Skip to content

Instantly share code, notes, and snippets.

@m1m1s1ku

m1m1s1ku/imageproxyPhpBB.php

Last active August 26, 2017 13:07
Show Gist options
  • Save m1m1s1ku/b2aa26f5a2ce93d9bef88ace23a63625 to your computer and use it in GitHub Desktop.
Save m1m1s1ku/b2aa26f5a2ce93d9bef88ace23a63625 to your computer and use it in GitHub Desktop.
Download ZIP
Bulk change every (http posts) + (avatar / signature of phpbb users) by the same with https ! Thanks to https://developer.hootsuite.com/v1.0/docs/https-image-proxy
Raw
imageproxyPhpBB.php
<?php
$imageProxy = "https://d1r1anxoiubeog.cloudfront.net/";
$dbname = "";
$user = "";
$pass = "";
$dsn = "mysql:host=localhost;dbname=".$dbname;
$usersToChange = getEveryUserWithHttpAvatar($pdo, $imageProxy);
$countUsers = count($usersToChange);
//@Tool : Comment previous line and uncomment the next line to revert every user with hoot proxy
//$usersToChange = getEveryUserWithHootProxy($pdo);
echo "<h4>Step 1 : Avatars</h4>";
changeEveryAvatar($pdo, $usersToChange);
if($countUsers == 0) echo "Every avatar is secured 😁"; else echo "Done on " . $countUsers . " users";
echo "<hr><h4>Step 2 : Signatures</h4>";
processSignatures($pdo, $imageProxy);
echo "<hr><h4>Step 3 : Posts</h4>";
//processPosts($pdo, $imageProxy);
echo "<hr><p><b>All done !</b></p>";
/**
* Get every user with an http avatar
* @param PDO $pdo : PDOInstance
* @param String $imageProxy : URL of image proxy
* @return Array $usersToChange : Users to change
*/
function getEveryUserWithHttpAvatar(PDO $pdo, String $imageProxy) : Array {
$usersToChange = [];
foreach($pdo->query("select user_id, user_avatar from phpbb_users") as $row){
$url = parse_url($row["user_avatar"], PHP_URL_SCHEME);
if($url === 'http') {
$usersToChange[] = ["id" => $row["user_id"], "avatar" => $imageProxy . urlencode($row["user_avatar"])];
}
}
return $usersToChange;
}
/**
* Process every posts and replace unsafe images by proxifyed
* @param PDO $pdo : PDOInstance
* @param String $imageProxy : URL of image proxy
* @return void
*/
function processPosts(PDO $pdo, String $imageProxy) : void {
$postsToChange = [];
$matches = [];
foreach($pdo->query("select post_id, post_text from phpbb_posts") as $row){
$re = '/http:\/\/(?:[\w-]+\.)+[a-z]*(?:\/[^\/#?]+)+\.(?:jpe?g|gif|png|bmp)/m';
$str = $row['post_text'];
if($str != "<t></t>"){
preg_match_all($re, $str, $matches);
if(count($matches[0])){
$safeMatches = [];
foreach($matches[0] as $k => $match ){
$safeMatches[] = $imageProxy . urlencode($match);
}
$postsToChange[] = ['id' => $row['post_id'], 'unsafe' => $matches, 'safe' => $safeMatches, 'post' => $row['post_text'] ];
}
}
}
foreach($postsToChange as $i => $post){
foreach($post['unsafe'] as $v => $unsafe)
$post['post'] = str_replace($unsafe, $post['safe'][$v], $post['post']);
$params = [
':id' => $post['id'],
':post_text' => $post['post']
];
$sql = "UPDATE phpbb_posts SET post_text = :post_text WHERE post_id = :id;";
$status = $pdo->prepare($sql)->execute($params);
echo "<li> Done on post : " . $params[':id'] . "</li>";
}
if(count($postsToChange) === 0)
echo "Every post is secured 😬";
}
/**
* Process every signature containing an http image url and replace it with proxifyied
* @param PDO $pdo : PDOInstance
* @param String $imageProxy : URL of image proxy
* @return void
*/
function processSignatures(PDO $pdo, String $imageProxy) : void {
$usersToChange = [];
$matches = [];
foreach($pdo->query("select user_id, user_sig from phpbb_users") as $row){
$re = '/http:\/\/(?:[\w-]+\.)+[a-z]*(?:\/[^\/#?]+)+\.(?:jpe?g|gif|png|bmp)/m';
$str = $row['user_sig'];
if($str != "<t></t>"){
preg_match_all($re, $str, $matches);
if(count($matches[0])){
$safeMatches = [];
foreach($matches[0] as $k => $match ){
$safeMatches[] = $imageProxy . urlencode($match);
}
$usersToChange[] = ['id' => $row['user_id'], 'unsafe' => $matches, 'safe' => $safeMatches, 'sig' => $row['user_sig'] ];
}
}
}
foreach($usersToChange as $i => $user){
foreach($user['unsafe'] as $v => $unsafe)
$user['sig'] = str_replace($unsafe, $user['safe'][$v], $user['sig']);
$params = [
':id' => $user['id'],
':user_sig' => $user['sig']
];
$sql = "UPDATE phpbb_users SET user_sig = :user_sig WHERE user_id = :id;";
$status = $pdo->prepare($sql)->execute($params);
echo "<li> Done on user : " . $params[':id'] . "</li>";
}
if(count($usersToChange) === 0)
echo "Everyone is secured πŸš€";
}
/**
* Get every user with a proxifyied avatar image
* @param PDO $pdo : PDOInstance
* @param String $imageProxy : String URL of image proxy
* @return Array $usersToChange : Users to change
*/
function getEveryUserWithHootProxy(PDO $pdo, String $imageProxy) : Array {
$usersToChange = [];
foreach($pdo->query("select user_id, user_avatar from phpbb_users") as $row){
$url = parse_url($row["user_avatar"], PHP_URL_SCHEME);
$host = parse_url($row['user_avatar'], PHP_URL_HOST);
if($host === $imageProxy) {
$urlToRecover = urldecode($row["user_avatar"]);
$urlToRecover = str_replace($imageProxy, "", $urlToRecover);
$usersToChange[] = ["id" => $row["user_id"], "avatar" => $urlToRecover];
}
}
return $usersToChange;
}
/**
* Change every avatar
* @param Array $usersToChange : Users to change
* @return void
*/
function changeEveryAvatar(PDO $pdo, Array $usersToChange) : void {
echo "<ul>";
foreach($usersToChange as $user){
$params = [
':id' => $user['id'],
':user_avatar' => $user['avatar']
];
$sql = "UPDATE phpbb_users SET user_avatar = :user_avatar WHERE user_id = :id;";
$status = $pdo->prepare($sql)->execute($params);
echo "<li> done for " . $params[':id'] . "</li>";
}
echo "</ul>";
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment