_tpl = $objTPL; // Instantiate the environment data object $this->_dat = $objDAT; $this->allowed_form_data[] = "category"; $this->allowed_form_data[] = "imagefile"; $this->allowed_form_data[] = "name"; $this->allowed_form_data[] = "postcard_text"; $this->allowed_form_data[] = "font_name"; $this->allowed_form_data[] = "pu"; $this->allowed_form_data[] = "email"; $this->allowed_form_data[] = "recipient"; $this->allowed_form_data[] = "copysender"; // Load and decode form data $this->getFormData (); // Load remote image or an error page if an error has occurred if (!$this->loadRemoteImage()) { $this->_tpl->display('postcard.error.remote.html'); exit; } // Path to the resources directory $this->respath = POPC_BASE_PATH . "/resources"; // If the user has given a URL of an image to load, then go to the create card screen. if ($this->_dat->fetchGlobal('cmd') == "" && $this->pu != "") { $this->createCard(); } /* * * Choose the correct method to run based on the command issued * */ switch ($this->_dat->fetchGlobal('cmd')) { case "postcardImage": $this->postcardImage(); break; case "sendCard": $this->sendCard(); break; case "previewCard": $this->previewCard(); break; case "createCard": $this->createCard(); break; default: $this->showPopCardForm(); break; } } /* * This method shows the PopCard form for picking an image */ function showPopCardForm () { $this->_tpl->assign("next_page","st-kitts-postcard.php"); $this->_tpl->assign("cmd","edit"); $this->_tpl->assign("form_key",$this->form_key); $this->_tpl->assign("form_imagefile",$this->encryptInputName("imagefile")); $this->_tpl->assign("form_category",$this->encryptInputName("category")); $this->_tpl->display('postcard.01.html'); exit; } /* * This shows the form for setting up your card */ function createCard() { $this->_tpl->assign("next_page","st-kitts-postcard.php"); $this->_tpl->assign("cmd","preview"); $this->_tpl->assign("font_name",$this->font_name); $this->_tpl->assign("imagefile",$this->imagefile); $this->_tpl->assign("pu",$this->pu); $this->_tpl->assign("form_key",$this->form_key); $this->_tpl->assign("img_size",$this->getCardSize()); // Randomise form input names $this->_tpl->assign("form_imagefile",$this->encryptInputName("imagefile")); $this->_tpl->assign("form_pu",$this->encryptInputName("pu")); $this->_tpl->assign("form_category",$this->encryptInputName("category")); $this->_tpl->assign("form_name",$this->encryptInputName("name")); $this->_tpl->assign("form_font_name",$this->encryptInputName("font_name")); $this->_tpl->assign("form_email",$this->encryptInputName("email")); $this->_tpl->assign("form_recipient",$this->encryptInputName("recipient")); $this->_tpl->assign("form_postcard_text",$this->encryptInputName("postcard_text")); $this->_tpl->assign("form_copysender",$this->encryptInputName("copysender")); if ($this->pu != "") { $this->_tpl->assign("image_url","$this->script_name?cmd=postcardImage&".$this->encryptInputName("font_name")."=$this->font_name&".$this->encryptInputName("pu")."=$this->pu&".$this->encryptInputName("postcard_text")."=$postcard_text&form_key=$this->form_key"); } else { $this->_tpl->assign("image_url","$this->script_name?cmd=postcardImage&".$this->encryptInputName("font_name")."=$this->font_name&".$this->encryptInputName("imagefile")."=$this->imagefile&".$this->encryptInputName("postcard_text")."