I want to View Original Image when i click on thubnail image in gridview.
$file = 'http://localhost/myapp/upload/item_original/'.$model->image;
$type = 'image/jpg';
header('Content-Type:'.$type);
header('Content-Length: ' . filesize($file));
readfile($file);
i tried above code and it didn't work.
then i tried easyimage extension.
public function actionViewImg($id){
$model = $this->loadModel($id);
Yii::import('application.extensions.easyimage.EasyImage');
$image = new Image('http://localhost/obhre/upload/item_original/1235.jpg'); //get the image
$image->save('upload/viewimg/1235.jpg');//save it to another folder
echo Yii::app()->easyImage->thumbOf('upload/viewimg/1235.jpg'); //view the image
}
above code is working if i put relative path.but not with the absolute path.
error is "Dont have a image"
This code should work:
public function actionViewImg($id)
{
$model = $this->loadModel($id);
$file = 'http://localhost/myapp/upload/item_original/'.$model->image;
header('Content-Type: image/jpg');
header('Content-Length: '.filesize($file));
echo file_get_contents($file);
exit;
}
Related
I want to delete a file via a variable by this function:
$folder = 'upload/file/';
$save_path = $folder . $filename . '.' . 'file'; // <- Prop. name extension
function rndwnl($save_path)
{
header('Content-type: application/zip');
header('Content-Length: ' . filesize($save_path));
readfile($save_path);
ignore_user_abort(true);
unlink($save_path);
}
if (isset($_GET['dwnlf'])) {
rndwnl($save_path);
}
but this does not work.
But if I take unlink from the function it works
<?php
...
unlink($save_path);
...
?>
How can I delete the file in the function? (after download)
(The filename changes of course again and again, therefore the var)
This method receives a foldername and filename. It should make sure that the filename actually really exists in the folder path before doing anything. If so then it can proceed to get the file, send headers and send the response content. Is there a better and more secure way to to do this?
public function is_file_in_path($filename, $filepath)
{
if (file_exists($filepath)) {
$filename = realpath($filepath);
}
if ($filename) {
$image_mime = get_mime_by_extension($filename);
header('Content-Type: ' . $image_mime);
header('Content-Length: ' . filesize($filename));
echo file_get_contents($filename);
} else {
show_error('No image found.', 404);
}
}
To make the function to have higher compatibility and cleaner:
consider removing the word "public"
remove the 1st parameter, which is a bit redundant
change get_mime_by_extension to mime_content_type
change "No image found" to "No File found" (because this function can also be used if you supply a PDF file as parameter).
<?php
function is_file_in_path($filepath)
{
if (file_exists($filepath)) {
$filename = realpath($filepath);
}
if ($filename) {
$file_mime = mime_content_type($filename);
header('Content-Type: ' . $file_mime);
header('Content-Length: ' . filesize($filename));
echo file_get_contents($filename);
} else {
// show_error('No image found.', 404);
echo "No File Found";
}}
// is_file_in_path("./photo.jpg");
is_file_in_path("./ess.pdf");
?>
I can't display any response as image. I have tryed silex method and pure PHP, like this
$file = '1465797900_yoda.png';
if (!file_exists('images/'.$file)) {
return $app->abort(404, 'The image was not found.');
}
$stream = function () use ($file) {
readfile($file);
};
return $app->stream($stream, 200, array('Content-Type' => 'image/png'));
or pure PHP:
$file = 'images/1465797900_yoda.png';
$type = 'image/png';
header('Content-Type:'.$type);
header('Content-Length: ' . filesize($file));
echo readfile($file);
If I use method 1 my response is blank image but method 2 return random track, like this:
J���j��?�'T|֢1���Kc�Zu�#���9�G��<��!4#�D�xU�� � á_PW�Fܽ�!rŨ%��Gs�u6�?0�_ �o.>IEND�B`�
Pure PHP dont have problems, only Silex.
