Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Posts posted by phppup

  1. From my experience (which is much less extensive than Barand's) double quotes as single quotes are mostly, but NOT ALWAYS, a matter of personal preference.

    There are definitely guidelines for dealing with strings and certain other specifics, but GENERALLY, either one will accomplish a task (as long as you remain consistent in your usage).

    To dissect your example:

    $var = 'value';  //since value is a non-numerical text the quotes are required

    echo 'value';  //simply tells PHP that you want the text inside the quotes to be displayed

    echo '$var';  //indicates that you want the item in the quotes (which translates to a variable value, in this case) to be displayed.

    echo " 'var' ";  //would tell PHP to display the text value surrounded by the first set of quotes (the double quotes) and the $ will inform PHP to use the variable The expected result would be 'var' (although you may trigger an error bc you didn't handle the single quotes as special characters)

    Taken further, if you coded:

    echo "The variable 'var'    is a test";   //it would display the exact sentence WITH the awkward spacing.

    echo 'The variable "var"    is a test';  //would duplicate above


    echo "The variable '$var' is a test";  //would INTEGRATE the text and the VARIABLE with the result of:

    The variable  'value'  is a test 

    echo "The variable ". $var . " is a test";  //would INTEGRATE the text and the VARIABLE with the result of:

    The variable  value  is a test 

    Best if you play around with the variations on your own.

    And then follow up with error checking and handling of special characters.

  2. I've cleaned up a few things, but this error message remains:

    Warning:....failed to open stream: No such file or directory in...

    I am simultaneously uploading three jpeg files from the same folder during my development / testing and this is the ONLY image that is being rejected.

    Reason? Explanation? Solution?


  3. For 1 - okay. How can I force an error message just to see how it appears?

    For 2 - ok, but why does 

    echo $im; 

    Give me the string beginning with Resource? (I honestly wasn't expecting that result).

    How can I go deeper to determine WHY a (perfectly good) image failed?

  4. Quote

        $im = @imagecreatefromjpeg($file);

    if($im == "")  {

    echo "1";} else { echo "00"; }

        //See if it failed
        if(!$im)  {
         echo "running";

     //Unaltered manipulation code from https://www.php.net/manual/en/function.imagecreatefromjpeg.php


        ////return $im;

    //displays RESOURCE ID
    echo "<br> im is ". $im;
    echo "<br>";

    header('Content-Type: image/jpeg');


    imagejpeg($im, $file);

    echo "<img src='".$file."'> ;


    My messages that seem in conflict with the result are



    im is Resource id #19

    Is there a way to validate WHY this result was given by the function?

  5. After working with the sample imagecreatefromjpeg provided in the PHP manual, I successfully got a result (after clearing my cache) from


    imagecreatefromjpeg($im, $file);

    I've gotten a good education after navigating this function over the past week, and loaded it with ECHO messages to give me insight.

    Everything was going fine.

    And then, this ONE test image came along.

    Apparently, the image (which is as good aj peg as I can find) FAILS the if(!im) test.

    When I used echo $im;  

    i discovered that when images pass through the function, they receive a "Resource" name.

    Images that FAIL are NOT named.

    This image gets a Resource name, yet FAILS. Is there a problem with my logic? A problem with the image? What would cause this? How can I verify?

  6. There's LOTS of stuff online about arrays. And you aren't going to do better than Barand.

    If you've already got an established array, you might try using print_r() [there are online resources to explain it's functionality]. This will give you a visual representation that may help you understand the arrays design.

    Don't forget that arrays begin with zero (ie: my_array[1] is the SECOND item).

    The first item WITHIN my_array[1] would be found by using


    Finding the third item in an assortment within my_array[1][0] would be accomplished with 


    Etc, etc, etc.

    Or, if you hate arrays, why not use a variable for each question?

    $question1 = "who";

    $question2 = "when";

    $question2a = "when in morning";

    $question2b = "when at night";

    $question3.….. etc.

  7. At first glance I have two questions that come to mind.

    First, why are you using the query SELECT * (asterisk gives ALL values) if you want ONLY values for a specific user?

