I'm having some trouble debugging an old website. The original programmer is long out of touch, and I can't seem to find the error. The problem appears to be that when the user uploads an image, it never makes it to the ftp directory. The database values for description, file name, etc are made. Credentials are known good and tested.
I've done some looking and found a few scripts that do much the same thing; and it appears the PHP functions are all still valid (searched them at php.net). So I'm at a bit of a loss.
This script just stopped working two months ago. There was some DNS trouble with the server, but it was resolved and all seems well. Not sure if it's related.
If anyone can spot the problem I'd greatly appreciate it!
<?php
IF($ResizeAuth != "yes" OR $ItemID2Resize == "") //This page will exit right here unless the Resize Authorization is set to yes, and the New Image variable has some value
{
exit();
}
ini_set("memory_limit","24M"); //sets the total memory limit to 24 Megabytes just on this page for all of its scripts. The default is only 8M and fails with re-sizing large images.
$connection = mysql_connect("localhost","dbuser-correct","dbpw-correct");
$db = mysql_select_db("databasename-correct",$connection);
$conn_id = ftp_connect("www.correct-domain.com");
ftp_login($conn_id, "workingftpusername", "workingftppassword") or die("Could not connect");
FUNCTION uploadPic($src_img,$dDir,$maxWidth,$maxHeight,$resizeFlag,$tempName)
{
//destination
//(old) $dest = $dDir.$tempName;
//get source dimentions
$src_dims = getImageSize($src_img);
//create appropriate temp image
switch ($src_dims[2]) {
case 1: //GIF
break;
case 2: //JPEG
$srcImage = imageCreateFromJpeg($src_img);
break;
case 3: //PNG
break;
default:
return false;
break;
}
$srcRatio = $src_dims[0]/$src_dims[1]; // width/height ratio
$destRatio = $maxWidth/$maxHeight;
if ($destRatio > $srcRatio) {
$destSize[1] = $maxHeight;
$destSize[0] = $maxHeight*$srcRatio;
}
else {
$destSize[0] = $maxWidth;
$destSize[1] = $maxWidth/$srcRatio;
}
//if set image dimensions are required:
if ($resizeFlag == 1) {
$destSize[0] = $maxWidth;
$destSize[1] = $maxHeight;
}
$thumb_w = $destSize[0];
$thumb_h = $destSize[1];
$dst_img = imageCreateTrueColor($thumb_w,$thumb_h);
imageCopyResampled($dst_img,$srcImage,0,0,0,0,$thumb_w,$thumb_h,$src_dims[0],$src_dims[1]);
switch ($src_dims[2]) {
case 1:
break;
case 2:
#(original) imageJpeg($dst_img, $dest, 75); //75 denotes image quality / compression ratio
$resizedimage = imageJpeg($dst_img, NULL, 75); //75 denotes image quality / compression ratio
break;
case 3:
break;
}
//$y++;
unlink($src_img);
return $resizedimage;
}
######################
$maxImageWidth = 640; //pixels
$maxThumbWidth = 131; //pixels
$ImageName = $ItemID2Resize."_temp1.jpg";
$ThumbName = $ItemID2Resize."_temp2.jpg";
$NewImageName = "Item".$ItemID2Resize.".jpg";
$NewThumbName = "Item".$ItemID2Resize."_thumb.jpg";
$TempImageFile = uploadPic("temp_image_resize/$ImageName","",$maxImageWidth,0,0,"");
$TempImageFile = fopen($TempImageFile,"r");
#ftp_delete($conn_id, "httpdocs/images/Items/$NewImageName"); //deletes the previous jpg referencing the same item if it exsists.
ftp_fput($conn_id, "httpdocs/images/Items/$NewImageName", $TempImageFile, FTP_BINARY);
fclose($TempImageFile);
#ftp_delete($conn_id, "httpdocs/mckadmin/temp_image_resize/$NewImageName");
$TempThumbFile = tmpfile();
uploadPic("temp_image_resize/$ThumbName","",$maxThumbWidth,0,0,$TempThumbFile);
fseek($TempThumbFile,0);
#ftp_delete($conn_id, "httpdocs/images/Items/$NewThumbName"); //deletes the previous jpg referencing the same item if it exsists.
ftp_fput($conn_id, "httpdocs/images/Items/$NewThumbName", $TempThumbFile, FTP_BINARY);
fclose($TempThumbFile);
#ftp_delete($conn_id, "httpdocs/mckadmin/temp_image_resize/$NewThumbName");
######################
$ImagePath4SQL = "http://www.mycopperkettle.com/images/Items/$NewImageName";
$ThumbPath4SQL = "http://www.mycopperkettle.com/images/Items/$NewThumbName";
$CheckExsistingq = mysql_query("SELECT * FROM Product_ImagePaths WHERE ItemID=\"$ItemID2Resize\"");
$CheckExsisting = mysql_num_rows($CheckExsistingq);
IF($CheckExsisting == 0)
{
mysql_query("INSERT INTO Product_ImagePaths (ItemID,ImagePath,ThumbPath) VALUES (\"$ItemID2Resize\",\"$ImagePath4SQL\",\"$ThumbPath4SQL\")");
}
ELSE
{
mysql_query("UPDATE Product_ImagePaths SET ImagePath=\"$ImagePath4SQL\", ThumbPath=\"$ThumbPath4SQL\" WHERE ItemID=\"$ItemID2Resize\"");
}
ftp_close($conn_id); //close the FTP connection
?>
Thanks again!
