Changeset 95515 in spip-zone


Ignore:
Timestamp:
Feb 26, 2016, 2:48:08 PM (3 years ago)
Author:
p@…
Message:

Dompdf 6.2 (dernière version stable)

Ce patch corrige des failles de sécurité de la lib.
Voir: https://github.com/dompdf/dompdf/releases/tag/v0.6.2

Location:
_plugins_/dompdf/trunk/lib/dompdf
Files:
4 deleted
22 edited

Legend:

Unmodified
Added
Removed
  • _plugins_/dompdf/trunk/lib/dompdf/README.md

    r83929 r95515  
     1[![Latest Stable Version](https://poser.pugx.org/dompdf/dompdf/v/stable.png)](https://packagist.org/packages/dompdf/dompdf) [![Total Downloads](https://poser.pugx.org/dompdf/dompdf/downloads.png)](https://packagist.org/packages/dompdf/dompdf) [![Latest Unstable Version](https://poser.pugx.org/dompdf/dompdf/v/unstable.png)](https://packagist.org/packages/dompdf/dompdf) [![License](https://poser.pugx.org/dompdf/dompdf/license.png)](https://packagist.org/packages/dompdf/dompdf)
     2
    13**dompdf is an HTML to PDF converter**.
    24At its heart, dompdf is (mostly) [CSS 2.1](http://www.w3.org/TR/CSS2/) compliant
     
    5658The [DejaVu TrueType fonts](http://dejavu-fonts.org) have been pre-installed to
    5759give dompdf decent Unicode character coverage by default. To use the DejaVu
    58 fonts reference the font in your stylesheet, e.g. `body { font-family: Deja Vu
     60fonts reference the font in your stylesheet, e.g. `body { font-family: DejaVu
    5961Sans; }` (for DejaVu Sans).
    6062
     
    6769
    6870```sh
    69 git clone https://github.com/dompdf/dompdf.git
     71git clone https://github.com/dompdf/dompdf.git .
    7072git submodule init
    7173git submodule update
     
    126128 * CSS float is not supported (but is in the works, enable it through the
    127129   `DOMPDF_ENABLE_CSS_FLOAT` configuration constant).
    128  * If you find this project useful, please consider making a donation.
    129 
     130 
     131If you find this project useful, please consider making a donation.
    130132(Any funds donated will be used to help further development on this project.)   
    131133[![Donate button](https://www.paypal.com/en_US/i/btn/btn_donate_SM.gif)](http://goo.gl/DSvWf)
  • _plugins_/dompdf/trunk/lib/dompdf/dompdf.php

    • Property svn:executable set to *
    r83929 r95515  
    130130$options = array();
    131131
     132$dompdf = new DOMPDF();
     133
    132134switch ( $sapi ) {
    133135
     
    169171      $outfile = "dompdf_out.pdf";
    170172    else
    171       $outfile = str_ireplace(array(".html", ".htm", ".php"), "", $file) . ".pdf";
     173      $outfile = str_ireplace(array(".html", ".htm"), "", $file) . ".pdf";
    172174  }
    173175
     
    194196 default:
    195197
     198  $dompdf->set_option('enable_php', false);
     199 
    196200  if ( isset($_GET["input_file"]) )
    197201    $file = rawurldecode($_GET["input_file"]);
     
    220224  $file_parts = explode_url($file);
    221225 
    222   /* Check to see if the input file is local and, if so, that the base path falls within that specified by DOMDPF_CHROOT */
    223   if(($file_parts['protocol'] == '' || $file_parts['protocol'] === 'file://')) {
    224     $file = realpath($file);
    225     if ( strpos($file, DOMPDF_CHROOT) !== 0 ) {
    226       throw new DOMPDF_Exception("Permission denied on $file. The file could not be found under the directory specified by DOMPDF_CHROOT.");
    227     }
    228   }
    229  
    230   if($file_parts['protocol'] === 'php://') {
    231     throw new DOMPDF_Exception("Permission denied on $file. This script does not allow PHP streams.");
    232   }
    233  
    234226  $outfile = "dompdf_out.pdf"; # Don't allow them to set the output file
    235227  $save_file = false; # Don't save the file
     