=$postcard_text&form_key=$this->form_key"); } $this->_tpl->display('postcard.02.html'); exit; } /* * */ function previewCard() { // URL encode the postcard text $postcard_text = urlencode($this->postcard_text); $this->_tpl->assign("next_page","st-kitts-postcard.php"); $this->_tpl->assign("cmd","send"); $this->_tpl->assign("font_name",$this->font_name); $this->_tpl->assign("imagefile",$this->imagefile); $this->_tpl->assign("postcard_text",$postcard_text); $this->_tpl->assign("pu",$this->pu); $this->_tpl->assign("from_name",$this->name); $this->_tpl->assign("email",$this->email); $this->_tpl->assign("recipient",$this->recipient); $this->_tpl->assign("form_key",$this->form_key); $this->_tpl->assign("img_size",$this->getCardSize()); $this->_tpl->assign("copysender",$this->copysender); // Randomise form input names $this->_tpl->assign("form_imagefile",$this->encryptInputName("imagefile")); $this->_tpl->assign("form_pu",$this->encryptInputName("pu")); $this->_tpl->assign("form_category",$this->encryptInputName("category")); $this->_tpl->assign("form_name",$this->encryptInputName("name")); $this->_tpl->assign("form_font_name",$this->encryptInputName("font_name")); $this->_tpl->assign("form_email",$this->encryptInputName("email")); $this->_tpl->assign("form_recipient",$this->encryptInputName("recipient")); $this->_tpl->assign("form_postcard_text",$this->encryptInputName("postcard_text")); $this->_tpl->assign("form_copysender",$this->encryptInputName("copysender")); if ($this->email == "" || $this->recipient == "" || $this->name == "" || !$this->validateEmail($this->recipient) || !$this->validateEmail($this->email)) { $this->_tpl->assign("checked",false); } else { $this->_tpl->assign("checked",true); } if ($this->pu != "") { $this->_tpl->assign("image_url","$this->script_name?cmd=postcardImage&".$this->encryptInputName("font_name")."=$this->font_name&".$this->encryptInputName("pu")."=$this->pu&".$this->encryptInputName("postcard_text")."=$postcard_text&form_key=$this->form_key"); } else { $this->_tpl->assign("image_url","$this->script_name?cmd=postcardImage&".$this->encryptInputName("font_name")."=$this->font_name&".$this->encryptInputName("imagefile")."=$this->imagefile&".$this->encryptInputName("postcard_text")."=$postcard_text&form_key=$this->form_key"); } $this->_tpl->display('postcard.03.html'); exit; } /* * */ function sendCard () { // URL encode the postcard text $postcard_text = $this->postcard_text; // If there is a recipient and sender e-mail address if ($this->recipient != "" && $this->email != "" && $this->validateEmail($this->email) && $this->validateEmail($this->recipient)) { $this->_tpl->assign("img_size",$this->getCardSize()); // Create the image and encode it as a base 64 text stream $this->imagedata = $this->outputPostcard($this->font_name,$this->imagefile,urldecode($postcard_text),$respath,"FILE"); $this->_tpl->assign("from_name",$this->name); // Send the email $this->sendEmail(); if ($this->pu != "") { $this->_tpl->assign("image_url","$this->script_name?cmd=postcardImage&".$this->encryptInputName("font_name")."=$this->font_name&".$this->encryptInputName("pu")."=$this->pu&".$this->encryptInputName("postcard_text")."=$postcard_text&form_key=$this->form_key"); } else { $this->_tpl->assign("image_url","$this->script_name?cmd=postcardImage&".$this->encryptInputName("font_name")."=$this->font_name&".$this->encryptInputName("imagefile")."=$this->imagefile&".$this->encryptInputName("postcard_text")."=$postcard_text&form_key=$this->form_key"); } $this->_tpl->display('postcard.04.html'); } else { print "No card data..."; } } /* * * * */ function getCardSize () { if ($this->remote_image) { // Create an image resource with the source photo $src_img = @getimagesize($this->image_path); } else { // Create an image resource with the source photo $src_img = @getimagesize(POPC_BASE_PATH."