Search
Left Quote    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.
- Clifford Stoll    
Right Quote
 
[login] | [Register]
Forum Index » PHP and mySQL » Viewing Topic and Replies
Post Reply


        Viewing Topic: Brain Fart
  This user is offline  gravy
  Subject: "Brain Fart" Posted: @ 11:29 pm on Feb 12 2008   

Member #: 294
Rank: User - (63)
Since: 03/07/07
Posts: 66
From: MN

Hey guys been awhile since I posted, sorry about that.

Anyway I wrote a script to upload url images to my server and place the image into an images directory, and create a thumb and place that into a thumbs directory....
All thatworks fine, and it records the filename into mysql and everything just fine. The script works fine. But I have to write something to make sure that the image is actually an image file. If there is no check, then someone could upload anything to the directory right?

Anyway here si the code, any help would be much appreciated!

Code:
<?PHP

$max_size=$_CON FIG['max_size'] ;
$new_w=$_CONFIG ['thumb_w'];
$new_h=$_CONFIG ['thumb_h'];
function make_thumb($loc ale,$filename,$ thumb_name,$new _w,$new_h) {
$ext=getExtensi on($locale);

if(!strcmp(&quo t;jpg",$ex t) || !strcmp("j peg",$ext) || !strcmp("J PG",$ext))
$src_img=imagec reatefromjpeg($ locale);
if(!strcmp(&quo t;png",$ex t))
$src_img=imagec reatefrompng($l ocale);

$old_x=imageSX( $src_img);
$old_y=imageSY( $src_img);

$ratio1=$old_x/ $new_w;
$ratio2=$old_y/ $new_h;
if($ratio1>$ ratio2) {
$thumb_w=$new_w ;
$thumb_h=$old_y /$ratio1;
} else {
$thumb_h=$new_h ;
$thumb_w=$old_x /$ratio2; }

$dst_img=ImageC reateTrueColor( $thumb_w,$thumb _h);

imagecopyresamp led($dst_img,$s rc_img,0,0,0,0, $thumb_w,$thumb _h,$old_x,$old_ y);

if(!strcmp(&quo t;png",$ex t))
imagepng($dst_i mg,"thumbs /".$filena me);
else
imagejpeg($dst_ img,"thumb s/".$filen ame);

imagedestroy($d st_img);
imagedestroy($s rc_img); }

function getExtension($s tr) { $i = strrpos($str,&q uot;.");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+ 1,$l);
return $ext; }

if(isset($_POS T['submit_url'] )){
if ($_POST[url] == "") {
print "You forgot to enter a url.";
} else {

$filename = $_POST['to']; $path = $_CONFIG['path' ];
$t_path = $_CONFIG['tpath '];
$locale = $path.$filename ;
copy("$_PO ST[url]", "$locale&q uot;);
$size = round((filesize ($locale)/10000 00), 3);
$image = "http://ww w.xxxxxxx.com/i mage.php?entry= $locale";< br /> $thumb_name=$t_ path.$filename;
$thumb = make_thumb($loc ale,$filename,$ thumb_name,$new _w,$new_h);
print "<h1> ;Your Uploaded Photo.<br> ;<a href=\"$im age\" target=\"_ blank\"> ;
<img src=\"http ://www.xxxxxxx. com/$thumb_name \" border=\"0 \">< /a>";
if(!isset($_SES SION['username' ]) && !isset($_SESSIO N['password'])) {
$ip = $_SERVER['HTTP_ X_FORWARDED_FOR '];
if($ip == "") {
$ip = $_SERVER['REMOT E_ADDR'];
}
$_SESSION['logg ed_in'] = 0;
$user = "Guest&quo t;;
$image = $_POST["im age"];
mysql_query(&qu ot;INSERT INTO files (username, image, ip, date, time) VALUES ('$user', '$filename', '$ip', NOW(), CURTIME())" ;)
or die(mysql_error ());
}else if ($_SESSION['log ged_in'] == 1 ) {
$user = $_SESSION['user name'];
$image = $_POST["im age"];
mysql_query(&qu ot;INSERT INTO files (username, image, ip, date, time) VALUES ('$user', '$filename', '$ip', NOW(), CURTIME())" ;)
or die(mysql_error ());
}
}
}

if ($_SESSION['log ged_in'] != 1) {
echo "<br> ;<table width='100%' align='center'& gt;<tr>&l t;td align='center'& gt;<form method='link' action='index.p hp'><inpu t type='submit' style='width:10 0px' value='Upload More'></f orm></td& gt;<td align='center'& gt;<form method='link' action='registe r.php'><i nput type='submit' style='width:10 0px' value='Register '></form& gt;</td>& lt;/tr></ table>" ;
}else if ($_SESSION['log ged_in'] == 1) {
echo "<br> ;<table width='100%' align='center'& gt;<tr>&l t;td align='center'& gt;<form method='link' action='profile .php'><in put type='submit' style='width:10 0px' value='Upload More'></f orm></td& gt;<td align='center'& gt;<form method='link' action='myphoto s.php'><i nput type='submit' style='width:10 0px' value='My Photos'>< /form></t d><td align='center'& gt;<form method='link' action='gallery .php'><in put type='submit' style='width:10 0px' value='Browse Photos'>< /form></t d></tr> ;</table> ";
}
?>




Photo Hosting Scripts? It's what I do....
    Viewed: 7,019 Times | Reply to This | To top
  This user is offline  bs0d
  Subject: "re: Brain Fart" Posted: @ 4:15 am on Feb 13 2008    

Member #: 1
Rank: Admin. - (1,505)
Since: 02/06/05
Posts: 600
From: USA

I believe this page may help you:

Uploading Image Files with PHP: Page 3 let me know if you have anymore questions, thanks.




-bs0d | AllSyntax.com

    Viewed: 6,918 Times | Reply to This | To top
  This user is offline  gravy
  Subject: "re: Brain Fart" Posted: @ 9:45 pm on Feb 13 2008    

Member #: 294
Rank: User - (63)
Since: 03/07/07
Posts: 66
From: MN

  bs0d said...

< i> I believe this page may help you:

Uploading Image Files with PHP: Page 3 let me know if you have anymore questions, thanks.


Thanks bs0d worked awesome!




Photo Hosting Scripts? It's what I do....

    Viewed: 6,904 Times | Reply to This | To top
Viewing Page: 1 of 1


1 |

You must be logged in to post on the forums. Login or Register








"AllSyntax.com" Copyright © 2002-2018; All rights lefted, all lefts righted.
Privacy Policy  |  Internet Rank