Putting comments inside an image

Soldato
Joined
12 Jun 2005
Posts
5,361
Yes its possible using the imagettftext function...

You have to link the font directly.

Example:

Code:
<?php

$destination_image = imagecreatefromgif('image.gif');
$size_of_text = 14;
$angle_of_text = 0;
$x_axis_of_text = 15;
$y_axis_of_text = 10;
$colour_of_text = imagecolorallocate($im, 0, 0, 0);
$font_of_text = "font.ttf";
$actual_text = "string of text here";

imagettftext($destination_image, $size_of_text, $angle_of_text, $x_axis_of_text, $y_axis_of_text, $colour_of_text, $font_of_text, $actual_text);

//*show image *//

?>
 
Last edited:
Associate
OP
Joined
30 Dec 2005
Posts
415
Conrad11 said:
Yes its possible using the imagettftext function...

You have to link the font directly.

Example:

Code:
<?php

$destination_image = imagecreatefromgif('image.gif');
$size_of_text = 14;
$angle_of_text = 0;
$x_axis_of_text = 15;
$y_axis_of_text = 10;
$colour_of_text = imagecolorallocate($im, 0, 0, 0);
$font_of_text = "font.ttf";
$actual_text = "string of text here";

imagettftext($destination_image, $size_of_text, $angle_of_text, $x_axis_of_text, $y_axis_of_text, $colour_of_text, $font_of_text, $actual_text);

//*show image *//

?>

That would actually put the text inside the image wouldn't it.. so it's visible to the user? What i'm after is actually putting comments inside the actual file, so you can only view them by opening the gif image in say, notepad.

Sorry for not explaining clearly what I need!
 
Associate
OP
Joined
30 Dec 2005
Posts
415
It's to do with a license system i'm making...

The main site has the ability to alter any files on the client sites. I thought it'd be a good and subtle way to suspend account using images.
E.g.
A license is valid if clear.gif has the following properties...1px x 1px, transparent background, certain file size etc..
A license is not valid if clear.gif has any altered properties, which basically means my script has suspended the account by recreating that gif file.

I can then remotely open that gif file which would contain all the user details in the comments.

I thought if it revolved around a PHP file or a database value to say whether the account has been suspended, the user might catch on and change it. I thought using an image would be a more subtle way of doing it.

It's hard to explain, but it's working so far!
 
Associate
OP
Joined
30 Dec 2005
Posts
415
Conrad11 said:
Sorry if i have got this worng from your explaination....but coulnd't people just open the gif to see the user details?

There are no actual important user details... just the username, domain and date of registration. I just thought storing these details in an image would be more likely to not be detected than having PHP open a connection to the master site to send the details..
 
Man of Honour
Joined
31 Jan 2004
Posts
16,335
Location
Plymouth
Ok, I'll spell it out. You don't really want the ability to alter any files anywhere, do you? Because that means...

The script must have some sort of "accept and execute this remote command" ability but ok, it only works from your server right? What if the server's DNS was poisoned so it accepted the commands from, say Russia instead?

Or - even worse - if your systems got broken into. Hello, botnet :) :)

In short it's a bad idea :eek:
 
Associate
OP
Joined
30 Dec 2005
Posts
415
Beansprout said:
Ok, I'll spell it out. You don't really want the ability to alter any files anywhere, do you? Because that means...

The script must have some sort of "accept and execute this remote command" ability but ok, it only works from your server right? What if the server's DNS was poisoned so it accepted the commands from, say Russia instead?

Or - even worse - if your systems got broken into. Hello, botnet :) :)

In short it's a bad idea :eek:

Ah crap :(

The idea of that facility was to be able to update the main system files without the user having to do it. All they would have to do is click "update" next to each file they want to update.

Maybe I could do it the other way round then...an XML from the master site which lets the client sites know what updates/plugins are available. The user then chooses which updates/plugins they want to install.
It could use file_get_contents() to read the a text file on the master site, which stores the PHP code. It then overwrites/creates the new files.
Would that be better or is it still a no?
 
Back
Top Bottom