phillips321 Posted September 23, 2007 Share Posted September 23, 2007 Hi guys, New idea and creation, i've created a website for my friends and family to host their pictures that they want to post to forums. http://www.forumpix.co.uk This is the first time i've ever played with php so i'm not too sure how solid this code will be. If possible could you guys upload an image or two and try to break the php script. Any feedback would be much appreciated Thanks in advance Link to comment Share on other sites More sharing options...
tommyboy123x Posted September 23, 2007 Share Posted September 23, 2007 uploading a bad image outputs errors Warning: imagecreatefromjpeg() [function.imagecreatefromjpeg]: '/tmp/phpqJ1b3G' is not a valid JPEG file in /media/data/forumpix.co.uk/index.php on line 24 Warning: imagesx(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 50 Warning: imagesy(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 51 Warning: imagealphablending(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 65 Warning: imagecopy(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 74 Warning: imagejpeg(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 81 Warning: imagedestroy(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 90 uploading a php file or anything that is corrupted does the same thing Link to comment Share on other sites More sharing options...
agentsteal Posted September 23, 2007 Share Posted September 23, 2007 Full Path Disclosure: There is Full Path Disclosure when you upload an image. Warning: imagesx(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 50 Warning: imagesy(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 51 Warning: imagealphablending(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 65 Warning: imagecopy(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 74 Warning: imagejpeg(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 81 Warning: imagedestroy(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 90 Full Path Disclosure: Parse error: syntax error, unexpected T_BOOLEAN_OR in /media/data/forumpix.co.uk/index.php on line 57 Link to comment Share on other sites More sharing options...
sljaxon Posted September 24, 2007 Share Posted September 24, 2007 My test pic was overlayed by "umpics.co.uk", so your watermark is getting cut off. Personally, I don't like the url watermark, but technically it seems to work pretty well. Link to comment Share on other sites More sharing options...
phillips321 Posted September 24, 2007 Author Share Posted September 24, 2007 hi guys, here's the code so far. How do i got about on error of trying to convert a picture to quit out and display an error message? <?php $quality=60; //Quality we'll write the JPEG as... $countpath = 'upcount.txt'; //Name of our filename counter... $url = 'http://forumpix.getmyip.com/';//Where our images are published (with trailing slash) //Variables representing the uploaded file $size = $_FILES['upload']['size']; $type = $_FILES['upload']['type']; //Location of temporary uploaded file $name = $_FILES['upload']['tmp_name']; //Empty variables to store error messages... $fail=0; $skip=0; $success=0; $resize=1000; //resize to this size if over //Check image is right size... if ($size > 2048000) { $fail = 'File was too big - please upload one smaller than 2MB.'; } elseif ($size < 1) { //Probably nothing's been uploaded so we're going to pretend they didn't. $skip=1; //Check image is right type, and create GD resource as necessary... } elseif ($type == 'image/jpeg') { $img = imagecreatefromjpeg($name); } elseif ($type == 'image/gif') { $img = imagecreatefromgif($name); } elseif ($type == 'image/png') { $img = imagecreatefrompng($name); } elseif ($type == 'image/bmp') { $img = imagecreatefromwbmp($name); //None of the right types were found, so fail out... } else { $fail = 'Invalid file - check it\'s JPG, PNG, GIF, or BMP!'; } //Check there's no error messages, then write JPEG... if ($fail==0 and $skip==0) { //First check our filename counter exists... $countfile = fopen($countpath, r); $countnum = fread($countfile, filesize($countpath)); fclose($countfile); //Generate the new file number... $newcountnum = $countnum + 1; //Generate a new filename... $path = 'uploads/'.str_pad($newcountnum,8,0,'STR_PAD_LEFT').'