Thanks for help.
i have written the following for giving Pics from a folder:
public function getpic( $id ) {
$path = '/assets/userpics/' . $id;
if ( is_file( $path ) ) {
return new BinaryFileResponse( $path );
}
//make some error stuff
}
in the Html where you call the image use or load it via js
I am using wordpress for my website and there are some wallpapers in my folder which i provide for download . But i dont want users to know the exact file location of folder . As there is a subscription for the download.
suppose my file is stored in
http://www.example.com/wp-content/example.folder/awesome.png
Now how to hide the folder name example.folder and use any fake name, That dosent shows up while downloading . Really need a big help on this. can anyone suggest me a good method. I tried some wordpress plugins , but no help on this.
Example With PDF doc
$nameOld = "/public_html/wp-content/example.folder/oldnme.pdf";
$nameNew = "newName.pdf" ;
header("Content-Transfer-Encoding: binary");
header('Content-type: application/pdf');
header("Content-disposition: attachment; filename=$nameNew"); //
readfile($nameOld);
Edit
Prove of Concept for your image system using download.php?img=flower without the extension and flower show be the image name
$directory = "/public_html/wp-content/example.folder/";
$types = array("jpg","gif","png");
$ext = null;
if (! isset($_GET['img'])) {
die("Invalid URL");
}
$nameOld = filter_var($_GET['img'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_STRIP_LOW);
$nameNew = uniqid(basename($nameOld));
// File the file
foreach ( $types as $type ) {
if (is_file($nameOld . "." . $type)) {
$ext = $type;
break;
}
}
if ($ext == null) {
die("Sorry Image Not Found");
}
$nameOld .= "." . $ext;
$type = image_type_to_mime_type(exif_imagetype($nameOld));
header("Content-Transfer-Encoding: binary");
header('Content-type: ' . $type);
header("Content-disposition: attachment; filename=$nameNew"); //
readfile($nameOld);
I have a function called "viewDoc" which is supposed to go to a folder outside the web root and fetch a file for me. It seams to work ok with images (Jpgs etc) but with PDF's it just outputs a blank gray page as demonstrated here - http://www.tutorplanner.com/userimage/viewdoc/12787622467.pdf
Can anyone see what I'm doing wrong as I've been scratching my head over this for a day!
public function viewDoc($doc) {
$path_parts = pathinfo($_SERVER['REQUEST_URI']);
$file = $doc;
$fileDir = '/var/uploads/';
if (file_exists($fileDir . $file))
{
$contents = file_get_contents($fileDir . $file);
//print_r($contents);
header('Content-Type: ' . mime_content_type($fileDir . $file));
header('Content-Length: ' . filesize($fileDir . $file));
readfile($contents);
}
}
readfile is used with the parameter of a file name - NOT text.
Two examples that would work (file_get_contents):
public function viewDoc($doc) {
$path_parts = pathinfo($_SERVER['REQUEST_URI']);
$file = $doc;
$fileDir = '/var/uploads/';
$filePath = $fileDir . $file;
if (file_exists($filePath))
{
$contents = file_get_contents($filePath);
header('Content-Type: ' . mime_content_type($filePath));
header('Content-Length: ' . filesize($filePath));
echo $contents;
}
}
or (readfile):
public function viewDoc($doc) {
$path_parts = pathinfo($_SERVER['REQUEST_URI']);
$file = $doc;
$fileDir = '/var/uploads/';
$filePath = $fileDir . $file;
if (file_exists($filePath))
{
header('Content-Type: ' . mime_content_type($filePath));
header('Content-Length: ' . filesize($filePath));
readfile($filePath);
}
}
I also added the $filePath variable for you, as there's no reason to concat the string multiple times.
Edit
As extra security, to Yazmat's comment, you can use $file = str_replace(array('..', '/'), '', $doc); as this would remove all references to other directories (however, with the slash it would also remove access to sub directories, so you might want to skip that, dependend on your code and file structure).
You have a great security issue here, anyone can access anything on your server with the function you wrote. I realy advise you to not use it and just put your files (that should be accessible) on a public web directory.