~ Dr. Peril
Related
I have been going round in circles with this image upload where when I submit with file selected it uploads and posts directory as expected to database,
but of course if I submit without image selected then I get an error.
So I then would would do a check so see if file input is empty however it then stops the upload even when a file is selected and if I remove it I get this error
Warning: getimagesize(): Filename cannot be empty in ....
On searching this issue and see different peoples solutions, they suggest to increase the Upload max file etc... on the wamp php.ini which I did so, and restarted and still the same issue. However there is no issue with the file size as 5.83kb and php.ini is 25mb nor is there an issue with the file type because it does upload if I remove my error check.
Either way I have been scratching my head as I can not get to confirm when empty and echo out the error that I have set and then when file is selected to post. It just gives me the above error when checking.
Below is a working version which posts as expected but displays the error if empty. I don't want it to display this error, I want to display my own error.
Any suggestions? It's driving me up the wall :(
<?php
//UPLOAD IMAGE
if(isset($_POST["UploadImage"])) {
if(is_array($_FILES)) {
$file = $_FILES['file']['tmp_name'];
$sourceProperties = getimagesize($file);
$fileNewName = time();
$folderPath = "../userImages/";
$ext = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
$imageType = $sourceProperties[2];
$resized = "_resized";
$line = "_";
$original = "_original";
switch ($imageType) {
case IMAGETYPE_PNG:
$imageResourceId = imagecreatefrompng($file);
$targetLayer = imageResize($imageResourceId,$sourceProperties[0],$sourceProperties[1]);
imagepng($targetLayer,$folderPath.$RegID.$line.$fileNewName.$resized. ".".$ext);
break;
case IMAGETYPE_GIF:
$imageResourceId = imagecreatefromgif($file);
$targetLayer = imageResize($imageResourceId,$sourceProperties[0],$sourceProperties[1]);
imagegif($targetLayer,$folderPath.$RegID.$line.$fileNewName.$resized. ".".$ext);
break;
case IMAGETYPE_JPEG:
$imageResourceId = imagecreatefromjpeg($file);
$targetLayer = imageResize($imageResourceId,$sourceProperties[0],$sourceProperties[1]);
imagejpeg($targetLayer,$folderPath.$RegID.$line.$fileNewName.$resized. ".".$ext);
break;
default:
$msg = "<div class=\"alert alert-danger\">Wrong File Format - Only JPG, PNG or GIF - Max 2 MB</div>";
exit;
break;
}
$file = #imagecreatefromjpeg($folderPath.$RegID.$line.$fileNewName.$resized. ".".$ext);
if (!$file)
{
$file= imagecreatefromstring(file_get_contents($folderPath.$RegID.$line.$fileNewName.$resized. ".".$ext));
}
echo "";
//If I want the Orignal image upload also then remove below comment
//move_uploaded_file($file, $folderPath.$RegID.$line.$fileNewName.$original. ".".$ext);
//POST TO DATABASE
$RegID;
$RegPhoto = $folderPath.$RegID.$line.$fileNewName.$resized. ".".$ext;
$sql = "UPDATE registered SET RegID = ?, RegPhoto = ? WHERE RegID = '$RegID'";
$stmt = $connect->prepare($sql);
$stmt->bind_param('is', $RegID, $RegPhoto );
$stmt->execute();
$msg = "<div class=\"alert alert-success\">Updated Profile Successfully</div>";
}
}
function imageResize($imageResourceId,$width,$height) {
$targetWidth =220;
$targetHeight =200;
$targetLayer=imagecreatetruecolor($targetWidth,$targetHeight);
imagecopyresampled($targetLayer,$imageResourceId,0,0,0,0,$targetWidth,$targetHeight, $width,$height);
return $targetLayer;
}
?>
Background:
I have been working on an issue whereby a file upload form will only accept certain images, it is not a problem with image size(dimensions) or with size(filesize) but I think i've found it's to do with image bit depth, as the PHP script resizes the image and applies a static (semi-transparant) watermark file to the image and saves the result.
I have gone through a long process today and yesterday working with this as the error that occurs is the server stating "Connection reset by server" . Which I think I've narrowed down to the server not having enough free memory to complete the image resource manipulations.
Issue:
Then, after all that, this error comes up on file upload submission:
IPS detected for "WEB PHP EXIF Process IFD TAG Remote Integer Overflow -2 (CVE-20/Buffer Over Flow"
Some googling only tells me that it's a securty vulnerabiliy for PHP < 4.2 or so, and doesn't relate to actually what's going on.
I have looked through my code and am very sure that
My query is to try and shed some light on what this error statement means (and how I can go about correcting it)?
Notes:
PHP 5.6.16
No PHP EXIF functions run on the page.
I can't see anywhere on the page that would cause an integer overflow (running to infinity, I guess)
Page does use imagecopy, imagealphablending and imagesavealpha But this error notice seems to appear before the script runs on the uploaded file.
This error only occurs on some uploaded images and not on others.
I have found no Apache error logs relating to this
I have no PHP errors recorded.
Code:
As I think the issue may occur somehow before the page loads I'm not sure how useful this code block will be but, take a look:
(also please note that I am aware this page is 5 years old and isn't the smartest programming, i have fixed it up in parts but am aware it can probably be further tidied)
<?php
session_start();
error_reporting(E_ALL);
ini_set('display_errors', 1);
///first set out variables.
