Jump to content

Help With A Script

the-hardy-kid

By the-hardy-kid
in PHP Coding Help

 Share

Recommended Posts

Bendude14 Member

Bendude14

Posted
Posted

well you could do it like this

 

<img src"image<?php rand(1, 10) ?>.jpg" alt"" />

 

This is presuming all  your images start with the name "image" and then i am just randomly generating a number from 1 - 10.

 

Hope this helps

Link to comment
Share on other sites
the-hardy-kid Newbie

the-hardy-kid

Posted
  • Author
Posted

Ah. Sorry. Well, I have a website that uses PHP and enables users to upload their pictures

(http://uviewit.110mb.com) and I am needing some way for people to browse these pictures.

 

So, I am going to put links to random pictures on the front page.

I need help with what function to use...

 

What I'm considering...

<img src="<?php echo 'upload/' . $_way to display a random image; ?>" />

 

And no, all images have the names they had from the users computer when uploaded.

Link to comment
Share on other sites
Bendude14 Member

Bendude14

Posted
Posted

well i would suggest that for sure probably something like the users id number then the number of the image.

 

The way you have it now if i upload an image called party.jpg and then someone else does the same next week theres would overwrite mine?

 

There for showing there picture on my profile etc?

Link to comment
Share on other sites
sKunKbad Advanced Member

sKunKbad

Posted
Posted

Think about this: Some image files that are altered can run malicious scripts on your server, or on the computers of your users. I won't explain how it is done, but I have done it myself for testing purposes, and it is not hard to do. Your average 13 yr old with a lot of time on his/her hands knows all about it.  Before you "randomly" show user uploaded photos on your site, you may want to consider that fact. It doesn't take a real genius to see that allowing user uploads of anything is a security vulnerability, and if you don't have enough experience to write your own random image generator, then you probably need to stop now and read more before going forward with this.

 

That said, a person named sasa on this forum once helped me with a random text generator, and with a little work you could make it work for you.

 

<?php
session_start();
$a_text_files = array(	'file_a.txt',
			'file_b.txt' ,
			'file_c.txt',
			'file_d.txt',
			'file_e.txt'
			);
if (!array_key_exists('rand_text_files', $_SESSION)) $_SESSION['rand_text_files'] = $a_text_files;
if (count($_SESSION['rand_text_files']) == 0) $_SESSION['rand_text_files'] = $a_text_files;
shuffle($_SESSION['rand_text_files']);
$rand_text = $_SESSION['rand_text_files'][0];
unset($_SESSION['rand_text_files'][0]);
$handle = file($rand_text);
foreach ($handle as $line_num => $line) {
echo $line;
}
?>

 

Thanks again sasa!

Link to comment
Share on other sites
Bendude14 Member

Bendude14

Posted
Posted

surely your image upload script is already checking to make sure that only images can be uploaded? and also a restriction on size of the image?

 

in my image upload scripts i  use

 

getimagesize() - to make sure it was an image

is_uploaded_file() -  to make sure it was uploaded from http

 

maybe you should look on google for an image upload script with validation and rename functions should be plenty about

 

Link to comment
Share on other sites
the-hardy-kid Newbie

the-hardy-kid

Posted
  • Author
Posted

My current upload script is this:

 

<?php
if ((($_FILES['file']['type'] == 'image/jpg')
|| ($_FILES['file']['type'] == 'image/pjpg')
|| ($_FILES['file']['type'] == 'image/png'))
&& ($_FILES['file']['size'] < 2000000))
    {
    if ($_FILES['file']['error'] > 0)
    echo "Error: " . $_FILES['file']['error'] . "<br />";
    }
    else
    {
    echo "Name " . $_FILES['file']['name'];
    }
    if (file_exists("upload/" . $_FILES['file']['name']))
    {
    echo "File Already Exists";
    }
    else
    {
    move_uploaded_file($_FILES['file']['name'],"upload/" . $_FILES['file']['name']);
    }
?>
<br /><br />

<form action="viewpic.php" method="get">
<input type="hidden" name="pic" value="<?php echo 'upload/' . $_FILES['file']['name']; ?>">
<input type="hidden" name="name" value="<?php echo $_FILES['file']['name']; ?>">
<input type="submit" value=" View Picture! "/>
</form>

<?php 
if (file_exists("upload/" . $_FILES['file']['name']))
{
$path='upload/' . $_FILES['file']['name'];
chmod($path, 0766);
}
?>

 

How can I put in rename() and still make it move it from the tmp folder to /upload/ ???

Link to comment
Share on other sites
Bendude14 Member

Bendude14

Posted
Posted

here is an image upload script ive used before off the net..

 

I was using the users name as there pic so i simply replaced the space with an underscore for the image name.

 

<?php

if(array_key_exists('fileUpload', $_POST)) {
// set a max file size for the html upload form
$max_file_size = 3000000; // size in bytes

// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);

// make a note of the directory that will recieve the uploaded files
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . '/upload';

// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.php';

// make a note of the location of the success page
$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.php?uploaded=yes';

// name of the fieldname used for the file in the HTML form
$fieldname = 'file';



// Now let's deal with the upload

// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded', 
                2 => 'html form max file size exceeded', 
                3 => 'file upload was only partial', 
                4 => 'no file was attached');

// check the upload form was actually submitted else print form
isset($_POST['fileUpload'])
or error('the upload form is neaded', $uploadForm);

// check for standard uploading errors
($_FILES[$fieldname]['error'] == 0)
or error($errors[$_FILES[$fieldname]['error']], $uploadForm);

// check that the file we are working on really was an HTTP upload
@is_uploaded_file($_FILES[$fieldname]['tmp_name'])
or error('not an HTTP upload', $uploadForm);

// validation... since this is an image upload script we 
// should run a check to make sure the upload is an image
@getimagesize($_FILES[$fieldname]['tmp_name'])
or error('only image uploads are allowed', $uploadForm);

// make a unique filename for the uploaded file and check it is 
// not taken... if it is keep trying until we find a vacant one
$now = '0';
$fname = str_replace(' ', '_', $name);
$uploadFilename = $uploadsDirectory.$fname.".jpg";


// now let's move the file to its final and allocate it with the new filename
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)
or error('receiving directory insuffiecient permission', $uploadForm);

// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to the success page.
header('Location: ' . $uploadSuccess);

}

// make an error handler which will be used if the upload fails
function error($error, $location, $seconds = 5)
{
header("Refresh: $seconds; URL=\"$location\"");
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
'"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
'<html lang="en">'."\n".
'	<head>'."\n".
'		<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n".
'		<link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
'	<title>Upload error</title>'."\n\n".
'	</head>'."\n\n".
'	<body>'."\n\n".
'	<div id="Upload">'."\n\n".
'		<h1>Upload failure</h1>'."\n\n".
'		<p>An error has occured: '."\n\n".
'		<span class="red">' . $error . '...</span>'."\n\n".
'	 	The upload form is reloading</p>'."\n\n".
'	 </div>'."\n\n".
'</html>';
exit;
} // end error handler

?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.