1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Putting comments inside an image

Discussion in 'HTML, Graphics & Programming' started by toastyman, 27 May 2006.

  1. toastyman

    Gangster

    Joined: 30 Dec 2005

    Posts: 421

    Hey to all,

    Just wondering if anyone knows whether its possible to put comments inside a gif image using PHP?
     
  2. Conrad11

    Soldato

    Joined: 12 Jun 2005

    Posts: 5,362

    Yes its possible using the imagettftext function...

    You have to link the font directly.

    Example:

    Code:
    <?php
    
    $destination_image = imagecreatefromgif('image.gif');
    $size_of_text = 14;
    $angle_of_text = 0;
    $x_axis_of_text = 15;
    $y_axis_of_text = 10;
    $colour_of_text = imagecolorallocate($im, 0, 0, 0);
    $font_of_text = "font.ttf";
    $actual_text = "string of text here";
    
    imagettftext($destination_image, $size_of_text, $angle_of_text, $x_axis_of_text, $y_axis_of_text, $colour_of_text, $font_of_text, $actual_text);
    
    //*show image *//
    
    ?>
    
     
    Last edited: 27 May 2006
  3. toastyman

    Gangster

    Joined: 30 Dec 2005

    Posts: 421

    That would actually put the text inside the image wouldn't it.. so it's visible to the user? What i'm after is actually putting comments inside the actual file, so you can only view them by opening the gif image in say, notepad.

    Sorry for not explaining clearly what I need!
     
  4. Beansprout

    Man of Honour

    Joined: 31 Jan 2004

    Posts: 16,313

    Location: Plymouth

    Oooh, I get to use a fancy word now :)

    What you're talking about is Steganography, the art of concealing information within other information. There's a list of some tools here and I'd guess that Wikipedia page also has lots of useful info.
     
  5. toastyman

    Gangster

    Joined: 30 Dec 2005

    Posts: 421

    Excellent thanks. Just gotta find out if PHP can do this Steganography stuff.

    Cheers
     
  6. Beansprout

    Man of Honour

    Joined: 31 Jan 2004

    Posts: 16,313

    Location: Plymouth

    "PHP steganography" gave me this: http://puremango.co.uk/php_steg_src.txt

    Not entirely sure why you'd want to do it, though, and it's also not as simple as text which is just visible from Notepad.

    It depends....I can't remember any links I used to know about Steganography, or any of the techniques...it was a while ago that I looked at it all :)
     
  7. Conrad11

    Soldato

    Joined: 12 Jun 2005

    Posts: 5,362

    Cant you just encrypt a message?....why would you want to hide it in a image file?
     
  8. toastyman

    Gangster

    Joined: 30 Dec 2005

    Posts: 421

    It's to do with a license system i'm making...

    The main site has the ability to alter any files on the client sites. I thought it'd be a good and subtle way to suspend account using images.
    E.g.
    A license is valid if clear.gif has the following properties...1px x 1px, transparent background, certain file size etc..
    A license is not valid if clear.gif has any altered properties, which basically means my script has suspended the account by recreating that gif file.

    I can then remotely open that gif file which would contain all the user details in the comments.

    I thought if it revolved around a PHP file or a database value to say whether the account has been suspended, the user might catch on and change it. I thought using an image would be a more subtle way of doing it.

    It's hard to explain, but it's working so far!
     
  9. Beansprout

    Man of Honour

    Joined: 31 Jan 2004

    Posts: 16,313

    Location: Plymouth

    That sounds like a really, really, really insecure idea :very bad: o.O :eek: :eek: :alarm:
     
    Last edited: 27 May 2006
  10. toastyman

    Gangster

    Joined: 30 Dec 2005

    Posts: 421

    Why?
     
  11. Conrad11

    Soldato

    Joined: 12 Jun 2005

    Posts: 5,362

    Sorry if i have got this worng from your explaination....but coulnd't people just open the gif to see the user details?
     
  12. toastyman

    Gangster

    Joined: 30 Dec 2005

    Posts: 421

    There are no actual important user details... just the username, domain and date of registration. I just thought storing these details in an image would be more likely to not be detected than having PHP open a connection to the master site to send the details..
     
  13. Beansprout

    Man of Honour

    Joined: 31 Jan 2004

    Posts: 16,313

    Location: Plymouth

    "The main site has the ability to alter any files on the client sites" :eek: :eek:
     
  14. robmiller

    Capodecina

    Joined: 26 Dec 2003

    Posts: 16,522

    Location: London

    Security through obscurity is awesome :cool:
     
  15. toastyman

    Gangster

    Joined: 30 Dec 2005

    Posts: 421

    Well you can't say it wouldn't be unique lol
     
  16. Beansprout

    Man of Honour

    Joined: 31 Jan 2004

    Posts: 16,313

    Location: Plymouth

    Ok, I'll spell it out. You don't really want the ability to alter any files anywhere, do you? Because that means...

    The script must have some sort of "accept and execute this remote command" ability but ok, it only works from your server right? What if the server's DNS was poisoned so it accepted the commands from, say Russia instead?

    Or - even worse - if your systems got broken into. Hello, botnet :) :)

    In short it's a bad idea :eek:
     
  17. toastyman

    Gangster

    Joined: 30 Dec 2005

    Posts: 421

    Ah crap :(

    The idea of that facility was to be able to update the main system files without the user having to do it. All they would have to do is click "update" next to each file they want to update.

    Maybe I could do it the other way round then...an XML from the master site which lets the client sites know what updates/plugins are available. The user then chooses which updates/plugins they want to install.
    It could use file_get_contents() to read the a text file on the master site, which stores the PHP code. It then overwrites/creates the new files.
    Would that be better or is it still a no?