    Perhaps, SELECT item, next item, etc WHERE username = $username would be more defining. (You can research "php select where" for better understanding)

    Also, I don't see anywhere that you are specifying which user's information you want displayed.

    Maybe I missed something, but I hope this is helpful.


  8. You're correct  The explanation is confusing.

    But if you're trying to $_POST a specific time, you don't even need to bother with hiding it in HTML.

    Just create it as a variable in your PHP and insert it from there.

    There is A LOT of information of dates and time and their notations on the web.  (The PHP manual and W3 sites are popular.)

  9. I'm not the best resource on the block, but hopefully my experience can lead you in the right direction.

    From what I see, you're problem is in this line (which, btw, is doing exactly what you've designed it to do):


    $query = "INSERT INTO list(images) VALUES ('$name')";

    You need to understand different concepts here.

    First, what the UPLOAD code is doing is to grab a bunch of images (after overcoming your first problem in the post), get their names, check their extension and eventually insert into the db.

    The catch is that it's grabbing the BUNCH and then going through this process FOR EACH; singularly.

    One by one, the BUNCH is being handled and reviewed and ultimately inserted into the db until the same process repeats for the next image in the bunch.

    Unless the image is rejected (ie: not a valid extension) it is written into the db on a new row. Then the loop goes back to the top for the next image.


    Second, your QUERY is inserting into a column called NAME.  (Do you want the images to sit on each other's laps??? Of course not) if you truly want 3 images in one row (I wouldn't recommend it) then, at the very least, you would need to add fields that they could placed into; presumably name2 and name3.

    Then it would be up to you to modify the code to either UPDATE the row during loop2 and loop3 OR create a loop that manages 3 cycles before a single INSERT into the db.

    My suggestion would be to expand on what you've got and add fields that will help you regroup the three images later on (ie: username) assuming that's the reason you want then all in one row.

    Another question would be whether you can guarantee that nobody has more than 3 images to submit. But if you give each image is own row, and reference the row to an identifier (username) they can submit unlimitedly, and you will be able to reference then accordingly.

  10. Changed my code slightly, but still not getting a successful result



    foreach ($_FILES['files']['tmp_name'] as $key => $value)  { 

            if( !empty($value) && is_uploaded_file( $value )){
                //FILE is REAL
                echo "success";
            } else {

                echo "false";


    Does is_uploaded_file merely confirm that the path described is the same path used?

    Does getimagesize() serve any purpose beyond obtaining the MIME type?

    How do I re-create a TIFF file?

  11. And I thought this was gonna be easy. LOL

    Is this a correct and effective use for security:


    foreach ($_FILES['files']['tmp_name'] as $key => $value)  { 

            if( !empty($value) && is_uploaded_file( $value )){
                //FILE is REAL
                return true;


    Does getimagesize() serve any purpose beyond obtaining the MIME type?

    How do I re-create a TIFF file?

  12. Quote

    foreach ($_FILES['files']['tmp_name'] as $key => $value)  { 

            if( !empty($value) && is_uploaded_file( $value )){
                //FILE is REAL
                return true;


    Is there a way to test it's functionality?

    Best way to ensure a TIFF is truly an image file?

  13. I've got the is_uploaded_file in place.

    Let's assume a user attempts to upload several images and the second file is an empty NOT-uploaded file.

    Is it safe to CONTINUE my loop and rename the other files?
    Or is it more advisable to BREAK the loop immediately.

    Getting back to my initial thread, for file authentication, what is the equivalent to imagecreatefromjpeg for a TIFF file?
    What's the best way to handle them to minimize vulnerability?

  14. Quote

    Would an enormous overload of memory generally be a maliciously inspired? Or simply a by-product of a particular image's content?

    Yes to both, huh?  Interesting


    string is exactly equal to the size of the file.

    Got it.

    I suppose every pixel is individually represented.

    I wasn't sure if the inner workings of an image allowed for coding that might say "each corner is black" or "top half is blue."

    A few lines of code can create miles of resulting data, but I guess an image file is more literal in it's formatting.

