Jump to content

Stuck...1 line ruining program -- search array


webmistress

Recommended Posts

this bit of code has me spinning.....i'm attempting to upload a CORRECT file type..from the research i've done i think theres something written wrong in the code below.

here is the error i get:

Warning: array_search(): Wrong datatype for second argument in /home/****/public_html/admincp/upload2.php on line 35
Invalid image file type!


this is the code:

{
  if (array_search(strtolower(substr($file['name'],strrpos($file['name'], '.')+1)), $config['ftypes']) == false) {
  echo "<B>Invalid image file type!</B>";
  exit;
  }


Please help.......... :)
Link to comment
Share on other sites

Did you check the array_search function information on php
array_search() Argument Requirments
array_seach('Value', $array);

You seem to have array value ($config['ftypes'];
What I would do is something like this
[code]
<?php
$value = strtolower(substr($file['name'], strrpos($file['name'], '.')+1));
if(array_search($value, $config) == false){
echo "<strong>Invalid Image File Type!</strong>";
exit;
}
?>
[/code]

also
isn't file meant to be
$_FILES["filedname"]["name"];
//Where fieldname is the name of the field in the upload form

And
remember that the file extension can be manually changed.
For Example

a image.bmp could be changed to image.jpg
but the image is still a bitmap (bmp)

To get the actual type
use
[code]
<?php
list($width, $hieght, $type) = getimagesize($_FILES["fieldname"]["name"];
//Where filedname is the name of the field from the upload form, name is the same

$types = array(1 => 'gif',
2 => 'jpg',
3 => 'png',
4 => 'SWF',
5 => 'PSD',
6 => 'BMP',
7 => 'TIFF(intel byte order)',
8 => 'TIFF(motorola byte order)',
9 => 'JPC',
10 => 'JP2',
11 => 'JPX',
12 => 'JB2',
13 => 'SWC',
14 => 'IFF',
15 => 'WBMP',
16 => 'XBM');

$file_ext = $types[$type];

?>
[/code]
Link to comment
Share on other sites

[color=red]Here is the upload form:[/color]
[b]<form name="upload" method="post" action="admincp.php?id=upload2" enctype="multipart/form-data">
<input type="hidden" name="type" value="1142565325">
<input type="hidden" name="codes" value="1">
<input type="hidden" name="typestr" value="myspace">
Type: myspace<BR><BR>
Category:
<select name="category">
<option value="1142565028">Layouts</option><option value="1142632578">Backgrounds</option><option value="1142860707">Glitter</option><option value="1142860728">Contact Tables</option><option value="1142860769">Dolls</option><option value="1142860774">Welcome</option><option value="1142894168">Thanks For The Add</option><option value="1158181685">Online Now</option></select><BR><BR>

150x150 Thumbnail: <input type="file" name="file"><br>
Name: <input type="text" name="name"><BR><BR>
Description:<br>
<textarea name="description" cols=25 rows=5></textarea><br><BR>
CODES:<BR><BR>
code:<br><textarea name="code1" cols=50 rows=10></textarea><br><br><input type="submit" name="submit" value="Add Layout">
</form>[/b]



Link to comment
Share on other sites

[code]<?php
$value = strtolower(substr($file['name'], strrpos($file['name'], '.')+1));
if(array_search($value, $config) == false){
echo "<strong>Invalid Image File Type!</strong>";
exit;
}
?>[/code]


I tried the above mentioned and now that error is gone & I begin getting parse errors from further down in the code which I believe are being effected by this fix....is this possible?
Link to comment
Share on other sites

