I just finished writing a class to manipulate images in PHP. It is based on PHP4, so there are some OOP features missing. No private/protected for example... everything is public >_<.

The documentation will detail what is private and what is public. So use them acccordingly If you find any bugs, or can suggest any improvements please feel free to tell me.

What you can do with this class:

• resize images
• convert to GIF/JPEG/PNG
• extract a portion of an image
• flip the image
• rotate the image
• add text to the image
• add a watermark to the image

Supports the following formats:

• GIF
• JPEG
• PNG

Requires:

• PHP 4.3.2+
• GD2 with FreeType support

Examples
You may take a look at the list of examples.
*Note: That server does not have FreeType support, so two of the examples won't show*

Documentation
http://hawks-eyrie.net/php/classes/graphic...ator/Image.html

My first try with phpDoc. Anyone with experience wanna teach me how to change the text on the index page?

Download

• Mirror 1 (local)
• Mirror 2 (international)

The zip file contains the class file, examples and documentation.

Hope you people will find this useful

PHP is not my realm, therefore I can't really comment much. Yet, I would still like to compliment you. Keep up the good work.

This post has been edited by anthony_yio: Jun 15 2006, 06:52 PM

Your constructor is... interesting.

I noticed that in your entire project you do not take account that your script will be a security vulnerability in the server it runs on. It could potentially reveal file locations where it has access to and even overwrite files by supplying malicious input (e.g. ../../../system32/notepad.exe). It gets worse if a front end author allows the user to upload their own files (e.g. executables). With the ability to change the file extension and arbitrarily choose the location to save it in, you are talking about potential nasty backdoors

I believe sanitization should be handled by your class instead of the frontend, since it is a single point of entry (instead of covering all the front ends, cover the backend).

That aside, the formatting of the code is excellent, and the documentation good. I am wondering why didn't you use PHP5, since you already know the OOP abilities of it.

Well, overall I think its not bad.

How is it interesting? lol
Sounds like you have something to say


Well, it is quite safe against malicious uploads. It will only handle GIF/JPEG/PNG files, any other file even with their extension changed will not work. The file data is obtained with the getimagesize() function. The mime-type is obtained from there, if it is a file "application/octet-stream" is returned, that is not within the allowed mime-types.

However you are right on the save path part, i will have to sanitise the input for that to make sure they don't go about overwritting files where they aren't supposed to. Will post an update soon, i also noticed a typo in the doc


On the most part because PHP5 isn't widely adopted on web hosts yet. Have to use what has the largest support, after all this will be used on my client's websites.


Thanks

Ah okay, I missed the save() function. I assumed that the file would still be saved to the targetted path even if you returned false in your constructor.

Also, you need to sanitize the input to the constructor so that your script doesn't leak information about a server (e.g. determine if a file exists/does not exist on the server by checking the error message).