/resources/images/".$this->imagefile); } // Instead of using the aspect ratio of the original image, we are using the image title to // define the tan or brown postcard background $aspect_ratio = ($this->imagefile); // Insert code to use correct template if ($aspect_ratio == 'tan_1.jpg' || $aspect_ratio == 'tan_2.jpg' || $aspect_ratio == 'tan_3.jpg' || $aspect_ratio == 'tan_4.jpg' || $aspect_ratio == 'tan_5.jpg') { $template = POPC_BASE_PATH."resources/media/template_tan.jpg"; } elseif ($aspect_ratio == 'brown_1.jpg' || $aspect_ratio == 'brown_2.jpg' || $aspect_ratio == 'brown_3.jpg' || $aspect_ratio == 'brown_4.jpg') { $template = POPC_BASE_PATH."resources/media/template_brown.jpg"; } // Get the size of the template - useful for the HTML layouts $size = @getimagesize($template); return $size[3]; } /* * * * */ function postcardImage () { // Send the browser a JPEG image header header( "Content-Type: image/jpeg"); // Send the image data to the browser $this->outputPostcard($this->font_name,$this->imagefile,$this->postcard_text,$respath,"IMAGE"); } /* * * * */ function sendEmail() { require_once(POPC_BASE_PATH . "/resources/includes/class.phpmailer.php"); // Get the date and time $filename = time(); $image = $this->imagedata; $mail = new PHPMailer(); $mail->From = $this->email; $mail->FromName = $this->name; $mail->Subject = "$this->name has sent you a postcard from St. Kitts!"; $mail->AltBody = "To view the message, please use an HTML compatible email viewer!"; // optional, comment out and test $mail->AddEmbeddedImage($image, "image_file", "image.jpg"); $body = eregi_replace("[\]",'',$this->_tpl->fetch("postcard.email.html")); $mail->IsHTML(true); $mail->Body = $body; if (preg_match("/,/",$this->recipient)) { $addresses = explode(",", $this->recipient); if (is_array($addresses)) { foreach ($addresses as $key => $value) { $mail->ClearAddresses(); $mail->AddAddress(trim($value)); $mail->Send(); if ($key == 4) { break; } } } } else { $mail->AddAddress($this->recipient); $mail->Send(); } // If the sender requested a copy, then send one to them if ($this->copysender) { $mail->ClearAddresses(); $mail->AddAddress($this->email); $mail->Send(); } /* * If the admin has set an address to copy cards to then send a * copy of this card to the specified address */ if (POPC_COPY_TO != "" && $this->validateEmail(POPC_COPY_TO)) { $mail->ClearAddresses(); $mail->AddAddress(trim(POPC_COPY_TO)); $mail->Send(); } // If a remote image has been generated then destroy it $this->destroyRemoteImage(); } /* * * * */ function outputPostcard($font_name,$imagefile,$postcard_text,$respath,$output_method) { $quality = POPC_JPEG_QUALITY; $theimage = POPC_BASE_PATH."/resources/images/".$imagefile; if ($this->remote_image) { $theimage = $this->image_path; } // Create an image resource with the source photo $src_img = imagecreatefromjpeg($theimage); // The width of original image $src_width = imagesx($src_img); // The height of original image $src_height = imagesy($src_img); // The aspect ratio of the original image //$aspect_ratio = ($src_width / $src_height); // Instead of using the aspect ratio of the original image, we are using the image title to // define the tan or brown postcard background $aspect_ratio = ($this->imagefile); // Then assign values to the tan or brown backgrounds respectively if ($aspect_ratio=='tan_1.jpg' || $aspect_ratio=='tan_2.jpg' || $aspect_ratio=='tan_3.jpg' || $aspect_ratio=='tan_4.jpg' || $aspect_ratio=='tan_5.jpg') { $port = "FALSE"; $template = POPC_BASE_PATH."