    237229  break;
    238230}
    239 
    240 $dompdf = new DOMPDF();
    241231
    242232if ( $file === "-" ) {
  • _plugins_/dompdf/trunk/lib/dompdf/dompdf_config.custom.inc.php

    r83929 r95515  
    1 <?php
     1<?php
     2// Please refer to dompdf_config.inc.php for details on each configuration option.
     3
    24//define("DOMPDF_TEMP_DIR", "/tmp");
    3 //define("DOMPDF_CHROOT", DOMPDF_DIR);
    45//define("DOMPDF_FONT_DIR", DOMPDF_DIR."/lib/fonts/");
    56//define("DOMPDF_FONT_CACHE", DOMPDF_DIR."/lib/fonts/");
     
    1011//define("DOMPDF_DEFAULT_FONT", "serif");
    1112//define("DOMPDF_DPI", 72);
    12 //define("DOMPDF_ENABLE_PHP", true);
    13 //define("DOMPDF_ENABLE_REMOTE", true);
    1413//define("DOMPDF_ENABLE_CSS_FLOAT", true);
    1514//define("DOMPDF_ENABLE_JAVASCRIPT", false);
     
    2726//define("DOMPDF_ENABLE_FONTSUBSETTING", true);
    2827
    29 // DOMPDF authentication
     28// Authentication for the dompdf/www
    3029//define("DOMPDF_ADMIN_USERNAME", "user");
    3130//define("DOMPDF_ADMIN_PASSWORD", "password");
     31
     32/**
     33 * Attention!
     34 * The following settings may increase the risk of system exploit.
     35 * Do not change these settings without understanding the consequences.
     36 * Additional documentation is available on the dompdf wiki at:
     37 * https://github.com/dompdf/dompdf/wiki
     38 */
     39//define("DOMPDF_CHROOT", DOMPDF_DIR);
     40//define("DOMPDF_ENABLE_PHP", false);
     41//define("DOMPDF_ENABLE_REMOTE", false);
  • _plugins_/dompdf/trunk/lib/dompdf/dompdf_config.inc.php

    r83929 r95515  
    66 * @author  Helmut Tischer <htischer@weihenstephan.org>
    77 * @author  Fabien Ménager <fabien.menager@gmail.com>
    8  * @autho   Brian Sweeney <eclecticgeek@gmail.com>
     8 * @author   Brian Sweeney <eclecticgeek@gmail.com>
    99 * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
    1010 */
     
    247247 * inline PHP contained within <script type="text/php"> ... </script> tags.
    248248 *
     249 * Attention!
    249250 * Enabling this for documents you do not trust (e.g. arbitrary remote html
    250  * pages) is a security risk.  Set this option to false if you wish to process
    251  * untrusted documents.
     251 * pages) is a security risk. Inline scripts are run with the same level of
     252 * system access available to dompdf. Set this option to false (recommended)
     253 * if you wish to process untrusted documents.
    252254 *
    253255 * @var bool
  • _plugins_/dompdf/trunk/lib/dompdf/include/abstract_renderer.cls.php

    r83929 r95515  
    101101    //$img_w = imagesx($src); $img_h = imagesy($src);
    102102
    103     list($img_w, $img_h) = dompdf_getimagesize($img);
     103    list($img_w, $img_h) = dompdf_getimagesize($img, $this->_dompdf->get_http_context());
    104104    if (!isset($img_w) || $img_w == 0 || !isset($img_h) || $img_h == 0) {
    105105      return;
  • _plugins_/dompdf/trunk/lib/dompdf/include/cpdf_adapter.cls.php

    r83929 r95515  
    605605
    606606  function image($img, $x, $y, $w, $h, $resolution = "normal") {
    607     list($width, $height, $type) = dompdf_getimagesize($img);
     607    list($width, $height, $type) = dompdf_getimagesize($img, $this->_dompdf->get_http_context());
    608608   
    609609    $debug_png = $this->_dompdf->get_option("debug_png");
  • _plugins_/dompdf/trunk/lib/dompdf/include/dompdf.cls.php

    r83929 r95515  
    185185   */
    186186  private $_quirksmode = false;
     187 
     188  /**
     189   * Protocol whitelist
     190   *
     191   * Protocols and PHP wrappers allowed in URLs. Full support is not
     192   * guarantee for the protocols/wrappers contained in this array.
     193   *
     194   * @var array
     195   */
     196  private $_allowed_protocols = array(null, "", "file://", "http://", "https://");
     197 
     198  /**
     199   * Local file extension whitelist
     200   *
     201   * File extensions supported by dompdf for local files.
     202   *
     203   * @var array
     204   */
     205  private $_allowed_local_file_extensions = array("htm", "html");
    187206
    188207  /**
     
