.jpeg.8ec67f371e1ef4cde740f60480786a37.jpeg)
phppup
-
Posts
796 -
Joined
-
Last visited
-
Days Won
1
Posts posted by phppup
-
-
I'm no guru, but it looks like I'm the only one around right now, so I'll say this:
I believe you need quotation marks around the item in parentheses.
QuoteYou have
var val9 = document.getElementById(keyword2).value;
Should be
var val9 = document.getElementById("keyword2").value;
Try fixing that on a variable and see if anything changes.
-
I've cleaned up a few things, but this error message remains:
Warning:....failed to open stream: No such file or directory in...
I am simultaneously uploading three jpeg files from the same folder during my development / testing and this is the ONLY image that is being rejected.
Reason? Explanation? Solution?
Thanks.
-
For 1 - okay. How can I force an error message just to see how it appears?
For 2 - ok, but why does
echo $im;
Give me the string beginning with Resource? (I honestly wasn't expecting that result).
How can I go deeper to determine WHY a (perfectly good) image failed?
-
Quote
$im = @imagecreatefromjpeg($file);if($im == "") {
echo "1";} else { echo "00"; }
}//See if it failed
if(!$im) {
echo "running";//Unaltered manipulation code from https://www.php.net/manual/en/function.imagecreatefromjpeg.php
}
////return $im;
//displays RESOURCE ID
echo "<br> im is ". $im;
echo "<br>";header('Content-Type: image/jpeg');
//imagejpeg($img);
imagejpeg($im, $file);
echo "<img src='".$file."'> ;My messages that seem in conflict with the result are
Quote1runningi
im is Resource id #19
Is there a way to validate WHY this result was given by the function?
-
After working with the sample imagecreatefromjpeg provided in the PHP manual, I successfully got a result (after clearing my cache) from
Quoteimagecreatefromjpeg($im, $file);
I've gotten a good education after navigating this function over the past week, and loaded it with ECHO messages to give me insight.
Everything was going fine.
And then, this ONE test image came along.
Apparently, the image (which is as good aj peg as I can find) FAILS the if(!im) test.
When I used echo $im;
i discovered that when images pass through the function, they receive a "Resource" name.
Images that FAIL are NOT named.
This image gets a Resource name, yet FAILS. Is there a problem with my logic? A problem with the image? What would cause this? How can I verify?
-
There's LOTS of stuff online about arrays. And you aren't going to do better than Barand.
If you've already got an established array, you might try using print_r() [there are online resources to explain it's functionality]. This will give you a visual representation that may help you understand the arrays design.
Don't forget that arrays begin with zero (ie: my_array[1] is the SECOND item).
The first item WITHIN my_array[1] would be found by using
my_array[1][0]
Finding the third item in an assortment within my_array[1][0] would be accomplished with
my_array[1][0][2]
Etc, etc, etc.
Or, if you hate arrays, why not use a variable for each question?
$question1 = "who";
$question2 = "when";
$question2a = "when in morning";
$question2b = "when at night";
$question3.….. etc.
-
Or you could simply say:
Your session will expire in X hours from the time of this email.
Then it's on them. LOL
(a little sneaky, but Hey, it'll work and also remove complications on your end)
-
AWESOME.
Glad we could help.
-
At first glance I have two questions that come to mind.
First, why are you using the query SELECT * (asterisk gives ALL values) if you want ONLY values for a specific user?
Perhaps, SELECT item, next item, etc WHERE username = $username would be more defining. (You can research "php select where" for better understanding)
Also, I don't see anywhere that you are specifying which user's information you want displayed.
Maybe I missed something, but I hope this is helpful.
-
You're correct The explanation is confusing.
But if you're trying to $_POST a specific time, you don't even need to bother with hiding it in HTML.
Just create it as a variable in your PHP and insert it from there.
There is A LOT of information of dates and time and their notations on the web. (The PHP manual and W3 sites are popular.)
-
I'm not the best resource on the block, but hopefully my experience can lead you in the right direction.
From what I see, you're problem is in this line (which, btw, is doing exactly what you've designed it to do):
Quote$query = "INSERT INTO list(images) VALUES ('$name')";
You need to understand different concepts here.
First, what the UPLOAD code is doing is to grab a bunch of images (after overcoming your first problem in the post), get their names, check their extension and eventually insert into the db.