$goodImage = 0;
$maxfilesize = (int)$_POST['MAX_FILE_SIZE'];
$gallery = (int)$_POST['galfolderid']
if (empty($gallery)) {
$_SESSION['message'] = $gallery . "<br/>Gallery Value has not been set.";
}
elseif (!is_numeric($gallery)) {
$_SESSION['message'] = $gallery . "<br/>Gallery Value is not a numeric value.";
}
elseif (!is_dir($_SERVER['DOCUMENT_ROOT']."/images/gallery/" . $gallery )) {
$_SESSION['message'] = $gallery . "<br/>Gallery Value, while being a number, is not a valid numeric value.";
}
if(!empty($_SESSION['message'])) {
header("Location:editgallery.php?gallery=".$galleryid);
exit;
}
for($count=0;$count<5;$count++) {
if ($_FILES['image']['error'][$count] == 0) {
clearstatcache();
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$imageType = finfo_file($finfo, $_FILES['image']['tmp_name'][$count]);
finfo_close($finfo);
unset($finfo);
if (strtolower($imageType) == "image/png") {
$imgtype = "PNG";
$original = imagecreatefrompng($_FILES['image']['tmp_name'][$count]);
} elseif (strtolower($imageType) == "image/jpeg" || strtolower($imageType) == "image/jpg") {
$imgtype = "JPG";
$original = imagecreatefromjpeg($_FILES['image']['tmp_name'][$count]);
} else {
//not a JPG or PNG type... set error.
$_SESSION['message'] = "Image " . ($count+1) . " does not appear to be a valid .JPG or .PNG file. ";
error_log($_SESSION['message']);
header("Location:editgallery.php");
exit;
}
unlink($_FILES['image']['tmp_name'][$count]);
$edgePadding = (int)$_POST['WMedge'][$count]; //integer
$watermarkScale = $_POST['WMscale'][$count]; //float
$h_position = $_POST['Hpos'][$count]; //text array
$v_position = $_POST['Vpos'][$count]; //text array
$Hoz = $h_position[0];
$Vez = $v_position[0];
if (!isset($watermarkScale) || empty($watermarkScale) || !is_numeric($watermarkScale)) {
$watermarkScale = 1.0;
}
elseif($watermarkScale > 2.0) {
$watermarkScale = 2.0;
}
elseif($watermarkScale < 0.5) {
$watermarkScale = 0.5;
}
if ((!isset($edgePadding) || empty($edgePadding) || !is_numeric($edgePadding)) && $edgePadding !== "0") {
$edgePadding = 5;
}
// be sure that the other options we need have some kind of value
if ($_FILES['image']['size'][$count] > $maxfilesize) {
$_SESSION['message'] .= "Image file ".($count+1)." appears to be too big. There is a limit of 2Mb on the
size of the image you can upload. Please click 'Back' on your browser and resubmit a valid image.";
error_log($_SESSION['message']);
//file too big.
}
//target name is the number of images in the LARGE gallery,
///cycle through imagenames to find the first "clear" image number.
$newimagename = 1;
clearstatcache();
/***
NOTE: Only possible place an integer oveflow might occur I think
***/
while (file_exists($_SERVER['DOCUMENT_ROOT'] . "/images/gallery/" . $gallery . "/S/" . $newimagename . ".jpg")) {
$newimagename++;
}
///newimagename is the new filename of the image.
$target_name = $newimagename . ".jpg";
$target = $_SERVER['DOCUMENT_ROOT'] . "/images/gallery/" . $gallery . "/L/" . $target_name;
$targetSmall = $_SERVER['DOCUMENT_ROOT'] . "/images/gallery/" . $gallery . "/S/" . $target_name;
//targetSM is used below to make the thumbnail image. for the SMALL gallery.
//full target directory and name.
// file upload success
// now file need resizing before the watermark is applied.
// resize new dimensions (Large- 800px)
$originalImageSize[0] = imagesx($original);
$originalImageSize[1] = imagesy($original);
/***
* Resize new dimensions for small thumbnail.
***/
if ($originalImageSize[0] > 133) {
$percent = 133 / $originalImageSize[0];
} else {
$percent = 1;
}
$newThumbHeight = $originalImageSize[1] * $percent;
$newThumbWidth = $originalImageSize[0] * $percent;
// Resample
$imageThumbFinal = imagecreatetruecolor($newThumbWidth, $newThumbHeight);
imagecopyresampled($imageThumbFinal, $original, 0, 0, 0, 0, $newThumbWidth, $newThumbHeight, $originalImageSize[0], $originalImageSize[1]);
// Output
imagejpeg($imageThumbFinal, $targetSmall, 80);
imagedestroy($imageThumbFinal);
unset($imageThumbFinal, $percent,$newThumbWidth,$newThumbHeight);
/***
* End Thumbnail generation.
*/
/***
* Resize main sized image (max 800px wide)
***/
if ($originalImageSize[0] > 800) {
$percent = 800 / $originalImageSize[0];
} else {
$percent = 1;
}
$newPictureHeight = $originalImageSize[1] * $percent;
$newPictureWidth = $originalImageSize[0] * $percent;
// Resample main image to reduce max size.