    475494    }
    476495
     496    if ( !in_array($this->_protocol, $this->_allowed_protocols) ) {
     497      throw new DOMPDF_Exception("Permission denied on $file. The communication protocol is not supported.");
     498    }
     499   
    477500    if ( !$this->get_option("enable_remote") && ($this->_protocol != "" && $this->_protocol !== "file://" ) ) {
    478501      throw new DOMPDF_Exception("Remote file requested, but DOMPDF_ENABLE_REMOTE is false.");
     
    483506      // Get the full path to $file, returns false if the file doesn't exist
    484507      $realfile = realpath($file);
    485       if ( !$realfile ) {
    486         throw new DOMPDF_Exception("File '$file' not found.");
    487       }
    488508
    489509      $chroot = $this->get_option("chroot");
     
    491511        throw new DOMPDF_Exception("Permission denied on $file. The file could not be found under the directory specified by DOMPDF_CHROOT.");
    492512      }
    493 
    494       // Exclude dot files (e.g. .htaccess)
    495       if ( substr(basename($realfile), 0, 1) === "." ) {
     513     
     514      $ext = pathinfo($realfile, PATHINFO_EXTENSION);
     515      if (!in_array($ext, $this->_allowed_local_file_extensions)) {
    496516        throw new DOMPDF_Exception("Permission denied on $file.");
    497517      }
    498 
     518     
     519      if ( !$realfile ) {
     520        throw new DOMPDF_Exception("File '$file' not found.");
     521      }
     522           
    499523      $file = $realfile;
    500524    }
    501 
     525   
    502526    $contents = file_get_contents($file, null, $this->_http_context);
    503527    $encoding = null;
  • _plugins_/dompdf/trunk/lib/dompdf/include/font_metrics.cls.php

    r83929 r95515  
    218218  static function save_font_families() {
    219219    // replace the path to the DOMPDF font directories with the corresponding constants (allows for more portability)
    220     $cache_data = var_export(self::$_font_lookup, true);
    221     $cache_data = str_replace('\''.DOMPDF_FONT_DIR , 'DOMPDF_FONT_DIR . \'' , $cache_data);
    222     $cache_data = str_replace('\''.DOMPDF_DIR , 'DOMPDF_DIR . \'' , $cache_data);
    223     $cache_data = "<"."?php return $cache_data ?".">";
     220    $cache_data = sprintf("<?php return array (%s", PHP_EOL);
     221    foreach (self::$_font_lookup as $family => $variants) {
     222      $cache_data .= sprintf("  '%s' => array(%s", addslashes($family), PHP_EOL);
     223      foreach ($variants as $variant => $path) {
     224        $path = sprintf("'%s'", $path);
     225        $path = str_replace('\'' . DOMPDF_FONT_DIR , 'DOMPDF_FONT_DIR . \'' , $path);
     226        $path = str_replace('\'' . DOMPDF_DIR , 'DOMPDF_DIR . \'' , $path);
     227        $cache_data .= sprintf("    '%s' => %s,%s", $variant, $path, PHP_EOL);
     228      }
     229      $cache_data .= sprintf("  ),%s", PHP_EOL);
     230    }
     231    $cache_data .= ") ?>";
    224232    file_put_contents(self::CACHE_FILE, $cache_data);
    225233  }
     
    250258    }
    251259   
    252     self::$_font_lookup = require_once self::CACHE_FILE;
     260    $cache_data = require_once self::CACHE_FILE;
    253261   
    254262    // If the font family cache is still in the old format
     
