From b08d30d04321023ecfbbd127bc40ac332e2f3a1c Mon Sep 17 00:00:00 2001 From: Sarjuuk Date: Mon, 28 Mar 2022 00:58:43 +0200 Subject: [PATCH] Screenshots/Crop * fixed coordinate filter broken after a8edf6c9123d0f45ead885bfee1388eb86296b0d --- includes/utilities.php | 2 +- pages/screenshot.php | 12 ++++++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/includes/utilities.php b/includes/utilities.php index 98d25b6d..ebaa856f 100644 --- a/includes/utilities.php +++ b/includes/utilities.php @@ -103,7 +103,7 @@ trait TrRequestData private static function checkIdListUnsigned(string $val) : array { - if (preg_match('/\d+(,\d+)*/', $val)) + if (preg_match('/^\d+(,\d+)*$/', $val)) return array_map('intVal', explode(',', $val)); return []; diff --git a/pages/screenshot.php b/pages/screenshot.php index 6335b42f..f31a3483 100644 --- a/pages/screenshot.php +++ b/pages/screenshot.php @@ -28,7 +28,7 @@ class ScreenshotPage extends GenericPage protected $imgHash = ''; protected $_post = array( - 'coords' => ['filter' => FILTER_CALLBACK, 'options' => 'GenericPage::checkIdListUnsigned'], + 'coords' => ['filter' => FILTER_CALLBACK, 'options' => 'ScreenshotPage::checkCoords'], 'screenshotalt' => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW] ); @@ -196,7 +196,7 @@ class ScreenshotPage extends GenericPage if (count($dims) != 4) return 3; - Util::checkNumeric($dims, NUM_REQ_INT); + Util::checkNumeric($dims, NUM_CAST_FLOAT); // actually crop the image $srcImg = imagecreatefromjpeg($fullPath); @@ -333,6 +333,14 @@ class ScreenshotPage extends GenericPage return $this->imgHash ? User::$displayName.'-'.$this->destType.'-'.$this->destTypeId.'-'.$this->imgHash : ''; } + protected static function checkCoords(string $val) : array + { + if (preg_match('/^[01]\.[0-9]{3}(,[01]\.[0-9]{3}){3}$/', $val)) + return explode(',', $val); + + return []; + } + protected function generatePath() : void { } protected function generateTitle() : void {