m1m1s1ku/imageproxyPhpBB.php

## imageproxyPhpBB.php
<?php
$imageProxy = "https://d1r1anxoiubeog.cloudfront.net/";

$dbname = "";
$user = "";
$pass = "";
$dsn = "mysql:host=localhost;dbname=".$dbname;

$usersToChange = getEveryUserWithHttpAvatar($pdo, $imageProxy);
$countUsers = count($usersToChange);

//@Tool : Comment previous line and uncomment the next line to revert every user with hoot proxy
//$usersToChange = getEveryUserWithHootProxy($pdo);

echo "<h4>Step 1 : Avatars</h4>";
changeEveryAvatar($pdo, $usersToChange);
if($countUsers == 0) echo "Every avatar is secured 😁"; else echo "Done on " . $countUsers . " users";

echo "<hr><h4>Step 2 : Signatures</h4>";
processSignatures($pdo, $imageProxy);

echo "<hr><h4>Step 3 : Posts</h4>";
//processPosts($pdo, $imageProxy);

echo "<hr><p><b>All done !</b></p>";

/**
* Get every user with an http avatar
* @param PDO $pdo : PDOInstance
* @param String $imageProxy : URL of image proxy
* @return Array $usersToChange : Users to change
*/
function getEveryUserWithHttpAvatar(PDO $pdo, String $imageProxy) : Array {
    $usersToChange = [];
    foreach($pdo->query("select user_id, user_avatar from phpbb_users") as $row){
        $url = parse_url($row["user_avatar"], PHP_URL_SCHEME);
        if($url === 'http') {
            $usersToChange[] = ["id" => $row["user_id"], "avatar" => $imageProxy . urlencode($row["user_avatar"])];
        }
    }
    return $usersToChange;
}

/**
* Process every posts and replace unsafe images by proxifyed
* @param PDO $pdo : PDOInstance
* @param String $imageProxy : URL of image proxy
* @return void
*/
function processPosts(PDO $pdo, String $imageProxy) : void {
    $postsToChange = [];
    $matches = [];
    foreach($pdo->query("select post_id, post_text from phpbb_posts") as $row){
        $re = '/http:\/\/(?:[\w-]+\.)+[a-z]*(?:\/[^\/#?]+)+\.(?:jpe?g|gif|png|bmp)/m';
        $str = $row['post_text'];
        if($str != "<t></t>"){
            preg_match_all($re, $str, $matches);
            if(count($matches[0])){
                $safeMatches = [];
                foreach($matches[0] as $k => $match ){
                    $safeMatches[] = $imageProxy . urlencode($match);
                }
                $postsToChange[] = ['id' => $row['post_id'], 'unsafe' => $matches, 'safe' => $safeMatches, 'post' => $row['post_text'] ];
            }
        }
    }

    foreach($postsToChange as $i => $post){
        foreach($post['unsafe'] as $v => $unsafe)
            $post['post'] = str_replace($unsafe, $post['safe'][$v], $post['post']);

        $params = [
            ':id' => $post['id'],
            ':post_text' => $post['post']
        ];
        $sql = "UPDATE phpbb_posts SET post_text = :post_text WHERE post_id = :id;";
        $status = $pdo->prepare($sql)->execute($params);
        echo "<li> Done on post : " . $params[':id'] . "</li>";
    }

    if(count($postsToChange) === 0)
        echo "Every post is secured 😬";
}

/**
* Process every signature containing an http image url and replace it with proxifyied
* @param PDO $pdo : PDOInstance
* @param String $imageProxy : URL of image proxy
* @return void
*/
function processSignatures(PDO $pdo, String $imageProxy) : void {
    $usersToChange = [];
    $matches = [];
    foreach($pdo->query("select user_id, user_sig from phpbb_users") as $row){
        $re = '/http:\/\/(?:[\w-]+\.)+[a-z]*(?:\/[^\/#?]+)+\.(?:jpe?g|gif|png|bmp)/m';
        $str = $row['user_sig'];
        if($str != "<t></t>"){
            preg_match_all($re, $str, $matches);
            if(count($matches[0])){
                $safeMatches = [];
                foreach($matches[0] as $k => $match ){
                    $safeMatches[] = $imageProxy . urlencode($match);
                }
                $usersToChange[] = ['id' => $row['user_id'], 'unsafe' => $matches, 'safe' => $safeMatches, 'sig' => $row['user_sig'] ];
            }
        }
    }

    foreach($usersToChange as $i => $user){
        foreach($user['unsafe'] as $v => $unsafe)
            $user['sig'] = str_replace($unsafe, $user['safe'][$v], $user['sig']);