/resources/media/template_tan.jpg"; $blank = POPC_BASE_PATH."/resources/media/blank.01.jpg"; $imghgt = 400; $imgwdt = 620; $text_height = 195; } elseif ($aspect_ratio=='brown_1.jpg' || $aspect_ratio=='brown_2.jpg' || $aspect_ratio=='brown_3.jpg' || $aspect_ratio=='brown_4.jpg') { $port = "FALSE"; $template = POPC_BASE_PATH."/resources/media/template_brown.jpg"; $blank = POPC_BASE_PATH."/resources/media/blank.01.jpg"; $imghgt = 400; $imgwdt = 620; $text_height = 195; } // reduction ratio $rr = $imghgt / $src_height; // New image width $new_width = $rr * $src_width; // Check the version of GD set in the preferences if (POPC_GD2) { // Create a blank image space for the resized image $dest_img = imagecreatetruecolor($new_width,$imghgt); // Open the template file and create an image resource with it $template = imagecreatefromjpeg($template); // Resize the source picture to fit into the bounds of the template imagecopyresampled($dest_img, $src_img, 0, 0, 0 ,0, $new_width, $imghgt, $src_width, $src_height); } else { // Create a blank image space for the resized image $dest_img = imagecreatefromjpeg($blank); // Open the template file and create an image resource with it $template = imagecreatefromjpeg($template); // Resize the source picture to fit into the bounds of the template imagecopyresized($dest_img, $src_img, 0, 0, 0 ,0, $new_width, $imghgt, $src_width, $src_height); } // Copy the source image into the template image leaving a 1 pixel margin at the sides for the black border imagecopy ($template, $dest_img, 260, 0, 0, 0, $new_width, $imghgt); // Only continue of there is message text to work with. if ($postcard_text != "") { // Set the total width of the text box //$text_width = round($imgwdt - $new_width - 0); $text_width = 140; // Distance in pixels to place the text box from the left edge of the template $im_position = $new_width - 290; $im = $this->renderPostcard($postcard_text, $text_width, $text_height, $font_name); // Copy the text image into our template positioning it correctly in the box. imagecopy ($template, $im, $im_position, POPC_TEXT_OFFSET_TOP, 0, 0, $text_width, $text_height); } // Select the correct mode in which to send the image data if ($output_method == "BASE64") { $this_image = time(); $this_image_loc = POPC_TEMP_DIR . $this_image; imagejpeg($template, $this_image_loc, POPC_JPEG_QUALITY); $handle = fopen($this_image_loc,'rb'); $file_content = fread($handle,filesize($this_image_loc)); fclose($handle); $encoded = chunk_split(base64_encode($file_content)); unlink($this_image_loc); // If a remote image has been generated then destroy it $this->destroyRemoteImage(); return ($encoded); } elseif ($output_method == "IMAGE") { // If a remote image has been generated then destroy it $this->destroyRemoteImage(); return(imagejpeg($template, '', POPC_JPEG_QUALITY)); } elseif ($output_method == "FILE") { $filename = POPC_TEMP_DIR . md5(microtime()) . ".jpg"; imagejpeg($template, "$filename", POPC_JPEG_QUALITY); // If a remote image has been generated then destroy it $this->destroyRemoteImage(); return $filename; } } /* * * * */ function renderPostcard($text, $text_width, $text_height, $font_name) { // Load the imagettftextboxopt library require_once (POPC_BASE_PATH."/resources/includes/function.ttfbox.php"); // Path to the fonts directory $fontfile = POPC_BASE_PATH."