe in its URL no longer displays.  How can I modify my code so that this no longer happens?

Here's my code:
<?php
    
    /*
     * This script places a watermark on a given jpeg, png or gif image.
     */
    
      // loads a png, jpeg or gif image from the given file name
      function imagecreatefromfile($image_path) {
        // retrieve the type of the provided image file
        list($width, $height, $image_type) = getimagesize($image_path);
    
        // select the appropriate imagecreatefrom* function based on the determined
        // image type
        switch ($image_type)
        {
          case IMAGETYPE_GIF: return imagecreatefromgif($image_path); break;
          case IMAGETYPE_JPEG: return imagecreatefromjpeg($image_path); break;
          case IMAGETYPE_PNG: return imagecreatefrompng($image_path); break;
          default: return ''; break;
        }
      }
    
      // load source image to memory
      $image = imagecreatefromfile($_GET['image']);
      if (!$image) die('Unable to open image');
    
      // load watermark to memory
      $watermark = imagecreatefromfile($_GET['watermark']);
      if (!$image) die('Unable to open watermark');
    
      // calculate the position of the watermark in the output image (the
      // watermark shall be placed in the lower right corner)
      $watermark_pos_x = imagesx($image) - imagesx($watermark);
      $watermark_pos_y = imagesy($image) - imagesy($watermark);
    
      // merge the source image and the watermark
      imagecopy($image, $watermark,  $watermark_pos_x, $watermark_pos_y, 0, 0,
        imagesx($watermark), imagesy($watermark));
    
      // output watermarked image to browser
      header('Content-Type: image/jpeg');
      imagejpeg($image, '', 85);  // use best image quality (100)
    
      // remove the images from memory
      imagedestroy($image);
      imagedestroy($watermark);
    
    ?>

Open in new window


Not sure if this matters but here's my .htaccess code:
RewriteEngine on
    RewriteRule ^(.*\.(jp?g))$ /videogames/watermark.php?image=$1&watermark=watermark.png [NC]

Open in new window

davideo7Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ray PaseurCommented:
Have a look at this article.  It may not be the perfect answer, but you may find an answer in the design pattern.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_10065-Adding-a-Watermark-to-an-Image.html
0
davideo7Author Commented:
Ray_Paseur: I get an error when visiting that URL:

"Permission Denied
This article is currently still in progress and yet to be approved."
0
Dave BaldwinFixer of ProblemsCommented:
I can see that article without any trouble.

An 'apostrophe' is a reserved character in URLs and must be encoded as %27 to be included.  More info here: http://en.wikipedia.org/wiki/Percent-encoding
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Ray PaseurCommented:
I think the article has been published now.  Can you please show us an example of the issue?  I cannot find anything in the posted code that leads me to an understanding of exactly what is happening.  Is it because you have images named something like "bill's_photo.jpg?"
0
davideo7Author Commented:
Ray_Paseur: Exactly that.  An image titled "bill's_photo.jpg" would give me the problem.  I think it's actually a problem that can be fixed in the .htaccess file.  It appears that I can view the article now so I'll take a look.
0
Dave BaldwinFixer of ProblemsCommented:
"bill's_photo.jpg" still will not be a 'legal' URL...
0
davideo7Author Commented:
DaveBaldwin: What do you mean by that?
0
Ray PaseurCommented:
I think what DaveBaldwin may be getting at goes to the way that a string value with a quote or apostrophe made its way into your file name.  There are some things that are just axiomatic in computer programming, and using the correct character set (actually the correct, minimum character set) for file names is one of those things.  If you limit your file names to letters, numbers and the underscore you will have good file names that always make sense and always work correctly.  You can add the hyphen if you've got file names that contain ISO date representations.  If you start adding things like apostrophes, percent signs, etc., you will find that your HTML and PHP scripts must become more complicated in order to deal with these oddities.  So my instinct is to filter those sorts of things out of file names.  Here is a filter that might work for you.
$safe_filename = preg_replace('#[^/A-Z_0-9-\.]#i', NULL, $external_filename);

Open in new window

Finally, you need to be aware that Windows platforms are case-insensitive and Linux platforms are case-sensitive.  This might matter if you move your scripts from one to another.  You might also look at the PHP function filter_var().  HTH, ~Ray
0
Dave BaldwinFixer of ProblemsCommented:
I mean that in the 'rules' for creating URLs and file names, not all characters are allowed.  Read here http://en.wikipedia.org/wiki/Percent-encoding and here for Windows http://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx .  And here's the 'official' word if you want: http://www.ietf.org/rfc/rfc1738.txt
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.