$imageCleanFinal = imagecreatetruecolor($newPictureWidth, $newPictureHeight);
imagecopyresampled($imageCleanFinal, $original, 0, 0, 0, 0, $newPictureWidth, $newPictureHeight, $originalImageSize[0], $originalImageSize[1]);
/***
* Now resize the watermark and save onto the final image.
***/
//full target directory and name.
$watermark = $_SERVER['DOCUMENT_ROOT'] . "/images/watermark2.png";
$wmTarget = substr($watermark, 0, -3) . "tmp"; //image/watermark2.tmp is resized.
$sourceWaterImage = imagecreatefrompng($watermark);
$waterMarkWidth = imagesx($sourceWaterImage);
$waterMarkHeight = imagesy($sourceWaterImage);
$destinationHeight = $waterMarkHeight * $watermarkScale;
$destinationWidth = $waterMarkWidth * $watermarkScale;
$destinationHeight = floor($destinationHeight);
$destinationWidth = floor($destinationWidth);
$destinationWatermarkImage = imagecreatetruecolor($destinationWidth, $destinationHeight);
imagealphablending($destinationWatermarkImage, FALSE);
imagesavealpha($destinationWatermarkImage, TRUE);
imagecopyresampled($destinationWatermarkImage, $sourceWaterImage, 0, 0, 0, 0, $destinationWidth,
$destinationHeight, $waterMarkWidth, $waterMarkHeight);
imagedestroy($sourceWaterImage);
unset($sourceWaterImage);
clearstatcache();
/***
* Set watermark location on final image.
***/
$differenceX = $newPictureWidth - $destinationWidth;
$differenceY = $newPictureHeight - $destinationHeight;
switch ($Hoz) {
// find the X coord for placement
case 'left':
$placementX = $edgePadding;
break;
case 'center':
$placementX = round($differenceX / 2);
break;
case 'right':
$placementX = $newPictureWidth - ($destinationWidth + $edgePadding);
break;
default:
$placementX = 0;
break;
}
switch ($Vez) {
// find the Y coord for placement
case 'top':
$placementY = $edgePadding;
break;
case 'middle':
$placementY = round($differenceY / 2);
break;
case 'bottom':
$placementY = $newPictureHeight - ($destinationHeight + $edgePadding);
break;
default:
$placementY = 0;
break;
}
/***
* Finish set Watermark location
***/
imagecopy($imageCleanFinal,
$destinationWatermarkImage,
$placementX,
$placementY,
0,
0,
$destinationWidth,
$destinationHeight);
imagejpeg($imageCleanFinal, $target, 80);
/***
* Image final save
***/
// Output
imagejpeg($imageCleanFinal, $target, 80);
imagedestroy($imageCleanFinal);
imagedestroy($destinationWatermarkImage);
unset($imageCleanFinal, $percent);
unlink($wmTarget);
$output[$goodImage]['targetName'] = $target_name;
$output[$goodImage]['targetAddr'] = $target;
$goodImage++;
} elseif (!isset($_FILES['image']['name'][$count]) || ($_FILES['image']['error'][$count] != 0 && $_FILES['image']['error'][$count] != 4)) {
//error in file upload.
$_SESSION['message'] .= " There is a file upload error number " . $_FILES['image']['error'][$count] . ". for image ".($count+1).".
Please try resubmitting a valid image.";
error_log($_SESSION['message']);
}
}
if (empty($_SESSION['message'])){
$_SESSION['message'] = $goodImage." New Image(s) Uploaded";
}
// display resulting image for download
header("Location:editgallery.php?special=yes&gallery=".$galleryid);
exit;
Server Details:
Apache 2.4
WebHostManger & CPanel (combined) version 54.0.19
PHP 5.6 using Mod suPHP 0.7.2
2 core 2.2GHz (so x2) intel with
1896Mb/2097Mb physical memory (used/available)
+4095Mb memory Swap File. (~6010Mb total)
Can i change the name of the file, say an image for example which has name like '0124.jpg',
before sending it to the server?
<input id="f1" style="margin-bottom: 5px;" type="file" name="f1" onchange="javascript:readURL_f1(this);"/>
<input id="f2" style="margin-bottom: 5px;" type="file" name="f1" onchange="javascript:readURL_f2(this);"/>
If the file is uploaded from f1, then before sending to to server, the name should become pic1_[filename].jpg, instead of just sending the raw filename.
I don't want this to be done in server side because i think it might be complicated.
EDIT : Upload.php is my php file which uploads whatever in the file. So, its been a challenge for me. i can change the filename, but that gets changed in all the three uploads.
for example i add an '_' for the incoming filename. Then, it gets changed to all filenames.
Anyway from clientside?
my upload script: Upload.php
upload.php
<?php mysql_connect('localhost','root','phpmyadmin');
$connected = mysql_select_db('image_Upload');
?>
<noscript>
<div align="center">Go Back To Upload Form</div><!-- If javascript is disabled -->
</noscript>
<?php
//If you face any errors, increase values of "post_max_size", "upload_max_filesize" and "memory_limit" as required in php.ini
//Some Settings
$ThumbSquareSize = 200; //Thumbnail will be 200x200
$BigImageMaxSize = 500; //Image Maximum height or width
$ThumbPrefix = "thumb_"; //Normal thumb Prefix
$DestinationDirectory = 'uploads/'; //Upload Directory ends with / (slash)
$Quality = 90;
$id = 'm123';
//ini_set('memory_limit', '-1'); // maximum memory!
foreach($_FILES as $file)
{
// some information about image we need later.
