Apache + php gd, caching images paradigm_问答_开发者

Apache + php gd, caching images paradigm

开发者 https://www.devze.com 2023-01-30 03:34 出处：网络

please read this carefully, hope you can help me with my paradigm ;) Basic version, works like mint - - -

please read this carefully, hope you can help me with my paradigm ;)

Basic version, works like mint - - -

I have a php+gd script that generates an image from a given text, like so:

[img src="renderImage.php?text=John Doe" alt="Jonn Doe" /]

The output is an image that dispays pre-formated text on it. Let´s say 12px arial #000000

Then i add apache mod_rewrite to the equation, so that server try to access a cached image, and whether it wouldn´t existed, generate it through php script to get it generated (and saved as ¨John.png¨):

[img src="/images/cached/John Doe 2" alt="John Doe 2" /] <- this could be virtually t开发者_运维知识库ransformed to -> [img src="renderImage.php?text=John Doe" alt="Jonn Doe" /]

Now, the advanced version - - -

The issue comes with two things:

1.-Modifiying the php script with a more customizable api:

[img src="renderImage.php?text=John Doe&size=36&font=verdana&color=FFFFFF" alt="Jonn Doe" /]

2.-As we are saving the images with an excerpt of their ´text´ placeholder (e.g. renderImage.php?text=John Doe as John.png), when we get images with similar ´text´ placeholders we can get similar file names e.g.:

[img src="renderImage.php?text=John Doe&size=36&font=verdana&color=FFFFFF" alt="Jonn Doe" /]

[img src="renderImage.php?text=John Doe was here !size=24&font=tahoma&color=333333" alt="Jonn Doe" /]

Both will save as John.png !

*Finally, the paradigm - - - *

How do i fix this? i have come down to one solution: Saving the images in php, with specific encrypted-like names, as:

Pepe pecas|31/12/2010|9:57|72/arial/FFFFFF.png

Pepe pecas|31122010|9:57|72arialFFFFFF.png

And then access them in markup as:

*[img src="/images/cached/JohnDoe_24arial333333.png" alt="John Doe" /]*

Which will be tranformed by apache making use of mod_rewrite regex to:

[img src="renderImage.php?text=John Doe&size=24&font=arial&color=333333" alt="Jonn Doe" /]

WHAT DO YOU THINK?

Why not do an MD5 hash of the whole query string and name the image that. This would be a fairly easy way to see if that combination exists.

You're going to waste a heck of a lot of disk space cacheing images if you allow utterly arbitrary combinations. What's to stop a malicious user from cycling through all 4 billion possible color codes, font sizes 1-200, and however many font faces? That "one" image will end up having 800+ billion images on your drive.

Especially if this is a public-facing page. It'd be trivial to write a spider to hit all possible combinations. At minimal bandwidth cost to the user, they'd exhaust your disk space and keep your CPU pegged generating useless images.

@Marc B, i´ll intend to use it to generate headers [h1][/h1]

@niggles, well this could work, i´d also add the text properties to the hash calculation to make texts more unique.

And what about hidding the script from users´ direct execution?