PHPackages imagick/imagick - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. imagick/imagick ActivePhp-ext imagick/imagick =============== The Imagick PHP extension 3.8.1(5mo ago)61120.0k—1.2%164[148 issues](https://github.com/Imagick/imagick/issues)[8 PRs](https://github.com/Imagick/imagick/pulls)PHP-3.01CPHP >= 5.6.0CI passing Since Mar 13Pushed 4mo ago24 watchersCompare [ Source](https://github.com/Imagick/imagick)[ Packagist](https://packagist.org/packages/imagick/imagick)[ GitHub Sponsors](https://github.com/Danack)[ RSS](/packages/imagick-imagick/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (3)DependenciesVersions (9)Used By (0) [![Build status](https://github.com/imagick/imagick/actions/workflows/main.yml/badge.svg)](https://github.com/Imagick/imagick/actions) [![Build status](https://github.com/imagick/imagick/actions/workflows/windows.yml/badge.svg)](https://github.com/Imagick/imagick/actions) 🌈🌈 Imagick 🌈🌈 ============= [](#-imagick-) Imagick is a PHP extension to create and modify images using the ImageMagick library. There is also a version of Imagick available for HHVM. Although the two extensions are mostly compatible in their API, and they both call the ImageMagick library, the two extensions are completely separate code-bases. PHP Imagick ----------- [](#php-imagick) - Source code + issues - - Releases - - Documentation - Bugs can also be reported at but may have a slower response time. HHVM Imagick ------------ [](#hhvm-imagick) - Installation on Linux ===================== [](#installation-on-linux) The best way of installing Imagick is through a package manager e.g. apt, yum, brew, as they will also install ImageMagick for you. If you need to compile Imagick from source, first you should install [ImageMagick](https://github.com/ImageMagick/ImageMagick), at least version 6.2.4 but it is STRONGLY recommended to use a more recent version due to the many bug fixes in it. Once ImageMagick is installed, the following commands will compile and install Imagick: ``` git clone https://github.com/Imagick/imagick cd imagick phpize && ./configure make make install ``` You will also need to add `extension=imagick.so` to your PHP ini file to make PHP load the extension. Installing on Windows ===================== [](#installing-on-windows) For Windows please install both Imagick and the underlying ImageMagick library from: - - Once compiled, Imagick should be run with the same version of ImageMagick that it was compiled against. Running against a different version of ImageMagick is known to cause stability issues, and so is not recommended or supported. NixOS ===== [](#nixos) If using Imagick on NixOS, you probably [want to define](https://github.com/Imagick/imagick/blob/master/docker/nixos/shell.nix) FONTCONFIG\_FILE to avoid a warning message when loading fonts, and MAGICK\_CONFIGURE\_PATH to have all the information available from Imagick::getConfigureOptions(). Examples ======== [](#examples) Almost all of the functions in the library have an example at [phpimagick.com](https://phpimagick.com), where you can see the example code to call the function, as well as the generated image or output. ImageMagick =========== [](#imagemagick) ImageMagick, the library that the Imagick extension exposes to PHP has had many bug fixes, that have fixed many image corruption issues. We *strongly* recommend upgrading to the latest version (greater than 6.9.1 or 7.x) if at all possible. Security ======== [](#security) The PHP extension Imagick works by calling the ImageMagick library. Although the ImageMagick developers take good care in avoiding bugs it is inevitable that some bugs will be present in the code. ImageMagick also uses a lot of third party libraries to open, read and manipulate files. The writers of these libraries also take care when writing their code. However everyone makes mistakes and there will inevitably be some bugs present. Because ImageMagick is used to process images it is feasibly possible for hackers to create images that contain invalid data to attempt to exploit these bugs. Because of this we recommend the following: 1. Do not run Imagick in a server that is directly accessible from outside your network. It is better to either use it as a background task using something like SupervisorD or to run it in a separate server that is not directly accessible on the internet. Doing this will make it more difficult for hackers to exploit a bug, if one should exist in the libraries that ImageMagick is using. 2. Run it as a very low privileged process. As much as possible the files and system resources accessible to the PHP script that Imagick is being called from should be locked down. 3. Verify that all image files begin with the expected "magic bytes" corresponding to the image file types you support before sending them to ImageMagick for processing. This an be be done with finfo\_file() - see below. 4. Check the result of the image processing is a valid image file before displaying it to the user. In the extremely unlikely event that a hacker is able to pipe arbitrary files to the output of Imagick, checking that it is an image file, and not the source code of your application that is being sent, is a sensible precaution. This can be accomplished by the following code: ```