    256264      $cache_data = file_get_contents(self::CACHE_FILE);
    257265      file_put_contents(self::CACHE_FILE, "<"."?php return $cache_data ?".">");
    258       self::$_font_lookup = require_once self::CACHE_FILE;
     266      $cache_data = require_once self::CACHE_FILE;
     267    }
     268   
     269    self::$_font_lookup = array();
     270    foreach ($cache_data as $key => $value) {
     271      self::$_font_lookup[stripslashes($key)] = $value;
    259272    }
    260273   
     
    319332  }
    320333 
    321   static function register_font($style, $remote_file) {
     334  static function register_font($style, $remote_file, $context = null) {
    322335    $fontname = mb_strtolower($style["family"]);
    323336    $families = Font_Metrics::get_font_families();
     
    329342   
    330343    $local_file = DOMPDF_FONT_DIR . md5($remote_file);
     344    $local_temp_file = DOMPDF_TEMP_DIR . "/" . md5($remote_file);
    331345    $cache_entry = $local_file;
    332346    $local_file .= ".ttf";
     
    337351      $entry[$style_string] = $cache_entry;
    338352     
    339       Font_Metrics::set_font_family($fontname, $entry);
    340      
    341353      // Download the remote file
    342       if ( !is_file($local_file) ) {
    343         file_put_contents($local_file, file_get_contents($remote_file));
    344       }
    345      
    346       $font = Font::load($local_file);
     354      file_put_contents($local_temp_file, file_get_contents($remote_file, null, $context));
     355     
     356      $font = Font::load($local_temp_file);
    347357     
    348358      if (!$font) {
     359        unlink($local_temp_file);
    349360        return false;
    350361      }
     
    353364      $font->saveAdobeFontMetrics("$cache_entry.ufm");
    354365     
     366      unlink($local_temp_file);
     367     
     368      if ( !file_exists("$cache_entry.ufm") ) {
     369        return false;
     370      }
     371     
    355372      // Save the changes
     373      file_put_contents($local_file, file_get_contents($remote_file, null, $context));
     374      Font_Metrics::set_font_family($fontname, $entry);
    356375      Font_Metrics::save_font_families();
    357376    }
  • _plugins_/dompdf/trunk/lib/dompdf/include/functions.inc.php

    r83929 r95515  
    129129 */
    130130function build_url($protocol, $host, $base_path, $url) {
    131   if ( strlen($url) == 0 ) {
     131  $protocol = mb_strtolower($protocol);
     132  if (strlen($url) == 0) {
    132133    //return $protocol . $host . rtrim($base_path, "/\\") . "/";
    133134    return $protocol . $host . $base_path;
    134135  }
    135 
    136136  // Is the url already fully qualified or a Data URI?
    137   if ( mb_strpos($url, "://") !== false || mb_strpos($url, "data:") === 0 ) {
     137  if (mb_strpos($url, "://") !== false || mb_strpos($url, "data:") === 0) {
    138138    return $url;
    139139  }
    140 
    141140  $ret = $protocol;
    142 
    143   if ( !in_array(mb_strtolower($protocol), array("http://", "https://", "ftp://", "ftps://")) ) {
     141  if (!in_array(mb_strtolower($protocol), array("http://", "https://", "ftp://", "ftps://"))) {
    144142    //On Windows local file, an abs path can begin also with a '\' or a drive letter and colon
    145143    //drive: followed by a relative path would be a drive specific default folder.
    146144    //not known in php app code, treat as abs path
    147145    //($url[1] !== ':' || ($url[2]!=='\\' && $url[2]!=='/'))
    148     if ( $url[0] !== '/' && (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN' || ($url[0] !== '\\' && $url[1] !== ':')) ) {
     146    if ($url[0] !== '/' && (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN' || ($url[0] !== '\\' && $url[1] !== ':'))) {
    149147      // For rel path and local acess we ignore the host, and run the path through realpath()
    150       $ret .= realpath($base_path).'/';
     148      $ret .= realpath($base_path) . '/';
    151149    }
    152150    $ret .= $url;
     
