我的images目录中有以下.htaccess文件:
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^(.*)\.jpg /images/image.php?%{REQUEST_FILENAME}
处理请求的脚本:
<?php
/*
* Watermark module
* Uses ImageMagick lib
*
*/
// The name of the watermark image. Should be in the same directory
// as the image.php
define('WATERMARK_IMAGE', 'watermark.png');
// Watermark images with larger width than this value (pixel)
// Set to 0 (Zero) to watermark all images
define('WATERMARK_THRESHOLD_WIDTH', 218);
$filename = $_SERVER['QUERY_STRING'];
// If the requested file doesn't exist, return HTTP 404
// Should not happen, as the htaccess handles that
if (file_exists($filename))
{
// Get the last modified property of the source file for caching
$file_last_modified = filemtime($filename);
// Expirese in two months
$expires = time() + (60 * 24 * 60 * 60);
// Checking last modified date, if it's the same, then return 304 "Not Modified"
// No body response is generated.
if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])
&& strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= $file_last_modified)
{
header("HTTP/1.1 304 Not Modified");
}
else
{
$requested_image = new Imagick($filename);
// If the marker image doesn't exist, then return the original image
if (file_exists(WATERMARK_IMAGE))
{
$watermark = new Imagick(WATERMARK_IMAGE);
// Get original image's dimensions
$requested_image_width = $requested_image->getImageWidth();
$requested_image_height = $requested_image->getImageHeight();
// Get watermark image's dimensions
$watermark_width = $watermark->getImageWidth();
$watermark_height = $watermark->getImageHeight();
// Calculate watermark position
// Current position: center - center
$position_x = ($requested_image_width - $watermark_width)/2;
$position_y = ($requested_image_height - $watermark_height)/2;
// Only watermark images larger than the threshold
if ($requested_image_width > WATERMARK_THRESHOLD_WIDTH)
{
$requested_image->compositeImage($watermark, imagick::COMPOSITE_OVERLAY, $position_x, $position_y);
}
// Destroy the marker image
$watermark->destroy();
}
// Set the headers
header("Pragma: public");
header("Content-type: image/jpeg");
header("Expires: " . gmdate("D, d M Y H:i:s", $expires) . " GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s", $file_last_modified) . " GMT");
// Return the response image
echo $requested_image;
// Destroy the temporary image
$requested_image->destroy();
}
}
else
{
header('HTTP/1.1 404 Not Found');
}
/* End of file image.php */
/* Location: ./images/image.php */
我的网站在Apache网络服务器上运行,最近产生以下内容:
网站锁定,我无法加载任何页面5-8分钟。有时它会生成错误500或错误503,有时不会。错误日志在有问题的时间段内包含“脚本标题的过早结束”行。
这种情况每3-4天就会发生一次,但是一天中的时间会有所不同,它发生在周日早上和工作日下午。
我真诚的问题是: 这段代码中是否存在严重的问题/漏洞/漏洞可能导致我的问题? (我没有任何理由认为这个问题是由剧本引起的,没有证据,但我绝望而且没有想法。)