        $params = [
            ':id' => $user['id'],
            ':user_sig' => $user['sig']
        ];
        $sql = "UPDATE phpbb_users SET user_sig = :user_sig WHERE user_id = :id;";
        $status = $pdo->prepare($sql)->execute($params);
        echo "<li> Done on user : " . $params[':id'] . "</li>";
    }

    if(count($usersToChange) === 0)
        echo "Everyone is secured 🚀";
}

/**
* Get every user with a proxifyied avatar image
* @param PDO $pdo : PDOInstance
* @param String $imageProxy : String URL of image proxy
* @return Array $usersToChange : Users to change
*/
function getEveryUserWithHootProxy(PDO $pdo, String $imageProxy) : Array {
    $usersToChange = [];
    foreach($pdo->query("select user_id, user_avatar from phpbb_users") as $row){
        $url = parse_url($row["user_avatar"], PHP_URL_SCHEME);
        $host = parse_url($row['user_avatar'], PHP_URL_HOST);
        if($host === $imageProxy) {
            $urlToRecover = urldecode($row["user_avatar"]);
            $urlToRecover = str_replace($imageProxy, "", $urlToRecover);
            $usersToChange[] = ["id" => $row["user_id"], "avatar" => $urlToRecover];
        }
    }
    return $usersToChange;
}

/**
* Change every avatar
* @param Array $usersToChange : Users to change
* @return void
*/
function changeEveryAvatar(PDO $pdo, Array $usersToChange) : void {
    echo "<ul>";
    foreach($usersToChange as $user){
        $params = [
            ':id' => $user['id'],
            ':user_avatar' => $user['avatar']
        ];
        $sql = "UPDATE phpbb_users SET user_avatar = :user_avatar WHERE user_id = :id;";
        $status = $pdo->prepare($sql)->execute($params);
        echo "<li> done for " . $params[':id'] . "</li>";
    }
    echo "</ul>";
}
	<?php
	$imageProxy = "https://d1r1anxoiubeog.cloudfront.net/";

	$dbname = "";
	$user = "";
	$pass = "";
	$dsn = "mysql:host=localhost;dbname=".$dbname;

	$usersToChange = getEveryUserWithHttpAvatar($pdo, $imageProxy);
	$countUsers = count($usersToChange);

	//@Tool : Comment previous line and uncomment the next line to revert every user with hoot proxy
	//$usersToChange = getEveryUserWithHootProxy($pdo);

	echo "<h4>Step 1 : Avatars</h4>";
	changeEveryAvatar($pdo, $usersToChange);
	if($countUsers == 0) echo "Every avatar is secured 😁"; else echo "Done on " . $countUsers . " users";

	echo "<hr><h4>Step 2 : Signatures</h4>";
	processSignatures($pdo, $imageProxy);

	echo "<hr><h4>Step 3 : Posts</h4>";
	//processPosts($pdo, $imageProxy);

	echo "<hr><p><b>All done !</b></p>";

	/**
	* Get every user with an http avatar
	* @param PDO $pdo : PDOInstance
	* @param String $imageProxy : URL of image proxy
	* @return Array $usersToChange : Users to change
	*/
	function getEveryUserWithHttpAvatar(PDO $pdo, String $imageProxy) : Array {
	$usersToChange = [];
	foreach($pdo->query("select user_id, user_avatar from phpbb_users") as $row){
	$url = parse_url($row["user_avatar"], PHP_URL_SCHEME);
	if($url === 'http') {
	$usersToChange[] = ["id" => $row["user_id"], "avatar" => $imageProxy . urlencode($row["user_avatar"])];
	}
	}
	return $usersToChange;
	}