    154152    return $ret;
    155153  }
    156 
    157   //remote urls with backslash in html/css are not really correct, but lets be genereous
    158   if ( $url[0] === '/' || $url[0] === '\\' ) {
     154  // Protocol relative urls (e.g. "//example.org/style.css")
     155  if (strpos($url, '//') === 0) {
     156    $ret .= substr($url, 2);
     157    //remote urls with backslash in html/css are not really correct, but lets be genereous
     158  } elseif ($url[0] === '/' || $url[0] === '\\') {
    159159    // Absolute path
    160160    $ret .= $host . $url;
    161   }
    162   else {
     161  } else {
    163162    // Relative path
    164163    //$base_path = $base_path !== "" ? rtrim($base_path, "/\\") . "/" : "";
    165164    $ret .= $host . $base_path . $url;
    166165  }
    167 
    168166  return $ret;
    169 
    170 }
     167}
     168
    171169
    172170/**
     
    184182
    185183  $arr = parse_url($url);
    186 
     184  if ( isset($arr["scheme"])) {
     185    $arr["scheme"] == mb_strtolower($arr["scheme"]);
     186  }
     187 
    187188  // Exclude windows drive letters...
    188189  if ( isset($arr["scheme"]) && $arr["scheme"] !== "file" && strlen($arr["scheme"]) > 1 ) {
     
    230231  else {
    231232
    232     $i = mb_strpos($url, "file://");
     233    $i = mb_stripos($url, "file://");
    233234    if ( $i !== false ) {
    234235      $url = mb_substr($url, $i + 7);
     
    398399    function mb_strpos($haystack, $needle, $offset = 0) {
    399400      return strpos($haystack, $needle, $offset);
     401    }
     402  }
     403 
     404  if (!function_exists('mb_stripos')) {
     405    function mb_stripos($haystack, $needle, $offset = 0) {
     406      return stripos($haystack, $needle, $offset);
    400407    }
    401408  }
     
    749756 * @return array The same format as getimagesize($filename)
    750757 */
    751 function dompdf_getimagesize($filename) {
     758function dompdf_getimagesize($filename, $context = null) {
    752759  static $cache = array();
    753760 
     
    759766 
    760767  if ( $width == null || $height == null ) {
    761     $data = file_get_contents($filename, null, null, 0, 26);
     768    $data = file_get_contents($filename, null, $context, 0, 26);
    762769   
    763770    if ( substr($data, 0, 2) === "BM" ) {
     
    10061013}
    10071014
    1008 if ( function_exists("curl_init") ) {
    1009   function DOMPDF_fetch_url($url, &$headers = null) {
    1010     $ch = curl_init($url);
    1011     curl_setopt($ch, CURLOPT_TIMEOUT, 10);
    1012     curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
    1013     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    1014     curl_setopt($ch, CURLOPT_HEADER, true);
    1015    
    1016     $data = curl_exec($ch);
    1017     $raw_headers = substr($data, 0, curl_getinfo($ch, CURLINFO_HEADER_SIZE));
    1018     $headers = preg_split("/[\n\r]+/", trim($raw_headers));
    1019     $data = substr($data, curl_getinfo($ch, CURLINFO_HEADER_SIZE));
    1020     curl_close($ch);
    1021    
    1022     return $data;
    1023   }
    1024 }
    1025 else {
    1026   function DOMPDF_fetch_url($url, &$headers = null) {
    1027     $data = file_get_contents($url);
    1028     $headers = $http_response_header;
    1029    
    1030     return $data;
    1031   }
    1032 }
    10331015
    10341016/**
  • _plugins_/dompdf/trunk/lib/dompdf/include/gd_adapter.cls.php

    r83929 r95515  
    554554   */
    555555  function image($img_url, $x, $y, $w, $h, $resolution = "normal") {
    556     $img_type = Image_Cache::detect_type($img_url);
     556    $img_type = Image_Cache::detect_type($img_url, $this->_dompdf->get_http_context());
    557557    $img_ext  = Image_Cache::type_to_ext($img_type);
    558558
  • _plugins_/dompdf/trunk/lib/dompdf/include/image_cache.cls.php

    r83929 r95515  
    4646   */
    4747  static function resolve_url($url, $protocol, $host, $base_path, DOMPDF $dompdf) {
     48    $protocol = mb_strtolower($protocol);
    4849    $parsed_url = explode_url($url);
    4950    $message = null;
     
