Skip to content
Snippets Groups Projects

Increase JPG/PNG size to 800px

Merged Tyler R Lemburg requested to merge feature/issue-5 into develop
1 file
+ 1
1
Compare changes
  • Side-by-side
  • Inline
+ 1
1
@@ -231,7 +231,7 @@ class Lockup extends \ActiveRecord\Model {
@@ -231,7 +231,7 @@ class Lockup extends \ActiveRecord\Model {
$return_var = NULL;
$return_var = NULL;
exec('inkscape -h200 --export-png=' . $new_png . ' ' . $starting_svg . ' 2>&1', $backend_output, $return_var);
exec('inkscape -h800 --export-png=' . $new_png . ' ' . $starting_svg . ' 2>&1', $backend_output, $return_var);
    • Not really related to this specific PR, but I would look into escaping the parameters, $new_png and $starting_svg. It looks like the structure of $new_png does not allow for an injection attack, but $new_png is more vulnerable. While $new_png is being somewhat escaped by getOrganizationFilename(), there may still be room to improve. I'd suggest escapeshellarg() just to make sure. The same goes for all calls to exec.

Please register or sign in to reply
if ($return_var == 0) {
if ($return_var == 0) {
# attempt to write this to the DB
# attempt to write this to the DB
$file = fopen($new_png, 'r');
$file = fopen($new_png, 'r');
Loading