$ImageName = $file['name'];
$ImageSize = $file['size'];
$TempSrc = $file['tmp_name'];
$ImageType = $file['type'];
if (is_array($ImageName))
{
$c = count($ImageName);
echo '<ul>';
for ($i=0; $i < $c; $i++)
{
$processImage = true;
$RandomNumber = rand(0, 9999999999); // We need same random name for both files.
if(!isset($ImageName[$i]) || !is_uploaded_file($TempSrc[$i]))
{
echo '<div class="error">Error occurred while trying to process <strong>'.$ImageName[$i].'</strong>, may be file too big!</div>'; //output error
}
else
{
//Validate file + create image from uploaded file.
switch(strtolower($ImageType[$i]))
{
case 'image/png':
$CreatedImage = imagecreatefrompng($TempSrc[$i]);
break;
case 'image/gif':
$CreatedImage = imagecreatefromgif($TempSrc[$i]);
break;
case 'image/jpeg':
case 'image/pjpeg':
$CreatedImage = imagecreatefromjpeg($TempSrc[$i]);
break;
default:
$processImage = false; //image format is not supported!
}
//get Image Size
list($CurWidth,$CurHeight)=getimagesize($TempSrc[$i]);
//Get file extension from Image name, this will be re-added after random name
$ImageExt = substr($ImageName[$i], strrpos($ImageName[$i], '.'));
$ImageExt = str_replace('.','',$ImageExt);
//Construct a new image name (with random number added) for our new image.
$NewImageName = $id.'_'.'pic'.($i+1).'.'.$ImageExt;
//Set the Destination Image path with Random Name
$thumb_DestRandImageName = $DestinationDirectory.$ThumbPrefix.$NewImageName; //Thumb name
$DestRandImageName = $DestinationDirectory.$NewImageName; //Name for Big Image
//Resize image to our Specified Size by calling resizeImage function.
if($processImage && resizeImage($CurWidth,$CurHeight,$BigImageMaxSize,$DestRandImageName,$CreatedImage,$Quality,$ImageType[$i]))
{
//Create a square Thumbnail right after, this time we are using cropImage() function
if(!cropImage($CurWidth,$CurHeight,$ThumbSquareSize,$thumb_DestRandImageName,$CreatedImage,$Quality,$ImageType[$i]))
{
echo 'Error Creating thumbnail';
}
/*
At this point we have succesfully resized and created thumbnail image
We can render image to user's browser or store information in the database
For demo, we are going to output results on browser.
*/
//Get New Image Size
list($ResizedWidth,$ResizedHeight)=getimagesize($DestRandImageName);
echo '<table width="100%" border="0" cellpadding="4" cellspacing="0">';
echo '<tr>';
echo '<td align="center"><img src="uploads/'.$ThumbPrefix.$NewImageName.
'" alt="Thumbnail" height="'.$ThumbSquareSize.'" width="'.$ThumbSquareSize.'"></td>';
echo '</tr><tr>';
echo '<td align="center"><img src="uploads/'.$NewImageName.
'" alt="Resized Image" height="'.$ResizedHeight.'" width="'.$ResizedWidth.'"></td>';
echo '</tr>';
echo '</table>';
if(isset($id))
{
mysql_query("UPDATE imagetable SET ImageName='$DestRandImageName',ThumbName='$thumb_DestRandImageName',
ImgPath='uploads/' WHERE id='$id'");
}
else{
mysql_query("INSERT INTO imagetable (id, ImageName, ThumbName, ImgPath)
VALUES ('$id','$DestRandImageName', '$thumb_DestRandImageName', 'uploads/')");
}
}else{
echo '<div class="error">Error occurred while trying to process <strong>'.$ImageName.
'</strong>! Please check if file is supported</div>';
}
}
}
echo '</ul>';
}
}
// This function will proportionally resize image
function resizeImage($CurWidth,$CurHeight,$MaxSize,$DestFolder,$SrcImage,$Quality,$ImageType)
{
//Check Image size is not 0
if($CurWidth <= 0 || $CurHeight <= 0)
{
return false;
}
//Construct a proportional size of new image
$ImageScale = min($MaxSize/$CurWidth, $MaxSize/$CurHeight);
$NewWidth = ceil($ImageScale*$CurWidth);
$NewHeight = ceil($ImageScale*$CurHeight);
if($CurWidth < $NewWidth || $CurHeight < $NewHeight)
{
$NewWidth = $CurWidth;
$NewHeight = $CurHeight;
}
$NewCanves = imagecreatetruecolor($NewWidth, $NewHeight);
// Resize Image
if(imagecopyresampled($NewCanves, $SrcImage,0, 0, 0, 0, $NewWidth, $NewHeight, $CurWidth, $CurHeight))
{
switch(strtolower($ImageType))
{
case 'image/png':
imagepng($NewCanves,$DestFolder);
break;
case 'image/gif':
imagegif($NewCanves,$DestFolder);
break;
case 'image/jpeg':
case 'image/pjpeg':
imagejpeg($NewCanves,$DestFolder,$Quality);
break;
default:
return false;
}
if(is_resource($NewCanves)) {
imagedestroy($NewCanves);
}
return true;
}
}
//This function corps image to create exact square images, no matter what its original size!
