hi i am using smart resizer (http://shiftingpixel.com/2008/03/03/smart-image-resizer/).
when i am giving path of files which exist on my server .this script gives me proper result.
but i path of another server , in this case this script is not giving proper result.
For using this script i have to pass this value in img src like following
but i want to use this as
how can i do this.
I've just looked quickly into the script and saw that it is not possible to resize remote files ;-).
So you either have to adapt the script to be able to resize remote files (which means that it has to be stored locally and then be resized) or you use another script ;-).
Related
I'm having a problem when I try to open files that were generated by my CMS on my windows machine. It has an upload function that saves the file on a given location (it is on my user folder, where I'm supposed to have all the write and read permissions).
All I can see in that folder is a generic thumbnail, the ones generated by windows for each image type, PNGs and JPEGs in this case. I tried to change de image permissions and set it to the current computer user but it doesn't work. And I'm unable to move these files to another location (upload them to the server via FTP).
I wonder if there is a way to change this behavior.
One thing I noticed is that if I copy and paste those files, I can see its contents normally. I know I can do that to each of them and rename, but there are dozens of images in that folder... don't wanna do the same thing everytime I upload a new image.
Update
This is happening only to the images that were moved (I'm using php's move_uploaded_file function, btw), not to the ones that where generated (croped, resized and so on).
It`s happening because Windows keep file permissions of TEMP folder (usually c:/windows/temp) when moving a file.
To prevent it you need to change "upload_tmp_dir" in "php.ini" to your server directory or set wide permissions to your windows temp folder.
You probably have an error in some php file which is preventing the image from being displayed correctly.
What i would do in order to detect the problem is to comment out the header() calls in the php file responsible for displaying the image and see if there is any output other than the image data.
Inspect the whole output, it only takes a character to break everything, so check if there are no blank lines at the top or bottom of the output. And in case you have an error log, consult that, it will help you trace the problem quickly.
When i have this problem, it's usually a notice or a warning showing up during the process of the image generation, and if you haven't disabled errors from being output to the screen, the notice text will be considered as part of the image data which makes the browser unable to interpret your image.
If you'd like i can take a look closely for you but i would need to see what you are doing in that php file to be able to tell you for sure.
I went to edit this PHP file - it's supposed to generate those captcha security images on contact forms - the images werent working, so I was going to see if there was a broken path or something i could fix simply.
But when I opened the file it looked like this:
http://mydomainsample.com/explosion/screenshots/Screen%20Shot%202012-05-17%20at%209.34.14%20AM.png
complete gibberish.
Is it possible this happened somehow while downloading the file from the server? I did not have ftp access to the site originally - we got control of the domain and transferred it from one host to another.
I used site sucker to backup the site before transferring, but it downloads php files as html files. you end up with filename.php.html.
in the past this has never turned the php into incomprehensible gibberish, so i dont understand why it did now.
The problem is, you cannot use programs like "site sucker" to get PHP files. This is because when you get a PHP file from a URL, the file is executed, and you're getting the output of the script. That's why you get .php.html.
It doesn't "turn the php into incomprehensible gibberish", the server runs the script and you're getting the output. Most of the time the output is HTML, which you can open as text. In this case, the script's output is a PNG file, thus why you see "gibberish". Rename the file to .png, then you'll see the image.
You need to get FTP access in order to get the PHP source.
That's a PNG image, not PHP source code.
The file actually looks like a PNG image, maybe you just downloaded output the PHP script has generated?
I made a class that converts a string of text into a png image and uploads on the server:
http://testing.mehhh.org/php/png.php (you can view php source on the page)
http://testing.mehhh.org/php/phg.php <-- shows php version
this one works great.
now I am trying to get this to work on a clients server
http://autoxplorer.com/~tameem/png.php This doesn't work!
http://autoxplorer.com/~tameem/php.php <-- also using same php version
what gives? I thought it's a permission thing.. but the png folder has full access.. and I tried a super simple uploading script and it runs and saves files to that folder. What is going on here?
You have just put online some PHP scripts that link to images. The link to the images actually is different.
http://testing.mehhh.org/php/png/4de9441d68cf8_1307132957.png
http://autoxplorer.com/~tameem/png/4de9424d41208_1307132493.png
While the first link returns actually an image, the second image link gives a 404 error. Looks like you have not configured your server properly to actually execute the PHP in the second case to return an image.