The catch is that it's grabbing the BUNCH and then going through this process FOR EACH; singularly.
One by one, the BUNCH is being handled and reviewed and ultimately inserted into the db until the same process repeats for the next image in the bunch.
Unless the image is rejected (ie: not a valid extension) it is written into the db on a new row. Then the loop goes back to the top for the next image.
Second, your QUERY is inserting into a column called NAME. (Do you want the images to sit on each other's laps??? Of course not) if you truly want 3 images in one row (I wouldn't recommend it) then, at the very least, you would need to add fields that they could placed into; presumably name2 and name3.
Then it would be up to you to modify the code to either UPDATE the row during loop2 and loop3 OR create a loop that manages 3 cycles before a single INSERT into the db.
My suggestion would be to expand on what you've got and add fields that will help you regroup the three images later on (ie: username) assuming that's the reason you want then all in one row.
Another question would be whether you can guarantee that nobody has more than 3 images to submit. But if you give each image is own row, and reference the row to an identifier (username) they can submit unlimitedly, and you will be able to reference then accordingly.
-
Changed my code slightly, but still not getting a successful result
Quoteforeach ($_FILES['files']['tmp_name'] as $key => $value) {
if( !empty($value) && is_uploaded_file( $value )){
//FILE is REAL
echo "success";
} else {echo "false";
}
Does is_uploaded_file merely confirm that the path described is the same path used?
Does getimagesize() serve any purpose beyond obtaining the MIME type?
How do I re-create a TIFF file?
-
And I thought this was gonna be easy. LOL
Is this a correct and effective use for security:
Quoteforeach ($_FILES['files']['tmp_name'] as $key => $value) {
if( !empty($value) && is_uploaded_file( $value )){
//FILE is REAL
return true;
}}
Does getimagesize() serve any purpose beyond obtaining the MIME type?
How do I re-create a TIFF file?
-
Thanks for clearing up a few things.
Informative article, but didn't tell me how to prevent or handle an attack.
-
Quote
foreach ($_FILES['files']['tmp_name'] as $key => $value) {
if( !empty($value) && is_uploaded_file( $value )){
//FILE is REAL
return true;
}}
Is there a way to test it's functionality?
Best way to ensure a TIFF is truly an image file?
-
I've got the is_uploaded_file in place.
Let's assume a user attempts to upload several images and the second file is an empty NOT-uploaded file.
Is it safe to CONTINUE my loop and rename the other files?
Or is it more advisable to BREAK the loop immediately.
Getting back to my initial thread, for file authentication, what is the equivalent to imagecreatefromjpeg for a TIFF file?
What's the best way to handle them to minimize vulnerability? -
Quote
Would an enormous overload of memory generally be a maliciously inspired? Or simply a by-product of a particular image's content?
Yes to both, huh? Interesting
Quotestring is exactly equal to the size of the file.
Got it.
I suppose every pixel is individually represented.
I wasn't sure if the inner workings of an image allowed for coding that might say "each corner is black" or "top half is blue."
A few lines of code can create miles of resulting data, but I guess an image file is more literal in it's formatting.
Although there must be a differentiation somewhere down the line. A camera can be set to take the same photo at different file size or different quality settings (what's the best combination when trying to budget a memory card?)
And yet, the same photograph will produce a different file size when created in raw, jpg, or others. But that's probably a different chapter. LOL
-
Quote
My point is that there is a function to load any supported image type from a string, so why not a function to load any supported image type from a file too?
I'll take a stab at this and say that a string becomes somewhat universal, but a file has stricter parameters that dictate it's handling.
I would also suspect that while the average user accepts whatever file is afforded, there are probably pros and cons from an artistic/ photo/ graphic perspective and different image file types offer quality and access benefits.
QuoteBecause the size of an image file does not correlate with the size of the image it contains
Would an enormous overload of memory generally be a maliciously inspired? Or simply a by-product of a particular image's content?
Will resizing an image to a smaller file size automatically reduce it's maximum display size? It's color quality? Pixel saturation?
I've not truly figured out what is being reduced and how the file is effected.
So if an image file is stored in a db (not my intention, but I've seen many examples) is the file stored or is it translated into a string? Is the 'size' of a string generally smaller than the image file it supports?