function cropImage($CurWidth,$CurHeight,$iSize,$DestFolder,$SrcImage,$Quality,$ImageType)
{
//Check Image size is not 0
if($CurWidth <= 0 || $CurHeight <= 0)
{
return false;
}
if($CurWidth>$CurHeight)
{
$y_offset = 0;
$x_offset = ($CurWidth - $CurHeight) / 2;
$square_size = $CurWidth - ($x_offset * 2);
}else{
$x_offset = 0;
$y_offset = ($CurHeight - $CurWidth) / 2;
$square_size = $CurHeight - ($y_offset * 2);
}
$NewCanves = imagecreatetruecolor($iSize, $iSize);
if(imagecopyresampled($NewCanves, $SrcImage,0, 0, $x_offset, $y_offset, $iSize, $iSize, $square_size, $square_size))
{
switch(strtolower($ImageType))
{
case 'image/png':
imagepng($NewCanves,$DestFolder);
break;
case 'image/gif':
imagegif($NewCanves,$DestFolder);
break;
case 'image/jpeg':
case 'image/pjpeg':
imagejpeg($NewCanves,$DestFolder,$Quality);
break;
default:
return false;
}
if(is_resource($NewCanves)) {
imagedestroy($NewCanves);
}
return true;
}
}
When you are uploading the File you usually follow this workflow
User Chooses a File and Clicks Upload
Server Pics up the File from the temp folder - check MimeType, Resize and Rename the File and store it to which ever location you want on the file server.
While Renaming if you want to see if the same file name exsists and then append the _01, _02 then you will have to check if a file exists with that name and then append the unique number at the end.
Things like that are usually done in the server side. The purpose of preppending or appending a code or, say, changing the whole name of the file is to prevent uploaded file name conflicts. So imagine doing it to the client side? When upload button is pressed you need to ask the server if this file name is already existing, then you wait for the response of the server then do the renaming based on the response then send it to the server instead of just sending it to the server then do the checking then renaming then saving.
I'm (a newbie in php) still working on a time off project and another problem came up, for which I can't find a solution. Therefore I hope u guys can help me! Worked great the last time I posted something on here! I really appreciate your help...thx ahead!
My problem:
I want users to be able to upload pictures when they are logged in. They got several little buttons on their profile with images on them...and they should be able to change them...
I want to have it like this -> When a user uploads an image, the script shall create a new folder on the server. This shall happen in the "user_images" folder (that exists already). So a user with e.g. "id=55" creates a folder "55" in "user_images" when he uploads images. I tried and tried and tried and tried...with different syntax in line -> "$upload_dir =" but without any success :-/ I just don't get it to work...
Here is the part of the script:
<?php
include 'dbconfig.php';
page_protect();
$rs_settings = mysql_query("select * from user where id='$_SESSION[user_id]'");
while ($row_settings = mysql_fetch_array($rs_settings));
error_reporting (E_ALL ^ E_NOTICE);
session_start();
//only assign a new timestamp if the session variable is empty
if (!isset($_SESSION['user_id']) || strlen($_SESSION['user_id'])==0){
$_SESSION['user_id'] = mysql_query("select * from user where id='$_SESSION[user_id]'");
//assign the timestamp to the session variable
$_SESSION['user_file_ext']= "";
}
$upload_dir = "user_images/";
$upload_path = $upload_dir;
$large_image_prefix = "Large_";
$thumb_image_prefix = "button_";
$large_image_name = $large_image_prefix.$_SESSION['user_id'];
image (append the timestamp to the filename)
$thumb_image_name = $thumb_image_prefix.$_SESSION['user_id'];
image (append the timestamp to the filename)
$max_file = "1"; // Maximum file size in MB
$max_width = ""; // Max width allowed for the large image
$thumb_width = "87"; // Width of thumbnail image
$thumb_height = "35"; // Height of thumbnail image
// Only one of these image types should be allowed for upload
$allowed_image_types =
array('image/pjpeg'=>"jpg",'image/jpeg'=>"jpg",'image/jpg'=>"jpg",'image/png'=>"png",
'image/x-png'=>"png",'image/gif'=>"gif");
$allowed_image_ext = array_unique($allowed_image_types); // do not change this
$image_ext = ""; // initialise variable, do not change this.