    8586          else {
    8687            set_error_handler("record_warnings");
    87             $image = file_get_contents($full_url);
     88            $image = file_get_contents($full_url, null, $dompdf->get_http_context());
    8889            restore_error_handler();
    8990          }
     
    119120      // Check is the file is an image
    120121      else {
    121         list($width, $height, $type) = dompdf_getimagesize($resolved_url);
     122        list($width, $height, $type) = dompdf_getimagesize($resolved_url, $dompdf->get_http_context());
    122123       
    123124        // Known image type
     
    139140      $resolved_url = self::$broken_image;
    140141      $type = IMAGETYPE_PNG;
    141       $message = $e->getMessage()." \n $url";
     142      $message = "Image not found or type unknown";
     143      $_dompdf_warnings[] = $e->getMessage()." :: $url";
    142144    }
    143145
     
    160162  }
    161163 
    162   static function detect_type($file) {
    163     list(, , $type) = dompdf_getimagesize($file);
     164  static function detect_type($file, $context = null) {
     165    list(, , $type) = dompdf_getimagesize($file, $context);
    164166    return $type;
    165167  }
  • _plugins_/dompdf/trunk/lib/dompdf/include/image_frame_reflower.cls.php

    r83929 r95515  
    4242    if (DEBUGPNG) {
    4343      // Determine the image's size. Time consuming. Only when really needed?
    44       list($img_width, $img_height) = dompdf_getimagesize($this->_frame->get_image_url());
     44      list($img_width, $img_height) = dompdf_getimagesize($this->_frame->get_image_url(), $this->get_dompdf()->get_http_context());
    4545      print "get_min_max_width() ".
    4646        $this->_frame->get_style()->width.' '.
     
    105105    if ($width == 0 || $height == 0) {
    106106      // Determine the image's size. Time consuming. Only when really needed!
    107       list($img_width, $img_height) = dompdf_getimagesize($this->_frame->get_image_url());
     107      list($img_width, $img_height) = dompdf_getimagesize($this->_frame->get_image_url(), $this->get_dompdf()->get_http_context());
    108108     
    109109      // don't treat 0 as error. Can be downscaled or can be catched elsewhere if image not readable.
  • _plugins_/dompdf/trunk/lib/dompdf/include/list_bullet_image_frame_decorator.cls.php

    r83929 r95515  
    4949    $this->_img = new Image_Frame_Decorator($frame, $dompdf);
    5050    parent::__construct($this->_img, $dompdf);
    51     list($width, $height) = dompdf_getimagesize($this->_img->get_image_url());
     51    list($width, $height) = dompdf_getimagesize($this->_img->get_image_url(), $dompdf->get_http_context());
    5252
    5353    // Resample the bullet image to be consistent with 'auto' sized images
  • _plugins_/dompdf/trunk/lib/dompdf/include/list_bullet_renderer.cls.php

    r83929 r95515  
    142142      //$w = $frame->get_width();
    143143      //$h = $frame->get_height();
    144       list($width, $height) = dompdf_getimagesize($img);
     144      list($width, $height) = dompdf_getimagesize($img, $this->_dompdf->get_http_context());
    145145      $dpi = $this->_dompdf->get_option("dpi");
    146146      $w = ((float)rtrim($width, "px") * 72) / $dpi;
  • _plugins_/dompdf/trunk/lib/dompdf/include/pdflib_adapter.cls.php

    r83929 r95515  
    771771    $h = (int)$h;
    772772
    773     $img_type = Image_Cache::detect_type($img_url);
     773    $img_type = Image_Cache::detect_type($img_url, $this->_dompdf->get_http_context());
    774774    $img_ext  = Image_Cache::type_to_ext($img_type);
    775775
  • _plugins_/dompdf/trunk/lib/dompdf/include/stylesheet.cls.php

    r83929 r95515  
    12511251      );
    12521252     
    1253       if ( !$source["local"] && in_array($source["format"], array("", "woff", "opentype", "truetype")) ) {
     1253      if ( !$source["local"] && in_array($source["format"], array("", "truetype")) ) {
    12541254        $valid_sources[] = $source;
    12551255      }
     
