add a token to fetch urls requiring image resize/crop to prevent external DDOS via fetch

2 files changed, 28 insertions, 0 deletions

diff --git a/inc/common.php b/inc/common.php
index 471eb91b5..27f90b53b 100644
--- a/inc/common.php
+++ b/inc/common.php
@@ -436,6 +436,10 @@ function exportlink($id = '', $format = 'raw', $more = '', $abs = false, $sep =
 function ml($id = '', $more = '', $direct = true, $sep = '&', $abs = false) {
     global $conf;
     if(is_array($more)) {
+        // add token for resized images
+        if($more['w'] || $more['h']){
+            $more['tok'] = media_get_token($id,$more['w'],$more['h']);
+        }
         // strip defaults for shorter URLs
         if(isset($more['cache']) && $more['cache'] == 'cache') unset($more['cache']);
         if(!$more['w']) unset($more['w']);
diff --git a/inc/media.php b/inc/media.php
index 2268ad877..7f2fd2d1d 100644
--- a/inc/media.php
+++ b/inc/media.php
@@ -1865,6 +1865,30 @@ function media_crop_image($file, $ext, $w, $h=0){
 }
 
 /**
+ * Calculate a token to be used to verify fetch requests for resized or
+ * cropped images have been internally generated - and prevent external
+ * DDOS attacks via fetch
+ *
+ * @param string  $id    id of the image
+ * @param int     $w     resize/crop width
+ * @param int     $h     resize/crop height
+ *
+ * @author Christopher Smith <chris@jalakai.co.uk>
+ */
+function media_get_token($id,$w,$h){
+    // token is only required for modified images
+    if ($w || $h) {
+        $token = auth_cookiesalt().$id;
+        if ($w) $token .= '.'.$w;
+        if ($h) $token .= '.'.$h;
+
+        return substr(md5($token),0,6);
+    }
+
+    return '';
+}
+
+/**
  * Download a remote file and return local filename
  *
  * returns false if download fails. Uses cached file if available and