.jpg'; //Generate the URL to that filename... $webpath = $url.$path; //Find base image size $iwidth = imagesx($img); $iheight = imagesy($img); //Shrink image size if larger than 1000x1000 if($iwidth>$resize || $iheight>$resize){ $tmp_iwidth= $resize; //set width of new size $tmp_iheight = $iheight * ($tmp_iwidth/$iwidth); //create height based on width maintaining aspect ratio $tmp_resized = imagecreatetruecolor($tmp_iwidth, $tmp_iheight); //create new images with resized dimentions imagecopyresampled($tmp_resized, $img, 0, 0, 0, 0, $tmp_iwidth,$tmp_iheight, $iwidth, $iheight); //resample image to new size $img = $tmp_resized; //set resampled image back to $img $iwidth=$tmp_iwidth; //reset the width $iheight=$tmp_iheight; // reset the height } //Turn on alpha blending imagealphablending($img, true); // Create overlay image $overlay = imagecreatefrompng('overlay.png'); //Get the size of overlay $owidth = imagesx($overlay); $oheight = imagesy($overlay); //Overlay watermark imagecopy($img, $overlay, $iwidth - $owidth, $iheight - $oheight, 0, 0, $owidth, $oheight); //Get rid of temporary overlay file... imagedestroy($overlay); //Write JPEG and increment counter... if(!imagejpeg($img, $path, $quality)) { $fail = 'Unable to write a new JPEG. Contact the administrator.'; } else { $countfile = fopen($countpath, w); fwrite($countfile, $newcountnum); fclose($countfile); $success=1; } //Get rid of our temporary file... imagedestroy($img); } //Now to have a chat with the user him/her/itself... ?> <html> <head> <title>ForumPix Uploader</title> <SCRIPT TYPE="text/javascript"> <!-- function popup(mylink, windowname) { if (! window.focus)return true; var href; if (typeof(mylink) == 'string') href=mylink; else href=mylink.href; window.open(href, windowname, 'width=400,height=300,scrollbars=no'); return false; } //--> </SCRIPT> </head> <body background="background.gif" TEXT="#FFFFFF" LINK="FF6600" VLINK="FF6600"> <!--Changed theme to personalise--> <center> <PRE> __ _ _ / _| (_) | | | |_ ___ _ __ _ _ _ __ ___ _ __ ___ __ ___ ___ _ _| | __ | _/ _ \| '__| | | | '_ ` _ \| '_ \| \ \/ / / __/ _ \ | | | | |/ / | || (_) | | | |_| | | | | | | |_) | |> < _ | (_| (_) | _ | |_| | < |_| \___/|_| \__,_|_| |_| |_| .__/|_/_/\_\ (_) \___\___/ (_) \__,_|_|\_\ | | |_| </PRE> <?php //Actually, best check whether we've got good or bad news first... //First, the bad news... if (!$fail==0) { echo '<H2>Upload Failed!</H2>'; echo '<P>'.$fail.'</P>'; echo '<P>Try giving it another go...</P>'; //Second, the good news... } elseif ($success==1) { echo '<H2>Upload Success!</H2>'; echo '<P>Your photo\'s been uploaded to:<BR><A href='.$webpath.'>'.$webpath.'</A><br>you should see a preview of it below:</P>'; echo '<P><img src='.$webpath.' width=450></P>'; echo '<P>Now feel free to upload another if you\'d like...</P>'; //Lastly... no news! } else { echo '<H2>Upload Photo</H2>'; echo '<P>Locate your picture by clicking on browse and then click "Upload!"</P>'; } //And that's it... we just need the form, and end the HTML document! ?> <form enctype="multipart/form-data" method="POST"> <input type="hidden" name="MAX_FILE_SIZE" value="2048000"/> Your file:<input name="upload" type="file"> <input type="submit" value="Upload!"> </form> <font size="1"> Make sure you agree to the <A HREF="TandCs.html" onClick="return popup(this, 'notes')">Terms and Conditions</A> </font> </center> </body> </html>phillips321@LinuxServer:/media/data/forumpix.co.uk$ Link to comment Share on other sites More sharing options...
LiamProductions Posted September 24, 2007 Share Posted September 24, 2007 I tried to upload a .jpg file and got Warning: imagesx(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 79 Warning: imagesy(): supplied argument is not a valid Image resource in /media/data/forumpix.co.uk/index.php on line 80 Link to comment Share on other sites More sharing options...
Recommended Posts