/resources/fonts/$font_name"; // Set font sizes for each specific font family if ($font_name == "palatino.ttf") { $size = "12"; } elseif ($font_name == "bookman.ttf") { $size = "12"; } elseif ($font_name == "arialbd.ttf") { $size = "12"; } elseif ($font_name == "comicbd.ttf") { $size = "11"; } // Create an image $im = imagecreate($text_width,$text_height); // Instead of using the aspect ratio of the original image, we are using the image title to // define the tan or brown postcard background $aspect_ratio = ($this->imagefile); // Insert code to find image aspect ratio if ($aspect_ratio=='tan_1.jpg' || $aspect_ratio=='tan_2.jpg' || $aspect_ratio=='tan_3.jpg' || $aspect_ratio=='tan_4.jpg' || $aspect_ratio=='tan_5.jpg') { // Assign the image white colour space (background colour) $white = imagecolorallocate($im, 255,255,255); // Assign the image black colour space (text colour) $black = imagecolorallocate($im, 63,49,5); } elseif ($aspect_ratio=='brown_1.jpg' || $aspect_ratio=='brown_2.jpg' || $aspect_ratio=='brown_3.jpg' || $aspect_ratio=='brown_4.jpg') { // Assign the image white colour space (background colour) $white = imagecolorallocate($im, 65,48,0); // Assign the image black colour space (text colour) $black = imagecolorallocate($im, 255,255,255); // This is a light tan text color for over brown. Switched to white (above) // $black = imagecolorallocate($im, 220,195,151); } // Assign the image white colour space (background colour) //$white = imagecolorallocate($im, 255,255,255); // Assign the image black colour space (text colour) //$black = imagecolorallocate($im, 0,0,0); //$blue = imagecolorallocate($im, 12,66,175); $text = preg_replace("/"/","\"",$text); // Write the text into our blank image as anti-aliased text. imagettftextboxopt($im, $size, 0, 0, 20, $black, $fontfile, $text, array("width"=>$text_width-5,"height"=>$text_height,"line_height"=>20,"orientation"=>array(20,0))); return $im; imagedestroy($im); } /* * * Converts character-values > 127 (both: UTF-8 + ANSI) to HTML's numeric coded entities * */ function convertUTF8_NCE($utf) { if ($utf == '') { return $utf8; } $max_count = 5; // flag-bits in $max_mark ( 1111 1000 == 5 times 1) $max_mark = 248; // marker for a (theoretical ;-)) 5-byte-char and mask for a 4-byte-char; $html = ''; for($str_pos = 0; $str_pos < strlen($utf); $str_pos++) { $old_chr = $utf{$str_pos}; $old_val = ord( $utf{$str_pos} ); $new_val = 0; $utf8_marker = 0; // skip non-utf-8-chars if( $old_val > 127 ) { $mark = $max_mark; for($byte_ctr = $max_count; $byte_ctr > 2; $byte_ctr--) { // actual byte is utf-8-marker? if( ( $old_val & $mark ) == ( ($mark << 1) & 255 ) ) { $utf8_marker = $byte_ctr - 1; break; } $mark = ($mark << 1) & 255; } } // marker found: collect following bytes if($utf8_marker > 1 and isset( $utf{$str_pos + 1} ) ) { $str_off = 0; $new_val = $old_val & (127 >> $utf8_marker); for($byte_ctr = $utf8_marker; $byte_ctr > 1; $byte_ctr--) { // check if following chars are UTF8 additional data blocks // UTF8 and ord() > 127 if( (ord($utf{$str_pos + 1}) & 192) == 128 ) { $new_val = $new_val << 6; $str_off++; // no need for Addition, bitwise OR is sufficient // 63: more UTF8-bytes; 0011 1111 $new_val = $new_val | ( ord( $utf{$str_pos + $str_off} ) & 63 ); } // no UTF8, but ord() > 127 // nevertheless convert first char to NCE else { $new_val = $old_val; } } // build NCE-Code $html .= '&#'.$new_val.';'; // Skip additional UTF-8-Bytes $str_pos = $str_pos + $str_off; } else { $html .= chr($old_val); $new_val = $old_val; } } return($html); } /* * * validateEmail -- Check an e-mail address is formatted corrrectly * * string validateEmail(string email) * * If email matches correct valid e-mail address return FALSE * * if email does NOT match correct valid e-mail address return FALSE * */ function validateEmail ($email) { if (preg_match("/,/",$email)) { $addresses = explode(",", $email); if (is_array($addresses)) { foreach ($addresses as $key => $value) { if (!preg_match("/^[\w\.