In my php application i have a folder in which all the photos are kept.
The images are in different sizes.So i want to select photos from the folder and applying some image functions and upload to a different folder through php code.
This is same as image uploading but the difference is that the source file is in server
That is i want to select photos from server applying some image functions and upload again on the server
Pls help me
If you want to keep them on the same server, no further uploading is necessary. You can just perform whatever manipulations you want (resize, etc.) then use PHP's filesystem libraries to move the files around on the server. Check them out here.
maybe with curl http://www.askapache.com/htaccess/sending-post-form-data-with-php-curl.html here a tip explaining how to send data with curl
If you select a photo from the folder and applied some image functions, instead of saving the file back to the original file, you could simply save it to it's new location...
In that case you don't need uploading and/or moving...
I am trying to secure my PHP Image upload script and the last hurdle I have to jump is making it so that users cannot directly excecute the images, but the server can still serve them in web pages. I tried changing ownership and permissions of the folders to no avail, so I am trying to store the images above public_html and display them in pages that are stored in public_html.
My File Structure:
- userimages
image.jpg
image2.jpg
- public_html
filetoserveimage.html
I tried linking to an image in the userimages folder like this:
<img src="../userimages/image.jpg">
But it does not work. Is there something I am missing here? If you have any better suggestions please let me know. I am trying to keep public users from executing potentially dangerous files they may have uploaded. Just as an extra security measure. Thanks!
You want something that's basically impossible.
The way a browser loads a page (in a very basic sense) is this:
Step 1: Download the page.
Step 2: Parse the page.
Step 3: Download anything referenced in the content of the page (images, stylesheets, javascripts, etc)
Each "Download" event is atomic.
It seems like you want to only serve images to people who have just downloaded a page that references those images.
As PHP Jedi illustrated, you can pass the files through PHP. You could expand on his code, and check the HTTP_REFERER on the request to ensure that people aren't grabbing "just" the image.
Now, serving every image through a PHP passthru script is not efficient, but it could work.
The most common reason people want to do this is to avoid "hotlinking" -- when people create image tags on other sites that reference the image on your server. When they do that, you expend resources handling requests that get presented on someone else's page.
If that's what you're really trying to avoid, you can use mod_rewrite to check the referer.
A decent-looking discussion of hotlinking/anti-hotlinking can be found here
Use an image relay script!
To serve a imagefile that is outside the public_html folder you would have to do it by a php script. E.g make a image-relay.php that reads the image that is outside the public html...
<?php
header('Content-Type: image/jpeg');
$_file = 'myimage.jpg'; // or $_GET['img']
echo file_get_contents('/myimages/'.$_file);
?>
Now, $_file could be a $_GET parameter, but its absolutley important to validate the input parameter...
now you can make an <img src="image-relay.php?img=flower.jpg"> to access a flower.jpg image that is located in /myimage/flower.jpg ...
Well, a web browser will only be able to access files and folders inside public_html.
If the public_html directory is the root of the server for your users, Apache cannot serve anything that is not inside/below that dorectory.
If you want a file to be served by Apache directly, you'll have to put it in/below public_html.
I think your misunderstanding is in the fact that if you include an image in an <img> tag, your browser will send the exact same request to the webserver to fetch it, that will be sent to the webserver if you try to open the src url of the image in your browser directly.
Therefore, either both things work, or neither.
There are hacks around, involving a (php or other) script to make sure that an IP that has requested the image has also requested the html page within the last few seconds (which will not work if the user is behind a proxy that rotates outgoing IPs) or by checking the referer (which does not work with HTTPs and also not if the user has referer disabled).
If you want to make sure that only some users can see the image (both via <img> tag and directly), you can put the image outside public_html and have a (php or other) script that verifies the user's credentials before serving the image.
If you are using Apache or lighttpd you can use the X-Sendfile header to send files that are not in the web root(provided you haven't changed the configuration of mod_xsendfile).
To learn more about X-sendfile see this site.
This solution is giving you the best possible performance as PHP doesn't send the file but the server does and therefore PHP can be exited while the files are being served.
Hope that helps.