[code]<table width="70%" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td><?
include("include.php");
chdir("..");
?>
<?
if (!isset($_COOKIE['mys_admin'])) {
exit;
}
if (!isset($_COOKIE['mys_pass'])) {
exit;
}
function getname($thename) {
global $mysql_server,$mysql_user,$mysql_pass,$mysql_db;
mysql_connect($mysql_server,$mysql_user,$mysql_pass);
mysql_select_db($mysql_db);
$tmpquery = mysql_query("SELECT * FROM `approved` WHERE LOWER(`name`) = '".strtolower($thename)."'");
$tmpresult = @mysql_fetch_array($query);
mysql_close();
return empty($tmpresult);
}
if (isset($submit)) {
if ($name == "") { echo "<b>Your template must have a name!" ; exit ; }
if ($description == "") { echo "<b>Your template must have a description!" ; exit ; }
if (empty($file)) { echo "<b>You must upload a 150x150 thumbnail with your code!" ; exit ; }
$count = 1;
$old_name = $name;
$alias = ereg_replace("[^[:space:]a-zA-Z0-9*_.-]", "", $name);
$alias = str_replace(" ","-",strtolower($alias));
$typestr = ereg_replace("[^[:space:]a-zA-Z0-9*_.-]", "", $typestr);
$typestr = str_replace(" ","-",strtolower($typestr));
foreach ($_FILES as $file)
{
  if (array_search(strtolower(substr($file['name'],strrpos($file['name'], '.')+1)), $config['ftypes']) == false) {
  echo "<B>Invalid image file type!</B>";
  exit;
  }
  $ext = strtolower(substr($file['name'], strrpos($file['name'], '.')+1));
  if (move_uploaded_file($file['tmp_name'], $script_dir . "thumbs/" . $typestr . "_layout_" . $alias . "." . $ext))
  {
  mysql_connect($mysql_server,$mysql_user,$mysql_pass);
  mysql_select_db($mysql_db);
  $time = time();
  mysql_query("INSERT INTO `pending` VALUES('".$time."','".addslashes($name)."','".addslashes($description)."','".$type."','".$category."','".strtolower($_COOKIE['mys_admin'])."','".$alias."','". $typestr . "_layout_" . $alias . "." . $ext."')");
  $code[0] = "";
  $temp = 1;
  while ($temp <= 10) {
    if (isset($_POST['code'.$temp])) { $code[$temp] = addslashes($_POST['code'.$temp]); } else { $code[$temp] = ""; }
    $temp = $temp + 1;
  }
  mysql_query("INSERT INTO `codes` VALUES('".$time."','".$code[1]."','".$code[2]."','".$code[3]."','".$code[4]."','".$code[5]."','".$code[6]."','".$code[7]."','".$code[8]."','".$code[9]."','".$code[10]."')");
  mysql_close();
  }
  else
  {
  echo '<b>Thumbnail upload failed!  Please contact site admin.</b><br>';
  }
}
echo "<B>Your layout addition is currently pending. Note all pending layouts will not be published on our site until admin approval.</B><BR><BR>";
}
?>
<B>UPLOAD LAYOUT</B><BR>
<form name="upload" method="post" action="admincp.php?id=upload2" enctype="multipart/form-data">
<?
$type = explode("_",$type);
$type[1] = str_replace(" ","-",strtolower($type[1]));
?>
<input type="hidden" name="type" value="<?=$type[0]?>">
<input type="hidden" name="codes" value="<?=$type[2]?>">
<input type="hidden" name="typestr" value="<?=$type[1]?>">
Type: <?=$type[1]?><BR><BR>
Category:
<select name="category">
<?
mysql_connect($mysql_server,$mysql_user,$mysql_pass);
mysql_select_db($mysql_db);
$query = mysql_query("SELECT * FROM `categories`");
while ($result = mysql_fetch_assoc($query)) {
echo '<option value="'.$result["id"].'">'.$result["name"].'</option>';
}
mysql_close();
?>
</select><BR><BR>
150x150 Thumbnail: <input type="file" name="file"><br>
Name: <input type="text" name="name"><BR><BR>
Description:<br>
<textarea name="description" cols=25 rows=5></textarea><br><BR>
CODES:<BR><BR>
<?
mysql_connect($mysql_server,$mysql_user,$mysql_pass);
mysql_select_db($mysql_db);
$query = mysql_query("SELECT * FROM `code_names`  WHERE `id` = '".$type[0]."' LIMIT 1");
$result = mysql_fetch_array($query);
$temp = 1;
while ($temp <= $type[2]) {
$str = "code".$temp;
echo $result[$str].":<br>";
echo '<textarea name="code'.$temp.'" cols=50 rows=10></textarea><br><br>';
$temp = $temp + 1;
}
mysql_close();
?>
<input type="submit" name="submit" value="Add Layout">
</form>&nbsp;</td>
  </tr>
</table>
[/code]


that is the entire file......... THANKS!!!!!!!!!!!!! 

It gave parse errors in the line 58 area
Link to comment
Share on other sites

when using the following piece of code i get the following error:

Parse error: syntax error, unexpected '}' in /home/***/public_html/admincp/upload2.php on line 63

[code]$value = strtolower(substr($file['name'], strrpos($file['name'], '.')+1));
if(array_search($value, $config) == false){
echo "<strong>Invalid Image File Type!</strong>";
exit;
}[/code]
Link to comment
Share on other sites

There's no parse errors in that code snippet, or in the full code you posted earlier.. which leaves three alternatives (that I can think of)

1.  There's a syntax error in your current version of the file, but it occurs before or after the location it's reported.  This is often due to mismatched { and }
2.  There's a syntax error in a file included by your file (in include.php ?)
2.  You didn't save the file before testing (I have spent HOURS trying to fix bugs only to find I didn't save the file :D )
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.