Jump to content

corrupshun

Members
  • Posts

    80
  • Joined

  • Last visited

    Never

Posts posted by corrupshun

  1. I'm using PHP GD and everytime I upload a file I exported from photoshop/fireworks it crashes. (such as banners in .gif formats)

    The program basically uploads an image, resizes it based on it's height/width ratio, places it in a new location, and inserts the filename into the database to the corrosponding username.

    This is the info apace gave me.

      Problem Event Name: APPCRASH

      Application Name: httpd.exe

      Application Version: 2.2.11.0

      Application Timestamp: 493f5d44

      Fault Module Name: ntdll.dll

      Fault Module Version: 6.1.7600.16385

      Fault Module Timestamp: 4a5bdadb

      Exception Code: c0000005

      Exception Offset: 00046b90

      OS Version: 6.1.7600.2.0.0.256.1

      Locale ID: 1033

      Additional Information 1: 0a9e

      Additional Information 2: 0a9e372d3b4ad19135b953a78882e789

      Additional Information 3: 0a9e

      Additional Information 4: 0a9e372d3b4ad19135b953a78882e789

    that may or may not be helpful..

    Here's the code.

    Please note that apache doesn't comepltly crash, it opens a window that says it stopped running, but still runs. The php page then doesn't load.

    Here's the PHP:

    <?php
    function resize() {
    if(isset($_COOKIE['username'])) {
    //-----------------------------------------------------------------------
    //upload an image that is gif||jpg||jpeg||png  && is less than 1mb
    //save to a temporary spot
    //set max height and width
    //get height and width of uploaded file
    //resize the image and save it to a new location
    //-----------------------------------------------------------------------
    //set local variables
    //
      $username  = $_COOKIE['username'];
      $maxsize   = 10*1048576;
    //
    //
    if(isset($_POST['submit']) && $_POST['submit'] == "Upload!") {
    if($maxsize > $_FILES['upload']['size']) {
    if(isset($_FILES['upload']['name']) && isset($_FILES['upload']['size'])) {
    if(isset($_FILES['upload']['type']) && ($_FILES['upload']['type'] == "image/gif")
    || ($_FILES['upload']['type'] == "image/jpeg")
    || ($_FILES['upload']['type'] == "image/pjpeg")
    || ($_FILES['upload']['type'] == "image/png")
    || ($_FILES['upload']['type'] == "image/x-png")) {
    
    if($_FILES['upload']['error'] > 0) {
    switch($_FILES['upload']['error']) {
    case 1: echo 'File is too big for the server to handle.';
    break;
    case 2: echo 'File is bigger than the max file size.';
    break;
    case 3: echo 'File was not uploaded fully.';
    break;
    case 4: echo 'No file was even uploaded.';
    break;
    }//switch
    }//if error
    else {
    
    ///////////////////SQL////////////////////
    $con = mysql_connect('localhost','root');
    mysql_select_db("Forum",$con);
    /////////////
    $sql = "SELECT MAX(Avatar) FROM Users";
    $query = mysql_query($sql);
    while($row = mysql_fetch_assoc($query)) {
    $max = $row['MAX(Avatar)'];
    }
    $max++;
    /////////////
    $sql = "SELECT Avatar FROM Users WHERE Username='$username'";
    $query = mysql_query($sql);
    while($row = mysql_fetch_assoc($query)) {
    $current = $row['Avatar'];
    }
    //////////////////////////////////////////
    ////////////////Variables/////////////////
    
      $save      = "img/avatars/{$max}.gif";
      $max_h     = '110';
      $max_w     = '110';
      $name      = $_FILES['upload']['name'];
      $type      = $_FILES['upload']['type'];
      $temp      = $_FILES['upload']['tmp_name'];
      $file      = "uploads/$name";
      $tempname  = "uploads/temp.gif";
      $currentav = "img/avatars/{$current}.gif";
    //////////////////////////////////////////
    move_uploaded_file($temp,"$file");
    
    if($type == 'image/jpeg' || 'image/pjpeg') {
    $image = imagecreatefromjpeg($file);
    imagegif($image, $tempname);
    imagedestroy($image);
    }
    else if($type == 'image/png' || 'image/x-png') {
    $image = imagecreatefrompng($file);
    imagegif($image, $tempname);
    imagedestroy($image);
    }
    else if($type == 'image/gif') {
    $image = imagecreatefromgif($file);
    imagegif($image, $tempname);
    imagedestroy($image);
    }
    list($width, $height) = getimagesize($file);
    
    if($height > $width) {
    $ratio = $height/$width;
    $f_width = $max_w/$ratio;
    $f_height = $max_h;
    }
    else if($width > $height) {
    $ratio = $width/$height;
    $f_height = $max_h/$ratio;
    $f_width = $max_w;
    }
    else if($width == $height) {
    $f_height = $max_h;
    $f_width = $max_w;
    }
    $box = imagecreatetruecolor($f_width, $f_height);
    $image = imagecreatefromgif($tempname);
    imagecopyresampled($box, $image, 0, 0, 0, 0, $f_width, $f_height, $width, $height);
    unlink($tempname);
    imagegif($box, $save, 100);
    unlink($file);
    unlink($currentav);
    $insert = "UPDATE Users SET Avatar='$max' WHERE Username='$username'";
    if(mysql_query($insert)) {
    echo '<div class="error">Success.</div>';
    }
    
    
    }//else
    }//if upload
    else {
    echo '<div class="error">Form was submitted but nothing was uploaded..<br />';
    echo "The MIME type of: {$_FILES['upload']['type']} is not currently allowed.</div>";
    }//else
    