    Although there must be a differentiation somewhere down the line.  A camera can be set to take the same photo at different file size or different quality settings (what's the best combination when trying to budget a memory card?)

    And yet, the same photograph will produce a different file size when created in raw, jpg, or others. But that's probably a different chapter. LOL

  15. Quote

    My point is that there is a function to load any supported image type from a string, so why not a function to load any supported image type from a file too?

    I'll take a stab at this and say that a string becomes somewhat universal, but a file has stricter parameters that dictate it's handling.

    I would also suspect that while the average user accepts whatever file is afforded, there are probably pros and cons from an artistic/ photo/ graphic perspective and different image file types offer quality and access benefits.


    Because the size of an image file does not correlate with the size of the image it contains

    Would an enormous overload of memory generally be a maliciously inspired? Or simply a by-product of a particular image's content?

    Will resizing an image to a smaller file size automatically reduce it's maximum display size? It's color quality? Pixel saturation?

    I've not truly figured out what is being reduced and how the file is effected.

    So if an image file is stored in a db (not my intention, but I've seen many examples) is the file stored or is it translated into a string?  Is the 'size' of a string generally smaller than the image file it supports?

  16. Quote




    Is there a "imagecreatefromfile" that's like imagecreatefromstring but works on files directly?

    No. Why not?

    Because as long as you know the type of file your chasing, you can select the appropriate imagecreatefrom... command!

    (Not gonna ask what happens if you use the wrong one... LoL)


    For sufficiently small images...

    I was planning to resize images AFTER the upload. So image size is an unknown.

    With that in mind, I will try to maximize the allowable file size, but I'm guessing even that has limitations (regardless of my intentions for the new file)?

  17. My confusion deepens.

    It seems as if imagecreate and imagecreatefromjpeg would be cousins, with ...from jpeg being more appropriate for validation.  Am I correct in assuming that each extension needs is own ...createfromXYZ for accurate info?

    is_uploaded_file seems as if it's çlosing the barn after the horse has escaped.  If it returns FALSE, but already has a tmpname, isn't the damage already underway? Does not working/moving the particular file "save the day"?

    So we're talking non-PHP coding to validate BEFORE upload (if I choose to be ultra user-friendly?

    I appreciate your help, but regarding getimagesuze, PHP.net has a CAUTIONARY note stating: 


    Do not use getimagesize() to check that a given file is a valid image. Use a purpose-built solution 

    Thus, my confusion escalates.

  18. Secret doing some reading too educate myself, I am now more confused than before. LoL

    Trying to understand the most effective method to verify that an image is truly what is claimed.

    But the differences between using imagecreate, imagecreatefromjpeg, and is_uploaded_file are not easily noticed.

    Likewise, I read that it is best to check the image BEFORE uploading. But isn't the image already uploaded when submitted (although not yet moved or renamed)?

  19. On a somewhat related issue, I've seen a lot of 'ideas' floated "on the internet" and was wondering about this:



    echo "<script> alert('test');



    In this snippet, does PHP move the JavaScript code for client side accessibility? Or does this example add an additional burden to the server by transferring JS requirements to a server side function?

  20. While working with some PHP (contained within the same webpage) it occurred to me that using JavaScript to evaluate a form submission could alleviate server traffic; it seemed like a good idea that if the form was incomplete the JS could terminate the form and the PHP would never be run.

    As a preliminary step, i adapted this code



    document.getElementById("btn").addEventListener("click", displayDate);

    function displayDate() {

    alert (Date());  
    return false;


    My expectation was that when BTN was clicked, the ALERT would fire, and RETURN false would prevent other processes from running (similar to a DIE() in PHP).

    Instead, the ALERT was triggered, but my PHP error/confirm msgs followed.

    Rather than leave the validation to PHP, i thought I'd ask for some insight here.


  21. Thanks.

    After some thought, I kinda realized that the starting point coincided with the submittal click. I guess it was too obvious to see initially. LOL

    In playing a bit, I did find that the GIF vanishes of its own, but I thought it was a flaw of some sort, so thanks for the extra info.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.