From f7f6fa25eae77f430590924239ebd5639105495d Mon Sep 17 00:00:00 2001 From: alban Date: Fri, 22 Nov 2019 23:28:46 +0100 Subject: [PATCH] [fix] cosmetics && sec --- public/index.php | 400 ++++++++++++++++++++++----------------------- public/montage.php | 27 ++- 2 files changed, 210 insertions(+), 217 deletions(-) diff --git a/public/index.php b/public/index.php index 13ebe93..5c4a86c 100644 --- a/public/index.php +++ b/public/index.php @@ -1,32 +1,34 @@ soulless feelings"; $stampsImgList=scandir("../stamps"); foreach( $stampsImgList as $file ){ - if( strpos( "$file", ".") != 0 ){ - $name = ucwords(str_replace("_", " ",substr($file,0,-4))); - $stampsSelect .= ""; - } - } - + if( strpos( "$file", ".") != 0 ){ + $name = ucwords(str_replace("_", " ",substr($file,0,-4))); + $stampsSelect .= ""; + } + } + // Build the background images list $bgdImgList = scandir("../synthesis"); $randomKeys = array_rand( $bgdImgList , 13 ); $bgdSelect=""; foreach( $randomKeys as $key ){ - $file = $bgdImgList[ $key ]; - if( strpos( "$file", ".") != 0 ){ - $key = substr( $file, 11, -4 ); - $bgdArr[$key] ="../synthesis/".urlencode($file); + $file = $bgdImgList[ $key ]; + if( strpos( "$file", ".") != 0 ){ + $key = substr( $file, 11, -4 ); + $bgdArr[$key] ="../synthesis/".urlencode($file); - } - } + } + } uksort( $bgdArr, "strnatcasecmp"); - - $init_key = array_keys($bgdArr)[count($bgdArr)-1]; $first = array( $init_key => $bgdArr [ $init_key ] ); foreach( $bgdArr as $key => $val ){ - $bgdSelect .= ""; + $bgdSelect .= ""; } @@ -43,58 +45,59 @@ html{color:#000;background:#FFF}body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,code,form,fieldset,legend,input,textarea,p,blockquote,th,td{margin:0;padding:0}table{border-collapse:collapse;border-spacing:0}fieldset,img{border:0}address,caption,cite,code,dfn,em,strong,th,var{font-style:normal;font-weight:normal}ol,ul{list-style:none}caption,th{text-align:left}h1,h2,h3,h4,h5,h6{font-size:100%;font-weight:normal}q:before,q:after{content:''}abbr,acronym{border:0;font-variant:normal}sup{vertical-align:text-top}sub{vertical-align:text-bottom}input,textarea,select{font-family:inherit;font-size:inherit;font-weight:inherit}input,textarea,select{*font-size:100%}legend{color:#000}#yui3-css-stamp.cssreset{display:none} body { - font-size: 32px; - font-family: monospace; + font-size: 32px; + font-family: monospace; } * { -font-size: 32px; -color: #222; + font-size: 32px; + color: #222; } #container{ display:grid; position: relative; grid-template-areas: - "title" - "drawingArea" "menu" ; - } + "title" + "drawingArea" "menu" ; } #menu{ -grid-area: menu; + grid-area: menu; } #canvas{ -grid-area: drawingArea; + grid-area: drawingArea; } #title{ font-size: 1.6em; -grid-area: title; -color:red; + grid-area: title; + color:red; +} +dd{ + margin:32px; } -dd{margin:32px;} #canvas{ - user-select: none; + user-select: none; cursor: default; } .btn{ - text-decoration: none; - border: 1px solid #eee; - padding: 8px 16px; - border-radius: 24px; - color: inherit; - background: #ddd; + text-decoration: none; + border: 1px solid #eee; + padding: 8px 16px; + border-radius: 24px; + color: inherit; + background: #ddd; } @media (min-width: 1200px) { #container{ grid-template-areas: "title" "drawingArea" - "menu" - ; + "menu"; + } #canvas{ - position: absolute; - right: 10px; - top: 0px; + position: absolute; + right: 10px; + top: 0px; } #menu { position: absolute; @@ -106,103 +109,102 @@ dd{margin:32px;}
-

Your #HSF2020 flyer

- -
-
-
- +

Your #HSF2020 flyer

+ +
+
+
+ +
+ + +
- diff --git a/public/montage.php b/public/montage.php index 96c7746..23dc28f 100644 --- a/public/montage.php +++ b/public/montage.php @@ -5,29 +5,26 @@ $vertical = intval( $_POST['vertical'] ); $bgImage = basename( $_POST['bgImage'], ".jpg"); $landscape = intval( $_POST['landscape'] ); function panic( $msg ){ - header("HTTP/1.1 500 Internal Server Error"); - die( $msg ); + header("HTTP/1.1 500 Internal Server Error"); + die( $msg ); } if (strpos($img, 'data:image/png;base64') === 0) { - - $img = str_replace('data:image/png;base64,', '', $img); - $img = str_replace(' ', '+', $img); - $data = base64_decode($img); - $file = __DIR__.'/../a4/'.microtime(true).'_'.$bgImage.".png"; - - if ( ! file_put_contents($file, $data)) { - panic("Failed to save canvas"); - } - + $img = str_replace('data:image/png;base64,', '', $img); + $img = str_replace(' ', '+', $img); + $data = base64_decode($img); + $file = __DIR__.'/../a4/'.microtime(true).'_'.$bgImage.".png"; + if ( ! file_put_contents($file, $data)) { + panic("Failed to save canvas"); + } }else{ - panic("Not a valid image"); + panic("Not a valid image"); } $output = $return_code = NULL; -exec( __DIR__."/../page_generator.sh $file $horizontal $vertical $landscape" , $output, $return_code); +exec( __DIR__."/../page_generator.sh ".escapeshellargs($file)." ".escapeshellargs($horizontal)." ".escapeshellargs($vertical)." ".escapeshellargs($landscape) , $output, $return_code); if( 0 === $return_code ){ $pdf = basename(implode("", $output)); - echo( "https://2020.hackersfest.org//ImageGenerator/a4/".urlencode($pdf) ); + echo( "https://2020.hackersfest.org/ImageGenerator/a4/".urlencode($pdf) ); }else{ panic( implode(" / ", $output ) ); }