thanks for this...
I use watermark on the fly for some time and the process works well, why not to move him towards the Mods & Plugins (Publishing & Support) forum?
yeah... that would be great
How may I prevent the direct access to the watermark.php file? (for the moment when you call : http://your.domain.net/4images/watermark.php?image_id=xxx it shows 1 watermark pic)
i think about a line of code at the top of the watermark.php file to verifiy if the access is direct or from a file...
I've been using sessions to solve this... here's the solution:
File
page_header.php in includes folder:
Add this line somewhere at the beginning of the page_header.php file... I put it before $total_images = 0;
$_SESSION['_access_is_correct']="y";
As far as I could see, page_header.php is included in every page of the gallery, so what we do here is just registering a new session variable -> $_SESSION['_access_is_correct']... It doesn't mind the value you gave to it...
File watermark.php at the main root:
Well the final code would be like this:
watermark.php<?php
$nozip = 1;
$image_id = $_GET['image_id'];
define('ROOT_PATH', './');
define('GET_CACHES', 1);
include(ROOT_PATH.'global.php');
require(ROOT_PATH.'includes/sessions.php');
$user_access = get_permission();
//here we check if our session variable is set...
//if it's not, the pic is not shown
if(!isset($_SESSION['_access_is_correct']))
{
die("You are not allowed to see this page");
}
else
{
//if the variable is set, it means the user is accessing
//the image correctly, then we show it.
//but before showing the pic, we unset our variable for security reasons
$_SESSION['_access_is_correct']="";
unset($_SESSION['_access_is_correct']);
$watermark = "water.png";
if (!$image_id)
{
die("Security violation");
}
$sql = "SELECT cat_id, image_media_file, image_thumb_file
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
$cat_id = (isset($image_row['cat_id'])) ? $image_row['cat_id'] : 0;
$im = imagecreatefrompng($watermark);
$image = MEDIA_PATH."/".$cat_id."/".$image_row['image_media_file'];
$types = array(1 => "gif", 2 => "jpeg", 3 => "png");
if ($image_info = @getimagesize($image))
{
$image_create_handle = "imagecreatefrom".$types[$image_info[2]];
if (!$im2 = @$image_create_handle($image))
{
die("Error opening $image!");
}
imagecopy($im2, $im, (imagesx($im2)/100)-(imagesx($im)/100), (imagesy($im2)/100)-(imagesy($im)/100), 0, 0, imagesx($im), imagesy($im));
$waterless = imagesx($im2) - imagesx($im);
$rest = ceil($waterless/imagesx($im)/1);
for($n=1; $n<=$rest; $n++)
{
imagecopy($im2, $im, ((imagesx($im2)/100)-(imagesx($im)/100))-(imagesx($im)*$n), (imagesy($im2)/100)-(imagesy($im)/100), 0, 0, imagesx($im), imagesy($im));
imagecopy($im2, $im, ((imagesx($im2)/100)-(imagesx($im)/100))+(imagesx($im)*$n), (imagesy($im2)/100)-(imagesy($im)/100), 0, 0, imagesx($im), imagesy($im));
}
header("Content-Type: image/jpeg");
imagejpeg($im2);
imagedestroy($im);
imagedestroy($im2);
}
else
{
die("Error opening $image!");
$_SESSION['_access_is_correct']="";
unset($_SESSION['_access_is_correct']);
}
}
?>
Try it, and if you have any problems, post a new msg here
Best regards