I think I've solved my problem - I don't store the whole pathway to the file in the db, hope the script works fine once it is online...
I think it should be also noted in the original tutorial that this scripts works basically for ANY type of files, not only for images.
Read up on the mp3 format and then write a script to check the file structure matches that format.
Yeah, actually I've been making certain read ups for quite some time now, but no luck so far. Though I did find classes to work with that but as I do have the upload code written by you and slightly modified by myself for my needs, I just want to incorporate the check into it and that's all.
Afaik, checking for mime-type is not good for security, right?
Last edited by Louigi Verona; 05-28-2008 at 08:54 AM.
Just wanted to say a BIG ty to Bokeh. Someone wanted a place for people to submit their fan art and I set up the free Form M@iler script (which emails the file to you) which I realized left my hosts server COMPLETELY VULNERABLE to any type of upload.
I managed to patch in Bokeh's script by putting it in front of the form M@ailer script.
All I had to figure out was to put if ($_FILES[$fieldname]['tmp_name'] != '' ) { in front of the file check variables, and } at the end, then comment out the file storage commands so it went to the Form M@iler script instead
took me ages but it was big fun
THANK YOU SO MUCH!!!
Hey all, I've cut and pasted all week to get the code to what I wanted, and I got it to work perfectly on my localhost, but when moving everything to public server I immediately bumped into problems.
I want to make a new directory for each posting, and I do that like this:
// Create new dir in img directory for each post
$dirname = date("iBs", time());
umask(0);
mkdir("img/$dirname", 0777);
chmod("img/$dirname", 0777);
// Make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);
// Make a note of the directory that will recieve the uploaded files.
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'img/$dirname/';
And I thought I could simply add $dirname/ to the $uploadsDirectory, but then I get the "receiving directory insuffiecient permission" warning further down in the code, so it's obviously not that easy.
If I don't add $dirname/ everything works alright - the file transfer to the img folder - so I guess the $dirname/ is my issue... Do I have to chmod() that in some smart way as well, or?
The '$dirname'-directory is created as it should 0777, sub-img...
/staff
Last edited by staffstaff; 06-20-2008 at 02:01 PM.
I have problems with uploading images! I am not too new to PHP I just don't have any knowledge of file handling with PHP.
I want user to input the paths to the images and id of a game (this is for a game database). And when user selects upload this script would create a directory (name would be an id that user entered) and inside that folder there are normal images and anoder directory with thumbnails (named thumbs).
Here is the fun part! When a user selects game with that id script checks if there is a folder with that ID and then displays all that thumbnails with links to a full image. And images should be named like id_01,id_02,id_03....
Hi all this script isd great thanks very much Bokeh. Unfortunately every now and then my client is experiencing problems with uploading an image and the latest one was the following:
PHP Code:
Fatal error: Call to undefined function: error() in
C:\Inetpub\vhosts\xxxx.com\xxxx\xxxx\xxxx\xxxx.php on line 56
which is the following few lines of code
PHP Code:
foreach($active_keys as $key)
{
($_FILES[$fieldname]['error'][$key] == 0)
or error($_FILES[$fieldname]['tmp_name'][$key].': '.$errors[$_FILES[$fieldname]['error'][$key]], $uploadForm);
}
Can I just add that when Ive gone back into this and tried to upload the script the image is uploaded correctly. However the image is 1.8MB and is over 4000px wide and the client themselves admit that their internet line is not the strongest. Ive spoken to my server company and their maximum upload is 2MB so its not that!
What Im wondering is the script timing out to give me this error or is there an error in the script that I am blind too?
A while ago I asked you for a piece of script which ifd there was no image uploaded then the script would just exit i.e. this script also uploads an article and an article not always has an image hence we must exit the script. I think whats happening is that the script has timed out whist at this point in the script and hence when it gets to this point it looks like there is no image!! Does that make sense? As I say this isnt happening all the time only at certain points.
Hi this is the script in regard to the error above. Now when I enter an image that is 4841 * 2102 Im getting the error mentioned above. However when I reduce the image to 2420 * 1050 the script runs fine. Now what Im wondering is there annything that I need to do to my ini file in regard to accept this type of image or would it be best to edit my file to make it less memory heavy! Any advice is greatly appreciated. I will have to send it in two parts unfortunately.
$sql="INSERT INTO article (title, aliases, author, createddate, publishingdate, description, keywords, article, catID, snippet, frontpage, scrollbar, email, display) VALUES ('$title', '$aliases', '$author', '$createddate', '$publishingdate', '$description', '$keywords', '$article', '$catID', '$snippet', '$frontpage', '$scrollbar', '$email', '$display')";
$result=mysql_query($sql) or die ("Error!! BAD INSERT STATEMENT1!");
$query="Select Max(articleID) AS articleID from article";
$result=mysql_query($query) or die ("ERROR!! Unable to perform query!");
$row=mysql_fetch_array($result);
extract($row);
Reply With Quote
Originally Posted by Louigi Verona
Bookmarks