-
QuoteQuote
Is there a "imagecreatefromfile" that's like imagecreatefromstring but works on files directly?
No. Why not?
Because as long as you know the type of file your chasing, you can select the appropriate imagecreatefrom... command!
(Not gonna ask what happens if you use the wrong one... LoL)
QuoteFor sufficiently small images...
I was planning to resize images AFTER the upload. So image size is an unknown.
With that in mind, I will try to maximize the allowable file size, but I'm guessing even that has limitations (regardless of my intentions for the new file)?
-
My confusion deepens.
It seems as if imagecreate and imagecreatefromjpeg would be cousins, with ...from jpeg being more appropriate for validation. Am I correct in assuming that each extension needs is own ...createfromXYZ for accurate info?
is_uploaded_file seems as if it's çlosing the barn after the horse has escaped. If it returns FALSE, but already has a tmpname, isn't the damage already underway? Does not working/moving the particular file "save the day"?
So we're talking non-PHP coding to validate BEFORE upload (if I choose to be ultra user-friendly?
I appreciate your help, but regarding getimagesuze, PHP.net has a CAUTIONARY note stating:
QuoteDo not use getimagesize() to check that a given file is a valid image. Use a purpose-built solution
Thus, my confusion escalates.
-
Secret doing some reading too educate myself, I am now more confused than before. LoL
Trying to understand the most effective method to verify that an image is truly what is claimed.
But the differences between using imagecreate, imagecreatefromjpeg, and is_uploaded_file are not easily noticed.
Likewise, I read that it is best to check the image BEFORE uploading. But isn't the image already uploaded when submitted (although not yet moved or renamed)?
-
On a somewhat related issue, I've seen a lot of 'ideas' floated "on the internet" and was wondering about this:
Quote<?php
echo "<script> alert('test');
</script>";
?>
In this snippet, does PHP move the JavaScript code for client side accessibility? Or does this example add an additional burden to the server by transferring JS requirements to a server side function?
-
While working with some PHP (contained within the same webpage) it occurred to me that using JavaScript to evaluate a form submission could alleviate server traffic; it seemed like a good idea that if the form was incomplete the JS could terminate the form and the PHP would never be run.
As a preliminary step, i adapted this code
Quote<script>
document.getElementById("btn").addEventListener("click", displayDate);
function displayDate() {
alert (Date());
return false;
}</script>
My expectation was that when BTN was clicked, the ALERT would fire, and RETURN false would prevent other processes from running (similar to a DIE() in PHP).
Instead, the ALERT was triggered, but my PHP error/confirm msgs followed.
Rather than leave the validation to PHP, i thought I'd ask for some insight here.
Thanks.
-
Thanks.
After some thought, I kinda realized that the starting point coincided with the submittal click. I guess it was too obvious to see initially. LOL
In playing a bit, I did find that the GIF vanishes of its own, but I thought it was a flaw of some sort, so thanks for the extra info.
all differences with using single quotes and double quotes
in PHP Coding Help
Posted
From my experience (which is much less extensive than Barand's) double quotes as single quotes are mostly, but NOT ALWAYS, a matter of personal preference.
There are definitely guidelines for dealing with strings and certain other specifics, but GENERALLY, either one will accomplish a task (as long as you remain consistent in your usage).
To dissect your example:
$var = 'value'; //since value is a non-numerical text the quotes are required
echo 'value'; //simply tells PHP that you want the text inside the quotes to be displayed
echo '$var'; //indicates that you want the item in the quotes (which translates to a variable value, in this case) to be displayed.
echo " 'var' "; //would tell PHP to display the text value surrounded by the first set of quotes (the double quotes) and the $ will inform PHP to use the variable The expected result would be 'var' (although you may trigger an error bc you didn't handle the single quotes as special characters)
Taken further, if you coded:
echo "The variable 'var' is a test"; //it would display the exact sentence WITH the awkward spacing.
echo 'The variable "var" is a test'; //would duplicate above
BUT
echo "The variable '$var' is a test"; //would INTEGRATE the text and the VARIABLE with the result of:
The variable 'value' is a test
echo "The variable ". $var . " is a test"; //would INTEGRATE the text and the VARIABLE with the result of:
The variable value is a test
Best if you play around with the variations on your own.
And then follow up with error checking and handling of special characters.