foreach ($allowed_image_ext as $mime_type => $ext) {
$image_ext.= strtoupper($ext)." ";
}
function resizeImage($image,$width,$height,$scale) {
list($imagewidth, $imageheight, $imageType) = getimagesize($image);
$imageType = image_type_to_mime_type($imageType);
$newImageWidth = ceil($width * $scale);
$newImageHeight = ceil($height * $scale);
$newImage = imagecreatetruecolor($newImageWidth,$newImageHeight);
switch($imageType) {
case "image/gif":
$source=imagecreatefromgif($image);
break;
case "image/pjpeg":
case "image/jpeg":
case "image/jpg":
$source=imagecreatefromjpeg($image);
break;
case "image/png":
case "image/x-png":
$source=imagecreatefrompng($image);
break;
}
imagecopyresampled($newImage,$source,0,0,0,0,$newImageWidth,$newImageHeight,
$width,$height);
switch($imageType) {
case "image/gif":
imagegif($newImage,$image);
break;
case "image/pjpeg":
case "image/jpeg":
case "image/jpg":
imagejpeg($newImage,$image,90);
break;
case "image/png":
case "image/x-png":
imagepng($newImage,$image);
break;
}
chmod($image, 0777);
return $image;
}
function resizeThumbnailImage($thumb_image_name, $image, $width, $height, $start_width,
$start_height, $scale){
list($imagewidth, $imageheight, $imageType) = getimagesize($image);
$imageType = image_type_to_mime_type($imageType);
$newImageWidth = ceil($width * $scale);
$newImageHeight = ceil($height * $scale);
$newImage = imagecreatetruecolor($newImageWidth,$newImageHeight);
switch($imageType) {
case "image/gif":
$source=imagecreatefromgif($image);
break;
case "image/pjpeg":
case "image/jpeg":
case "image/jpg":
$source=imagecreatefromjpeg($image);
break;
case "image/png":
case "image/x-png":
$source=imagecreatefrompng($image);
break;
}
imagecopyresampled($newImage,$source,0,0,$start_width,$start_height,$newImageWidth,
$newImageHeight,$width,$height);
switch($imageType) {
case "image/gif":
imagegif($newImage,$thumb_image_name);
break;
case "image/pjpeg":
case "image/jpeg":
case "image/jpg":
imagejpeg($newImage,$thumb_image_name,90);
break;
case "image/png":
case "image/x-png":
imagepng($newImage,$thumb_image_name);
break;
}
chmod($thumb_image_name, 0777);
return $thumb_image_name;
}
function getHeight($image) {
$size = getimagesize($image);
$height = $size[1];
return $height;
}
function getWidth($image) {
$size = getimagesize($image);
$width = $size[0];
return $width;
}
$large_image_location = $upload_path.$large_image_name.$_SESSION['user_file_ext'];
$thumb_image_location = $upload_path.$thumb_image_name.$_SESSION['user_file_ext'];
if(!is_dir($upload_dir)){
mkdir($upload_dir, 0777);
chmod($upload_dir, 0777);
}
if (file_exists($large_image_location)){
if(file_exists($thumb_image_location)){
$thumb_photo_exists = "<img
src=\"".$upload_path.$thumb_image_name.$_SESSION['user_file_ext']."\" alt=\"Thumbnail
Image\"/>";
}else{
$thumb_photo_exists = "";
}
$large_photo_exists = "<img
src=\"".$upload_path.$large_image_name.$_SESSION['user_file_ext']."\" alt=\"Large
Image\"/>";
} else {
$large_photo_exists = "";
$thumb_photo_exists = "";
}
if (isset($_POST["upload"])) {
//Get the file information
$userfile_name = $_FILES['image']['name'];
$userfile_tmp = $_FILES['image']['tmp_name'];
$userfile_size = $_FILES['image']['size'];
$userfile_type = $_FILES['image']['type'];
$filename = basename($_FILES['image']['name']);
$file_ext = strtolower(substr($filename, strrpos($filename, '.') + 1));
//Only process if the file is a JPG, PNG or GIF and below the allowed limit
if((!empty($_FILES["image"])) && ($_FILES['image']['error'] == 0)) {
foreach ($allowed_image_types as $mime_type => $ext) {
//loop through the specified image types and if they match the
extension then break out
//everything is ok so go and check file size
if($file_ext==$ext && $userfile_type==$mime_type){
$error = "";
break;
}else{
$error = "Only <strong>".$image_ext."</strong> images accepted for upload<br />";
}
}
//check if the file size is above the allowed limit
if ($userfile_size > ($max_file*1048576)) {
$error.= "Images must be under ".$max_file."MB in size";
}
}else{
$error= "Select an image for upload";
}
//Everything is ok, so we can upload the image.
if (strlen($error)==0){
if (isset($_FILES['image']['name'])){
//this file could now has an unknown file extension (we hope it's one of the ones set above!)
$large_image_location = $large_image_location.".".$file_ext;
$thumb_image_location = $thumb_image_location.".".$file_ext;
//put the file ext in the session so we know what file to look for once its uploaded
$_SESSION['user_file_ext']=".".$file_ext;
move_uploaded_file($userfile_tmp, $large_image_location);
chmod($large_image_location, 0777);
$width = getWidth($large_image_location);
$height = getHeight($large_image_location);
//Scale the image if it is greater than the width set above
if ($width > $max_width){
$scale = $max_width/$width;
$uploaded = resizeImage($large_image_location,$width,$height,$scale);
}else{
$scale = 1;
$uploaded = resizeImage($large_image_location,$width,$height,$scale);
}
//Delete the thumbnail file so the user can create a new one
if (file_exists($thumb_image_location)) {
unlink($thumb_image_location);
}
}
//Refresh the page to show the new uploaded image
header("location:".$_SERVER["PHP_SELF"]);
exit();
}
?>
It would be really cool if someone could help me to fix these problems...you may know how hard it is, when you're just a rookie! If there's more weird syntax in there...let me know, I'm just a beginner (like we all have been at the beginning) and trying to get better :)
Thank you guys!
