-
Posts
80 -
Joined
-
Last visited
Never
Posts posted by corrupshun
-
-
I'm using PHP GD and everytime I upload a file I exported from photoshop/fireworks it crashes. (such as banners in .gif formats)
The program basically uploads an image, resizes it based on it's height/width ratio, places it in a new location, and inserts the filename into the database to the corrosponding username.
This is the info apace gave me.
Problem Event Name: APPCRASHApplication Name: httpd.exe
Application Version: 2.2.11.0
Application Timestamp: 493f5d44
Fault Module Name: ntdll.dll
Fault Module Version: 6.1.7600.16385
Fault Module Timestamp: 4a5bdadb
Exception Code: c0000005
Exception Offset: 00046b90
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
that may or may not be helpful..
Here's the code.
Please note that apache doesn't comepltly crash, it opens a window that says it stopped running, but still runs. The php page then doesn't load.
Here's the PHP:
<?php function resize() { if(isset($_COOKIE['username'])) { //----------------------------------------------------------------------- //upload an image that is gif||jpg||jpeg||png && is less than 1mb //save to a temporary spot //set max height and width //get height and width of uploaded file //resize the image and save it to a new location //----------------------------------------------------------------------- //set local variables // $username = $_COOKIE['username']; $maxsize = 10*1048576; // // if(isset($_POST['submit']) && $_POST['submit'] == "Upload!") { if($maxsize > $_FILES['upload']['size']) { if(isset($_FILES['upload']['name']) && isset($_FILES['upload']['size'])) { if(isset($_FILES['upload']['type']) && ($_FILES['upload']['type'] == "image/gif") || ($_FILES['upload']['type'] == "image/jpeg") || ($_FILES['upload']['type'] == "image/pjpeg") || ($_FILES['upload']['type'] == "image/png") || ($_FILES['upload']['type'] == "image/x-png")) { if($_FILES['upload']['error'] > 0) { switch($_FILES['upload']['error']) { case 1: echo 'File is too big for the server to handle.'; break; case 2: echo 'File is bigger than the max file size.'; break; case 3: echo 'File was not uploaded fully.'; break; case 4: echo 'No file was even uploaded.'; break; }//switch }//if error else { ///////////////////SQL//////////////////// $con = mysql_connect('localhost','root'); mysql_select_db("Forum",$con); ///////////// $sql = "SELECT MAX(Avatar) FROM Users"; $query = mysql_query($sql); while($row = mysql_fetch_assoc($query)) { $max = $row['MAX(Avatar)']; } $max++; ///////////// $sql = "SELECT Avatar FROM Users WHERE Username='$username'"; $query = mysql_query($sql); while($row = mysql_fetch_assoc($query)) { $current = $row['Avatar']; } ////////////////////////////////////////// ////////////////Variables///////////////// $save = "img/avatars/{$max}.gif"; $max_h = '110'; $max_w = '110'; $name = $_FILES['upload']['name']; $type = $_FILES['upload']['type']; $temp = $_FILES['upload']['tmp_name']; $file = "uploads/$name"; $tempname = "uploads/temp.gif"; $currentav = "img/avatars/{$current}.gif"; ////////////////////////////////////////// move_uploaded_file($temp,"$file"); if($type == 'image/jpeg' || 'image/pjpeg') { $image = imagecreatefromjpeg($file); imagegif($image, $tempname); imagedestroy($image); } else if($type == 'image/png' || 'image/x-png') { $image = imagecreatefrompng($file); imagegif($image, $tempname); imagedestroy($image); } else if($type == 'image/gif') { $image = imagecreatefromgif($file); imagegif($image, $tempname); imagedestroy($image); } list($width, $height) = getimagesize($file); if($height > $width) { $ratio = $height/$width; $f_width = $max_w/$ratio; $f_height = $max_h; } else if($width > $height) { $ratio = $width/$height; $f_height = $max_h/$ratio; $f_width = $max_w; } else if($width == $height) { $f_height = $max_h; $f_width = $max_w; } $box = imagecreatetruecolor($f_width, $f_height); $image = imagecreatefromgif($tempname); imagecopyresampled($box, $image, 0, 0, 0, 0, $f_width, $f_height, $width, $height); unlink($tempname); imagegif($box, $save, 100); unlink($file); unlink($currentav); $insert = "UPDATE Users SET Avatar='$max' WHERE Username='$username'"; if(mysql_query($insert)) { echo '<div class="error">Success.</div>'; } }//else }//if upload else { echo '<div class="error">Form was submitted but nothing was uploaded..<br />'; echo "The MIME type of: {$_FILES['upload']['type']} is not currently allowed.</div>"; }//else }//if name and size isset else { echo '<div class="error">Submitted but not uploaded.</div>'; }//else }//if maxsize else { echo '<div class="error">It\'s too big.</div>'; }//else }//if submit is set else { ?> <form enctype="multipart/form-data" action="avatar.php" method="post"> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $maxsize; ?>" /> Avatar File: <input type="file" name="upload" class="dupload" /><br /> <input type="submit" name="submit" value="Upload!" class="dsubmit" /> </form> <?php } } else { echo '<div class="error">You cannot upload an avatar while you are not logged in. <br /> Please <a href="login.php">Log-in</a> or <a href="register.php">Register</a>.</div>'; } }//end of function ?>
Thank you to whomever reads this. I greatly appreciate it
-
I can't use sessions (as you stated), so can anbody tell me how to do this in cURL?
I've always heard of it but never looked into it.
Thanks!
-
process.php:
<?php $email = $_POST['email']; header('Location: http://www.example.com'); ?>
I would want process.php to take the $email variable and pass it to another page as a POST.
Is this possible in conjunction with header()?
Or is there another way I could do it?