=-]+@[\w\.-]+\.[\w]{2,5}$/",trim($value))) { return false; } } } } else { if (!preg_match("/^[\w\.=-]+@[\w\.-]+\.[\w]{2,5}$/",$email)) { return false; } } return true; } /* * * * */ function loadRemoteImage () { if (trim($this->pu) == "") { return true; } elseif (trim($this->pu) != "" && ( (POPC_REMOTE_IMAGES && POPC_REMOTE_URL == "") || (POPC_REMOTE_URL != "" && preg_match("/^".preg_replace("/\//","\\/",POPC_REMOTE_URL)."/i",$this->pu)) )) { $this->remote_image = true; $pu = $this->pu; $handle = fopen ($pu, "rb"); $contents = ""; do { $data = fread($handle, 200000); if (strlen($data) == 0) { break; } $contents .= $data; } while(true); fclose ($handle); // Create a temporary file on disk $time = time(); // -- Put image data into the temp file $fp = fopen(POPC_TEMP_DIR . $time, "w"); fwrite($fp,$contents); fclose($fp); // Load Image from Disk with GD library $this->image_path = POPC_TEMP_DIR . $time; return true; } else { return false; } } /* * * * */ function encryptInputName ($field_name) { if ($this->form_key == "") { $this->form_key = md5(uniqid()); } return md5($this->form_key . POPC_ENCRYPTION_SALT . $field_name); } /* * * * */ function getFormData () { $this->setFormKey(); /* * Process all form data and match with allowed vars */ if (is_array($this->allowed_form_data)) { $data = array_merge($_GET, $_POST); foreach ($this->allowed_form_data as $key => $value) { foreach ($data as $post_key => $post_value) { if (md5($this->form_key . POPC_ENCRYPTION_SALT . $value) == $post_key) { ${$value} = $this->_dat->fetchGlobal($post_key); } } } } // Load text which needs to be cleaned $this->category = stripslashes($category); $this->imagefile = stripslashes($imagefile); $this->name = stripslashes($name); $this->postcard_text = stripslashes($postcard_text); // Clean up the postcard text $this->send_text = ereg_replace('"','"',$postcard_text); $this->card_text = ereg_replace('"','"',$postcard_text); // Load other data $this->font_name = $font_name; $this->pu = $pu; $this->email = $email; $this->recipient = $recipient; if ($copysender || $copysender == "on") { $this->copysender = (bool)true; } else { $this->copysender = (bool)false; } // The only variable which can come in raw is a remote URL the first time it's loaded if ($this->_dat->fetchGlobal('pu') != "") { $this->pu = $this->_dat->fetchGlobal('pu'); } } /* * * * */ function setFormKey () { /* * Set a form key if none has been set */ $form_key = $this->_dat->fetchGlobal('form_key'); // If there's no form_key, then generate one if ($form_key == "") { $form_key = substr(md5( time() . POPC_ENCRYPTION_SALT ), 0 ,5) . "|" .time(); $this->form_key = $form_key; // If there is a form_key, check it's valid and hasn't expired } else { $data = explode("|",$form_key); $hash = $data[0]; $original_time = $data[1]; // Check if data has been tampered with if (substr(md5( $original_time . POPC_ENCRYPTION_SALT ), 0 ,5) != $hash) { // Show an error message $this->_tpl->display("postcard.error.html"); exit; // Else check if the time the process was started is more than 10 minutes } elseif ( (time() - $original_time) > POPC_TIMEOUT ) { // Show an error message $this->_tpl->display("postcard.error.html"); exit; } else { $this->form_key = $form_key; } } } /* * * Removes the remote image saved for this card * */ function destroyRemoteImage () { if (file_exists($this->image_path)) { unlink($this->image_path); } } } ?>