    12691269    );
    12701270   
    1271     Font_Metrics::register_font($style, $valid_sources[0]["path"]);
     1271    Font_Metrics::register_font($style, $valid_sources[0]["path"], $this->_dompdf->get_http_context());
    12721272  }
    12731273
  • _plugins_/dompdf/trunk/lib/dompdf/lib/class.pdf.php

    r83929 r95515  
    750750
    751751        $res = "<</Length " . mb_strlen($stream, '8bit') . " >>\n";
    752         $res .= "stream\n" . $stream . "endstream";
     752        $res .= "stream\n" . $stream . "\nendstream";
    753753
    754754        $this->objects[$toUnicodeId]['c'] = $res;
     
    18761876      $cont = $this->$tmp($k, 'out');
    18771877      $content.= $cont;
    1878       $xref[] = $pos;
     1878      $xref[] = $pos+1; //+1 to account for \n at the start of each object
    18791879      $pos+= mb_strlen($cont, '8bit');
    18801880    }
     
    24272427          $list = array(
    24282428            'Ascent' => 'Ascender',
    2429             'CapHeight' => 'CapHeight',
     2429            'CapHeight' => 'Ascender', //FIXME: php-font-lib is not grabbing this value, so we'll fake it and use the Ascender value // 'CapHeight'
    24302430            'MissingWidth' => 'MissingWidth',
    24312431            'Descent' => 'Descender',
  • _plugins_/dompdf/trunk/lib/dompdf/load_font.php

    • Property svn:executable set to *
  • _plugins_/dompdf/trunk/lib/dompdf/www/debugger.php

    r83929 r95515  
    1 <?php
     1<?php
     2require_once "functions.inc.php";
     3
     4$allowed_hosts = array("::1", "127.0.0.1");
     5if( !auth_ok() || !in_array($_SERVER['REMOTE_ADDR'], $allowed_hosts) ) {
     6  die("Access denied to host at " . $_SERVER['REMOTE_ADDR']);
     7}
     8
     9
    210$files = glob("test/*.{html,htm,php}", GLOB_BRACE);
    311?>
     
    715<head>
    816  <title>dompdf debugger</title>
     17  <meta name="robots" content="noindex">
    918  <script type="text/javascript" src="jquery-1.4.2.js"></script>
    1019 
  • _plugins_/dompdf/trunk/lib/dompdf/www/demo.php

    r83929 r95515  
    77$is_local = in_array($_SERVER['REMOTE_ADDR'], $local);
    88
    9 if ( isset( $_POST["html"] ) && $is_local ) {
     9if ( auth_ok() && $is_local && isset( $_POST["html"] ) ) {
    1010
    1111  if ( get_magic_quotes_gpc() )
     
    2828<h2>Demo</h2>
    2929
    30 <?php if ($is_local) { ?>
     30<?php if (auth_ok() && $is_local) { ?>
    3131
    3232<p>Enter your html snippet in the text box below to see it rendered as a
     
    8080  </p>
    8181 
     82  <?php echo auth_get_link(); ?>
     83
    8284<?php } ?>
    8385
  • _plugins_/dompdf/trunk/lib/dompdf/www/head.inc

    r83929 r95515  
    11<?php
     2$allowed_hosts = array("::1", "127.0.0.1");
     3if( !in_array($_SERVER['REMOTE_ADDR'], $allowed_hosts) ) {
     4  die("Access denied to host at " . $_SERVER['REMOTE_ADDR']);
     5}
    26
    37session_start();
     
    2226  <title>dompdf - The PHP 5 HTML to PDF Converter</title>
    2327  <link rel="stylesheet" href="style.css" type="text/css"/>
     28  <meta name="robots" content="noindex">
    2429  <link rel="SHORTCUT ICON" href="images/favicon.ico"/>
    2530  <script type="text/javascript" src="jquery-1.4.2.js"></script>
  • _plugins_/dompdf/trunk/lib/dompdf/www/setup.php

    r83929 r95515  
    11<?php include("head.inc"); ?>
     2
     3<?php
     4if (auth_ok()) {
     5?>
    26
    37<a name="setup"> </a>
     
    297301</table>
    298302
     303<?php
     304} else {
     305  echo auth_get_link();
     306}
     307?>
     308
     309
    299310
    300311<?php include("foot.inc"); ?>
Note: See TracChangeset for help on using the changeset viewer.