	/**
	* Process every posts and replace unsafe images by proxifyed
	* @param PDO $pdo : PDOInstance
	* @param String $imageProxy : URL of image proxy
	* @return void
	*/
	function processPosts(PDO $pdo, String $imageProxy) : void {
	$postsToChange = [];
	$matches = [];
	foreach($pdo->query("select post_id, post_text from phpbb_posts") as $row){
	$re = '/http:\/\/(?:[\w-]+\.)+[a-z]*(?:\/[^\/#?]+)+\.(?:jpe?g\|gif\|png\|bmp)/m';
	$str = $row['post_text'];
	if($str != "<t></t>"){
	preg_match_all($re, $str, $matches);
	if(count($matches[0])){
	$safeMatches = [];
	foreach($matches[0] as $k => $match ){
	$safeMatches[] = $imageProxy . urlencode($match);
	}
	$postsToChange[] = ['id' => $row['post_id'], 'unsafe' => $matches, 'safe' => $safeMatches, 'post' => $row['post_text'] ];
	}
	}
	}

	foreach($postsToChange as $i => $post){
	foreach($post['unsafe'] as $v => $unsafe)
	$post['post'] = str_replace($unsafe, $post['safe'][$v], $post['post']);

	$params = [
	':id' => $post['id'],
	':post_text' => $post['post']
	];
	$sql = "UPDATE phpbb_posts SET post_text = :post_text WHERE post_id = :id;";
	$status = $pdo->prepare($sql)->execute($params);
	echo "<li> Done on post : " . $params[':id'] . "</li>";
	}

	if(count($postsToChange) === 0)
	echo "Every post is secured 😬";
	}

	/**
	* Process every signature containing an http image url and replace it with proxifyied
	* @param PDO $pdo : PDOInstance
	* @param String $imageProxy : URL of image proxy
	* @return void
	*/
	function processSignatures(PDO $pdo, String $imageProxy) : void {
	$usersToChange = [];
	$matches = [];
	foreach($pdo->query("select user_id, user_sig from phpbb_users") as $row){
	$re = '/http:\/\/(?:[\w-]+\.)+[a-z]*(?:\/[^\/#?]+)+\.(?:jpe?g\|gif\|png\|bmp)/m';
	$str = $row['user_sig'];
	if($str != "<t></t>"){
	preg_match_all($re, $str, $matches);
	if(count($matches[0])){
	$safeMatches = [];
	foreach($matches[0] as $k => $match ){
	$safeMatches[] = $imageProxy . urlencode($match);
	}
	$usersToChange[] = ['id' => $row['user_id'], 'unsafe' => $matches, 'safe' => $safeMatches, 'sig' => $row['user_sig'] ];
	}
	}
	}

	foreach($usersToChange as $i => $user){
	foreach($user['unsafe'] as $v => $unsafe)
	$user['sig'] = str_replace($unsafe, $user['safe'][$v], $user['sig']);

	$params = [
	':id' => $user['id'],
	':user_sig' => $user['sig']
	];
	$sql = "UPDATE phpbb_users SET user_sig = :user_sig WHERE user_id = :id;";
	$status = $pdo->prepare($sql)->execute($params);
	echo "<li> Done on user : " . $params[':id'] . "</li>";
	}

	if(count($usersToChange) === 0)
	echo "Everyone is secured 🚀";
	}

	/**
	* Get every user with a proxifyied avatar image
	* @param PDO $pdo : PDOInstance
	* @param String $imageProxy : String URL of image proxy
	* @return Array $usersToChange : Users to change
	*/
	function getEveryUserWithHootProxy(PDO $pdo, String $imageProxy) : Array {
	$usersToChange = [];
	foreach($pdo->query("select user_id, user_avatar from phpbb_users") as $row){
	$url = parse_url($row["user_avatar"], PHP_URL_SCHEME);
	$host = parse_url($row['user_avatar'], PHP_URL_HOST);
	if($host === $imageProxy) {
	$urlToRecover = urldecode($row["user_avatar"]);
	$urlToRecover = str_replace($imageProxy, "", $urlToRecover);
	$usersToChange[] = ["id" => $row["user_id"], "avatar" => $urlToRecover];
	}
	}
	return $usersToChange;
	}

	/**
	* Change every avatar
	* @param Array $usersToChange : Users to change
	* @return void
	*/
	function changeEveryAvatar(PDO $pdo, Array $usersToChange) : void {
	echo "<ul>";
	foreach($usersToChange as $user){
	$params = [
	':id' => $user['id'],
	':user_avatar' => $user['avatar']
	];
	$sql = "UPDATE phpbb_users SET user_avatar = :user_avatar WHERE user_id = :id;";
	$status = $pdo->prepare($sql)->execute($params);
	echo "<li> done for " . $params[':id'] . "</li>";
	}
	echo "</ul>";
	}