Merge branch 'master' of https://github.com/savetheinternet/Tinyboard

inc/config.php

@@ -426,6 +426,9 @@
                                
 	$config['thumb_method'] = 'gd';
 	
+	// Strip EXIF metadata from JPEG files
+	$config['strip_exif'] = false;
+	
 	// Regular expression to check for IE MIME type detection XSS exploit. To disable, comment the line out
 	// https://github.com/savetheinternet/Tinyboard/issues/20
 	$config['ie_mime_type_detection'] = '/<(?:body|head|html|img|plaintext|pre|script|table|title|a href|channel|scriptlet)/i';

inc/image.php

@@ -175,6 +175,9 @@ class ImageImagick extends ImageBase {
 		}
 	}
 	public function to($src) {
+		if ($config['strip_exif']) {
+			$this->image->stripImage();
+		}
 		if (preg_match('/\.gif$/i', $src))
 			$this->image->writeImages($src, true);
 		else
@@ -245,9 +248,14 @@ class ImageConvert extends ImageBase {
 		}
 	}
 	public function to($src) {
+		global $config;
+		
 		if (!$this->temp) {
-			// $config['redraw_image']
-			shell_exec('convert ' . escapeshellarg($this->src) . ' ' . escapeshellarg($src));
+			if ($config['strip_exif']) {
+				shell_exec('convert ' . escapeshellarg($this->src) . ' -strip ' . escapeshellarg($src));
+			} else {
+				shell_exec('convert ' . escapeshellarg($this->src) . ' ' . escapeshellarg($src));
+			}
 		} else {
 			rename($this->temp, $src);
 			chmod($src, 0664);