getimagesize()不支持使用HTTPS的PNG图像

时间:2016-04-15 05:16:38

标签: php getimagesize

我有这张图片:

  $imgurl = 'https://www.danmurphys.com.au/media/DM/Product/308x385/913411_0_9999_med_v1_m56577569854513142.png';

我已尝试过这两个代码

  1. $image = @getimagesize($imgurl);
print_r($image);

    2. 没有结果。

    请参阅下面的第二个案例,以函数getRanger

    开头 
    1. public static function getRanger($url){
    $headers = array(
    "Range: bytes=0-327680"
    );

    $curl = curl_init($url);
    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    $data = curl_exec($curl);
    curl_close($curl);
    return $data;
}

$raw    = self::getRanger($imgurl);
$im     = imagecreatefromstring($raw);

$width  = imagesx($im);
$height = imagesy($im);

echo $width;
echo $height;

      2. 两者都给我空洞的结果。你们当中有些人可以帮助我。

      提前致谢。

2 个答案:

答案 0 :(得分:1)

第二个就在那里。

我很确定调用

echo curl_error($curl);
curl执行后

会给你: SSL证书问题:无法获得本地颁发者证书

基本上有两种方法可以解决这个问题 -

正确的方式

https://curl.haxx.se/docs/caextract.html下载cacert.pem文件,将其保存在脚本可以到达的位置,并在curl_exec()之前添加以下行;致电

    // Add certification atuhority info
    curl_setopt($curl, CURLOPT_CAINFO, './path/to/cacert.pem');

请注意,这不适用于自签名SSL证书

快速修复

您可能希望SSL检查“松散”。 

    // disable SSL checks
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);

请注意,即使使用自签名SSL证书,此方法也可以使用,但这样做会被认为是不安全的。

答案 1 :(得分:1)

我知道自从这个答案被接受以来已经有一段时间了,但是它不太适合我的用例,所以我想添加这个。在OP的示例中,他们有一个HTTPS网址,其中包含未通过SSL检查的证书。就我而言,我正在使用TCPDF将HTML转换为PDF,其中HTML包含一个img标签,该标签通过自签名证书调用HTTPS服务器。 TCPDF硬编码对$img_size = @getimagesize()的调用,因此不能用某些自定义函数替换它。

1。自定义上下文(如果可能)

适用于接受上下文的函数,例如file_get_contents 

<?php
// Create a read context that disables peer verification when used
$context = stream_context_create(array(
    'ssl' => array(
        'verify_peer' => false,
        'verify_peer_name' => false,
    )
));

// The self-signed server URL
$url = 'https://domain.tld/doc.png';

// Make this the global default context
stream_context_set_default($context);
$content = file_get_contents($url);

// OR use in a specific function call without changing global context
$content = file_get_contents($url, false, $context);

2。流包装解决方案

使用GD库功能,包括getimagesize 

<?php
// Unregister existing https handling
stream_wrapper_unregister('https');

// Register the custom handler
stream_wrapper_register('https', "HttpsInsecureStream", STREAM_IS_URL);

/**
 * Content is read with CURL into a tmpfile that is deleted as soon as the stream is closed
 */
class HttpsInsecureStream {
    public $context = null;

    public function __construct() {
        $this->context = tmpfile();
    }

    public function stream_open($path,$mode,$options,&$opened_path){
        $curl = curl_init();
        curl_setopt($curl, CURLOPT_URL, $path);
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
        fwrite($this->context, curl_exec($curl));
        rewind($this->context);
        curl_close($curl);
        return true;
    }

    public function stream_stat() {
        return fstat($this->context);
    }

    public function stream_seek($seek_offset, $seek_whence) {
        return (fseek($this->context, $seek_offset, $seek_whence) === 0);
    }

    public function stream_tell(){
        return ftell($this->context);
    }

    public function stream_read($read_buffer_size){
        $result = fread($this->context, $read_buffer_size);
        return $result;
    }

    public function stream_write($write_data){
        return fwrite($this->context, $write_data);
    }

    public function stream_eof(){
        return feof($this->context);
    }

    public function stream_close () {
        return fclose($this->context);
    }

    public function stream_flush () {
        return fflush($this->context);
    }

    public function url_stat ($path ,$flags ) {
        return $this->stream_stat();
    }

    /* These functions are not implemented in this example, not sure if 
     * any of them make sense in the context of an HTTPS request.
     * Including them as a reference for the other handler functions that
     * are possible to implement in custom stream handler classes.
     */

    /*
    public function dir_closedir() { echo 1; return true; }
    public function dir_opendir ($path , $options ) { echo 2; return true; }
    public function dir_readdir () { echo 3; return true; }
    public function dir_rewinddir () { echo 4; return true; }
    public function mkdir ($path ,$mode ,$options ) { echo 5; return true; }
    public function rename ($path_from ,$path_to ) { echo 6; return true; }
    public function rmdir ($path ,$options ) { echo 7; return true; }

    public function stream_cast ($cast_as ) { echo 8; return $this->resource; }
    public function stream_lock ($operation ) { echo 'A'; return true; }
    public function stream_metadata ($path ,$option , mixed $value ) { echo 'B'; return true; }
    public function stream_set_option ($option ,$arg1 ,$arg2 ) { echo 'C'; return true; }
    public function stream_truncate ($new_size ) { echo 'D'; return true; }

    public function unlink ($path ) { echo 'E'; return true; }
    */
}

我想清楚的是,上面的示例展示了如何使其正常工作,但是不安全。我在开发服务器上使用它,如果必须在生产环境中使用,我会使用CURLOPT_CAINFO选项(请参阅上面的@Zenithies解决方案)。

参考:https://www.php.net/manual/en/class.streamwrapper.php

相关问题
最新问题