-
Hi corrupshun,
Cookies and Sessions are useful for different things. The advantage of cookies is that they can persist after the user has closed their browser. Generally, sessions are more reliable because the user can turn off cookies so you can't depend on the data they contain, though very few people actually do that. Some complex server environments where you may have many load balanced servers and proxy servers can make the use of sessions unreliable. I have done quite a bit of work for the BBC and within their complex server environment, session data can get lost. It really comes down to a judgement call as to which suits the job you are doing best. If you are in doubt then both is the safest option.
Fergal
thank you for the response but it didn't quite answer my question
-
While programming website i often wonder if I should use both sessions and cookies, just in case that the cookies are disabled.
Also I was reading a php book (PHP in a Nutshell) and it said cookies are very insecure and can be edited to send false information to my server, because malicious users can edit them. I knew I could edit them but I didn't know I could hack them! Is this true?
My third question is what I store in cookies when using a login script. (my current one sets the username as a cookie.)
Thanks.
-
(this may not help..)
But I think it's very well done.
Didn't read previous comment, they may have said this.. but...
the contact us link is broken.
plus it aligns left..
-
make a form the has the action set to the website and the method as post..
-
you can use preg_replace()
unfourtunately I do not know much preg_match, but now you know where to start
-
get rid of the submit variable, you won't be using it.
replace:
if ($submit)
with
if(isset($_POST['submit']))
this checks to see if submit is set. If it is set then it will produce 'true', if it's not true, it will be false.
The 'if' statement checks to see if the condition is true or false. that's ALL it checks.
If you still need more help look up booleans
-
I know your problem, where you have
$submit = $_POST['submit'];
and then
if ($submit)
if checks to see if it is true or false, what your putting inside it is if(submit), which won't do anything.
I am assuming your making it check to see if the person submitted the page, use this:
<?php if(isset($_POST['submit'])) { //do register stuff } else { //show register form } ?>
And as a side note, what you have here is VERY insecure, so i'm hoping your not uploading that script somewhere. It's open to SQL Injection.
-
did you get an error?
-
-
if your pages are generated from content in the db then you will have a db record for each page.
This content info in the db needs to have a views field
then whenever that page is loaded you include a query to update the views by iincrementing by 1
I know that, I'm mostly asking how to check if the same IP has been to the page before, and if so, to not increment it.
-
I want to do it like a forum does, where everytime the page loads i could add 1 to the views in the database, while also making sure that the same IP doesn't add more than once? I know i could select the database then count it, then add it, but is there a simplier way (while implementing the same IP concept?)
A link would be suffice
-Aus THE BOSS
-
yeah, i'm using ie8.
it looks FUCKED UP
all the information for users to read is after the end of the page, which is probably not what it looks like on other browsers
Float it.
It should also be centered, that'd make me happy
-
If not, please tell me ways to improve
Thanks!
---Forum---
>>Users
....UserID
....Username
....Date
....IP
....Email
....Password
....Level
....Posts
....Avatar
>>Forums
....ForumID
....Forum
....ForumInfo
....ForumSubject
....ForumTopics
....ForumPosts
>>Topics
....Username
....TopicID
....Topic
....TopicViews
....TopicReplies
....InForum
>>Posts
....Username
....PostID
....Post
....PostDate
....InForum
....InTopic
-
I like the design but I don't think people will be willing to pay $4.50 for 15gb of space and 35gb bandwidth, because other sites allow unlimited space and unlimited bandwidth for nearly $6.00.
that said, the free service looks really good!
will this include php and smtp? (i'm assuming so )
-
How can i do this is mysql/php?
I want to have pages with posts, like a forum,
when ?page=1 it will show results 1-10
on ?page=2 it will show results 11-20
is it difficult? I know how to use the get method but i want to know the sql
thanks!
-
I'm Austin, 16 years old..
I'm currently learning php in my free time so I can get a job.
I sell mountain dew to currently make money.
I know HTML,CSS, and want to learn all of php
I suck at mysql, but I'm working on that
I just created finished my first login/register script today, which is both secure and bug-free.
It took me a week to finally sit down and say I'MMA DO THIS
I love learning php, and i need to learn a thing or two about design!
The people on this website are wicked awesome.
THANK YOU to ANYONE who even read any of my posts (which there were a few)
Like I said, I suck, but eventually you will all envy me
-
-
Looks really nice!
(not really advice but..) where'd you learn to do the images? I can't make anything good
-
well what i am trying to do is preventing the user from downloading the same file twice or when they cancel the download.
You could make it so it records the ip address while it is interacting with your file and when the connection is destroyed disable rights to the file for that ip address.
Which I don't know how to actually put in php..
sorry i'm a failure!
-
Rather than inverting the result of the preg_match and comparing it to 0 why not simply have...
if(preg_match('~^[a-z0-9._-]+$~iD', $_POST['username'])) {
thank you
-
hmm
you could use this information to create a processor:
American Express 3400 0000 0000 009
Carte Blanche 3000 0000 0000 04
Discover 6011 0000 0000 0004
Diners Club 3852 0000 0232 37
enRoute 2014 0000 0000 009
JCB 2131 0000 0000 0008
MasterCard 5500 0000 0000 0004
Solo 6334 0000 0000 0004
Switch 4903 0100 0000 0009
Visa 4111 1111 1111 1111
Laser 6304 1000 0000 0008
notice the length and pattern of each
This still isn't secure, like what will you do one you get the card numbers?
You pretty much have to play with the big boys if you want to get this accomplished, however
Proxies/Server Vars/Secruity
in PHP Coding Help
Posted
So i was reading up on PHP the other day and read that the IP of the user can be spoofed. I only read that the z-forwarded-ip can be spoofed.
My question is this:
Can the IP of the user be spoofed: $_SERVER['REMOTE_ADDR']