Keeping in mind that allowing any user to upload content to your server creates a security hole that requires special attention, this is a bit of code I've used in the past for an internal-use application:
$folderPath = "/uploads/" . $folderName;
$exist = is_dir($folderPath);
if(!$exist) {
mkdir("$folderPath");
chmod("$folderPath", 0755);
}
else { echo "Folder already exists"; }
You can also chmod right from mkdir but was having issues with doing that on this particular server config.
http://php.net/manual/en/function.mkdir.php
UPDATED with more complete example:
// Define path where file will be uploaded to
// User ID is set as directory name
$folderPath = "/uploads/$userID";
// Check to see if directory already exists
$exist = is_dir($folderPath);
// If directory doesn't exist, create directory
if(!$exist) {
mkdir("$folderPath");
chmod("$folderPath", 0755);
}
else { echo "Folder already exists"; }
// PROCESS FILE UPLOAD
// Set initial/temporary upload location
// temp_uploads must have proper read/write permissions (755 or 777)
$target_path = "/uploads/temp_uploads/";
// Append the name of the uploaded file to the temp directory
$target_path .= basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
$filename = basename( $_FILES['uploadedfile']['name']);
// Location where temporary file is being stored
$temp_location = '/uploads/temp_uploads/' . basename( $_FILES['uploadedfile']['name']);
// Final destination where file will be located
$destination = "/uploads/$folderPath/$filename";
rename($temp_location, $destination);
}
You are assigning a mysql query resource to the $_SESSION["user_id"]
$_SESSION['user_id'] = mysql_query("select * from user where id='$_SESSION[user_id]'");
I think you want to get the user id out of that query
Also if your code produces any errors it would be great if you included them in your question
ps. don't use mysql_* functions, they are deprecated and create unwanted security holes if not used properly, learn dibi, pdo, or any other newer database layer
$file_name=basename($_FILES['uploadedfile']['name']);
mkdir("upload/".$username,0777);
$target_path = "upload/$username/". $file_name;
I have no idea how to resize image in PHP, my code is:
for ($index = 1; $index <= 2; $index++) {
if (!empty($_FILES["pic$index"]["name"])) {
$ext = substr($_FILES["pic$index"]["name"], strrpos($_FILES["pic$index"]["name"], '.') + 1);
$dir = "../gallery/$mkdir";
HERE I NEED THE RESIZE OF THE TMP FILE OF IMAGE
move_uploaded_file($_FILES["pic$index"]["tmp_name"] , "$dir/img-$index.$ext");
}
}
$mkdir = the name of the gallery's folder (there are many galleries).
$dir = where the pics will be placed.
$ext = the type of the image (png, gif or jpg).
foreach loop runs two times because you can upload two pics.
This script is working good, I just need to do resize and I dont have an idea how to do it..
Here is the code I'm using to resize images.
In my case I give to the function the original file name and then the thumbnail file name.
You can adapt it for your case very easily.
public static function GenerateThumbnail($im_filename,$th_filename,$max_width,$max_height,$quality = 0.75)
{
// The original image must exist
if(is_file($im_filename))
{
// Let's create the directory if needed
$th_path = dirname($th_filename);
if(!is_dir($th_path))
mkdir($th_path, 0777, true);
// If the thumb does not aleady exists
if(!is_file($th_filename))
{
// Get Image size info
list($width_orig, $height_orig, $image_type) = #getimagesize($im_filename);
if(!$width_orig)
return 2;
switch($image_type)
{
case 1: $src_im = #imagecreatefromgif($im_filename); break;
case 2: $src_im = #imagecreatefromjpeg($im_filename); break;
case 3: $src_im = #imagecreatefrompng($im_filename); break;
}
if(!$src_im)
return 3;
$aspect_ratio = (float) $height_orig / $width_orig;
$thumb_height = $max_height;
$thumb_width = round($thumb_height / $aspect_ratio);
if($thumb_width > $max_width)
{
$thumb_width = $max_width;
$thumb_height = round($thumb_width * $aspect_ratio);
}
$width = $thumb_width;
$height = $thumb_height;
$dst_img = #imagecreatetruecolor($width, $height);
if(!$dst_img)
return 4;
$success = #imagecopyresampled($dst_img,$src_im,0,0,0,0,$width,$height,$width_orig,$height_orig);
if(!$success)
return 4;
switch ($image_type)
{
case 1: $success = #imagegif($dst_img,$th_filename); break;
case 2: $success = #imagejpeg($dst_img,$th_filename,intval($quality*100)); break;
case 3: $success = #imagepng($dst_img,$th_filename,intval($quality*9)); break;
}
if(!$success)
return 4;
}
return 0;
}
return 1;
}
The return codes are just here to differentiate between different types of errors.
By looking back at that code, I don't like the "magic number" trick. I'm gonna have to change that (by exceptions for example).
if (!empty($_FILES["pic$index"]["name"])) {
$ext = substr($_FILES["pic$index"]["name"], strrpos($_FILES["pic$index"]["name"], '.') + 1);
$dir = "../gallery/$mkdir";
// Move it
if(move_uploaded_file($_FILES["pic$index"]["tmp_name"] , "$dir/img-$index.$ext.tmp"))
{
// Resize it
GenerateThumbnail("$dir/img-$index.$ext.tmp","$dir/img-$index.$ext",600,800,0.80);
// Delete full size
unlink("$dir/img-$index.$ext.tmp");
}
}
Use move_uploaded_file to move it (recommanded) and then you can resize it and send it to it's final destination. You might not even need the ".tmp", you can use.
// Move it
if(move_uploaded_file($_FILES["pic$index"]["tmp_name"] , "$dir/img-$index.$ext"))
// Resize it
GenerateThumbnail("$dir/img-$index.$ext","$dir/img-$index.$ext",600,800);
Keep in mind that the picture you are dealing with is already uploaded on the server. You actualy want to resize picture before storing it in "safe place".
$_FILES["pic$index"]["tmp_name"] is probably /tmp/somepicturesname