Solved

PHP htaccess Watermark Apostrophe Problem

Posted on 2012-04-02
9
687 Views
Last Modified: 2012-04-29
I have a PHP script which places a watermark on images on my site.  The problem is, any image with an apostrophe in its URL no longer displays.  How can I modify my code so that this no longer happens?

Here's my code:
<?php
    
    /*
     * This script places a watermark on a given jpeg, png or gif image.
     */
    
      // loads a png, jpeg or gif image from the given file name
      function imagecreatefromfile($image_path) {
        // retrieve the type of the provided image file
        list($width, $height, $image_type) = getimagesize($image_path);
    
        // select the appropriate imagecreatefrom* function based on the determined
        // image type
        switch ($image_type)
        {
          case IMAGETYPE_GIF: return imagecreatefromgif($image_path); break;
          case IMAGETYPE_JPEG: return imagecreatefromjpeg($image_path); break;
          case IMAGETYPE_PNG: return imagecreatefrompng($image_path); break;
          default: return ''; break;
        }
      }
    
      // load source image to memory
      $image = imagecreatefromfile($_GET['image']);
      if (!$image) die('Unable to open image');
    
      // load watermark to memory
      $watermark = imagecreatefromfile($_GET['watermark']);
      if (!$image) die('Unable to open watermark');
    
      // calculate the position of the watermark in the output image (the
      // watermark shall be placed in the lower right corner)
      $watermark_pos_x = imagesx($image) - imagesx($watermark);
      $watermark_pos_y = imagesy($image) - imagesy($watermark);
    
      // merge the source image and the watermark
      imagecopy($image, $watermark,  $watermark_pos_x, $watermark_pos_y, 0, 0,
        imagesx($watermark), imagesy($watermark));
    
      // output watermarked image to browser
      header('Content-Type: image/jpeg');
      imagejpeg($image, '', 85);  // use best image quality (100)
    
      // remove the images from memory
      imagedestroy($image);
      imagedestroy($watermark);
    
    ?>

Open in new window


Not sure if this matters but here's my .htaccess code:
RewriteEngine on
    RewriteRule ^(.*\.(jp?g))$ /videogames/watermark.php?image=$1&watermark=watermark.png [NC]

Open in new window

0
Comment
Question by:davideo7
  • 3
  • 3
  • 3
9 Comments
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 37799175
Have a look at this article.  It may not be the perfect answer, but you may find an answer in the design pattern.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_10065-Adding-a-Watermark-to-an-Image.html
0
 

Author Comment

by:davideo7
ID: 37799180
Ray_Paseur: I get an error when visiting that URL:

"Permission Denied
This article is currently still in progress and yet to be approved."
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 37799662
I can see that article without any trouble.

An 'apostrophe' is a reserved character in URLs and must be encoded as %27 to be included.  More info here: http://en.wikipedia.org/wiki/Percent-encoding
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 109

Expert Comment

by:Ray Paseur
ID: 37801985
I think the article has been published now.  Can you please show us an example of the issue?  I cannot find anything in the posted code that leads me to an understanding of exactly what is happening.  Is it because you have images named something like "bill's_photo.jpg?"
0
 

Author Comment

by:davideo7
ID: 37804274
Ray_Paseur: Exactly that.  An image titled "bill's_photo.jpg" would give me the problem.  I think it's actually a problem that can be fixed in the .htaccess file.  It appears that I can view the article now so I'll take a look.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 37804312
"bill's_photo.jpg" still will not be a 'legal' URL...
0
 

Author Comment

by:davideo7
ID: 37805512
DaveBaldwin: What do you mean by that?
0
 
LVL 109

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 37805700
I think what DaveBaldwin may be getting at goes to the way that a string value with a quote or apostrophe made its way into your file name.  There are some things that are just axiomatic in computer programming, and using the correct character set (actually the correct, minimum character set) for file names is one of those things.  If you limit your file names to letters, numbers and the underscore you will have good file names that always make sense and always work correctly.  You can add the hyphen if you've got file names that contain ISO date representations.  If you start adding things like apostrophes, percent signs, etc., you will find that your HTML and PHP scripts must become more complicated in order to deal with these oddities.  So my instinct is to filter those sorts of things out of file names.  Here is a filter that might work for you.
$safe_filename = preg_replace('#[^/A-Z_0-9-\.]#i', NULL, $external_filename);

Open in new window

Finally, you need to be aware that Windows platforms are case-insensitive and Linux platforms are case-sensitive.  This might matter if you move your scripts from one to another.  You might also look at the PHP function filter_var().  HTH, ~Ray
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 250 total points
ID: 37807178
I mean that in the 'rules' for creating URLs and file names, not all characters are allowed.  Read here http://en.wikipedia.org/wiki/Percent-encoding and here for Windows http://msdn.microsoft.com/en-us/library/windows/desktop/aa365247%28v=vs.85%29.aspx .  And here's the 'official' word if you want: http://www.ietf.org/rfc/rfc1738.txt
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secureā€¦
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now