    
    }//if name and size isset
    else {
    echo '<div class="error">Submitted but not uploaded.</div>';
    }//else
    
    
    }//if maxsize
    else {
    echo '<div class="error">It\'s too big.</div>';
    }//else
    
    
    }//if submit is set
    else {
    ?>
    <form enctype="multipart/form-data" action="avatar.php" method="post">
    <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $maxsize; ?>" />
    Avatar File: <input type="file" name="upload" class="dupload" /><br />
    <input type="submit" name="submit" value="Upload!" class="dsubmit" />
    </form>
    <?php
    }
    }
    else {
    echo '<div class="error">You cannot upload an avatar while you are not logged in. <br />
    Please <a href="login.php">Log-in</a> or <a href="register.php">Register</a>.</div>';
    }
    }//end of function
    ?>

     

    Thank you to whomever reads this. I greatly appreciate it :)

  2. Hi corrupshun,

    Cookies and Sessions are useful for different things. The advantage of cookies is that they can persist after the user has closed their browser. Generally, sessions are more reliable because the user can turn off cookies so you can't depend on the data they contain, though very few people actually do that. Some complex server environments where you may have many load balanced servers and proxy servers can make the use of sessions unreliable. I have done quite a bit of work for the BBC and within their complex server environment, session data can get lost. It really comes down to a judgement call as to which suits the job you are doing best. If you are in doubt then both is the safest option.

    Fergal

    thank you for the response but it didn't quite answer my question  ;)

  3. While programming website i often wonder if I should use both sessions and cookies, just in case that the cookies are disabled.

    Also I was reading a php book (PHP in a Nutshell) and it said cookies are very insecure and can be edited to send false information to my server, because malicious users can edit them. I knew I could edit them but I didn't know I could hack them! Is this true?

    My third question is what I store in cookies when using a login script. (my current one sets the username as a cookie.)

    Thanks.

  4. get rid of the submit variable, you won't be using it.

    replace:

    if ($submit)

    with

    if(isset($_POST['submit']))

    this checks to see if submit is set. If it is set then it will produce 'true', if it's not true, it will be false.

    The 'if' statement checks to see if the condition is true or false. that's ALL it checks.

    If you still need more help look up booleans

  5. I know your problem, where you have

    $submit = $_POST['submit'];

    and then

    if ($submit)

    if checks to see if it is true or false, what your putting inside it is if(submit), which won't do anything.

    I am assuming your making it check to see if the person submitted the page, use this:

    <?php
    if(isset($_POST['submit'])) {
    //do register stuff
    }
    else {
    //show register form
    }
    ?>

    And as a side note, what you have here is VERY insecure, so i'm hoping your not uploading that script somewhere. It's open to SQL Injection.

  6. if your pages are generated from content in the db then you will have a db record for each page.

     

    This content info in the db needs to have a views field

     

    then whenever that page is loaded you include a query to update the views by iincrementing by 1

     

    I know that, I'm mostly asking how to check if the same IP has been to the page before, and if so, to not increment it.

  7. I want to do it like a forum does, where everytime the page loads i could add 1 to the views in the database, while also making sure that the same IP doesn't add more than once? I know i could select the database then count it, then add it, but is there a simplier way (while implementing the same IP concept?)

    A link would be suffice :)

    -Aus THE BOSS

  8. If not, please tell me ways to improve

    Thanks!

     

    ---Forum---

    >>Users

    ....UserID

    ....Username

    ....Date

    ....IP

    ....Email

    ....Password

    ....Level

    ....Posts

    ....Avatar

    >>Forums

    ....ForumID

    ....Forum

    ....ForumInfo

    ....ForumSubject

    ....ForumTopics

    ....ForumPosts

    >>Topics

    ....Username

    ....TopicID

    ....Topic

    ....TopicViews

    ....TopicReplies

    ....InForum

    >>Posts

    ....Username

    ....PostID

    ....Post

    ....PostDate

    ....InForum

    ....InTopic

  9. I'm Austin, 16 years old..

    I'm currently learning php in my free time so I can get a job.

    I sell mountain dew to currently make money.

    I know HTML,CSS, and want to learn all of php

    I suck at mysql, but I'm working on that :P

    I just created finished my first login/register script today, which is both secure and bug-free.

    It took me a week to finally sit down and say I'MMA DO THIS

    I love learning php, and i need to learn a thing or two about design!

    The people on this website are wicked awesome.

    THANK YOU to ANYONE who even read any of my posts (which there were a few) :P

    Like I said, I suck, but eventually you will all envy me :D

  10. well what i am trying to do is preventing the user from downloading the same file twice or when they cancel the download.

    You could make it so it records the ip address while it is interacting with your file and when the connection is destroyed disable rights to the file for that ip address.

    Which I don't know how to actually put in php..

    sorry i'm a failure!

  11. hmm

    you could use this information to create a processor:

    American Express 3400 0000 0000 009

    Carte Blanche 3000 0000 0000 04

    Discover 6011 0000 0000 0004

    Diners Club 3852 0000 0232 37

    enRoute 2014 0000 0000 009

    JCB 2131 0000 0000 0008

    MasterCard 5500 0000 0000 0004

    Solo 6334 0000 0000 0004

    Switch 4903 0100 0000 0009

    Visa 4111 1111 1111 1111

    Laser 6304 1000 0000 0008

     

    notice the length and pattern of each

    This still isn't secure, like what will you do one you get the card numbers?

    You pretty much have to play with the big boys if you want to get this accomplished, however

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.