Jump to content

[SOLVED] Need Help with an Image Upload script.

daryl999

By daryl999
in PHP Coding Help

 Share

Recommended Posts

daryl999 Newbie

daryl999

Posted
Posted

Hi Guys,

 

I don't work with PHP very often and I am having trouble with an image upload script that I need some help with.

 

Here is the script:

<?php

if (!isset($_SESSION)) {

  session_start();

}

$MM_authorizedUsers = "";

$MM_donotCheckaccess = "true";

 

// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {

  // For security, start by assuming the visitor is NOT authorized.

  $isValid = False;

 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.

  // Therefore, we know that a user is NOT logged in if that Session variable is blank.

  if (!empty($UserName)) {

    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.

    // Parse the strings into arrays.

    $arrUsers = Explode(",", $strUsers);

    $arrGroups = Explode(",", $strGroups);

    if (in_array($UserName, $arrUsers)) {

      $isValid = true;

    }

    // Or, you may restrict access to only certain users based on their username.

    if (in_array($UserGroup, $arrGroups)) {

      $isValid = true;

    }

    if (($strUsers == "") && true) {

      $isValid = true;

    }

  }

  return $isValid;

}

 

$MM_restrictGoTo = "admin_login.php";

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { 

  $MM_qsChar = "?";

  $MM_referrer = $_SERVER['PHP_SELF'];

  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)

  $MM_referrer .= "?" . $QUERY_STRING;

  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

  header("Location: ". $MM_restrictGoTo);

  exit;

}

?>

<?

if(isset($_POST['submit'])) { //see if submit button is pressed.

 

//check if they decided to upload a pic:

if($_FILES['userfile']['size'] > 1) {

 

$max_size = 2000000;

$max_height = 198;

$max_width = 777;

 

$info = getimagesize($_FILES['userfile']['tmp_name']);

}

 

 

//check file-size (in bytes):

//if(($_FILES['userfile']['size'] > $_POST['MAX_FILE_SIZE']) || ($_FILES['userfile']['size'] > $max_size)) {

//    die("<BR><BR>Error: Upload file size too large: (<b>" . $_FILES['userfile']['size'] . "</b>). Must not exceed 20ff kb.");

//}

 

//check the extension.

    $array = explode(".", $_FILES['userfile']['name']);

    $nr    = count($array);

    $ext  = $array[$nr-1];

    if(($ext !="jpg") && ($ext !="jpeg") && ($ext !="png"))

    die("<BR><BR>Error: file extension un-recognized. Be sure your image follows the correct extension (.JPG or .PNG)");

 

//CHECK TYPE: (what the browser sent)

if(($_FILES['userfile']['type'] != "image/jpeg") && ($_FILES['userfile']['type'] != "image/pjpeg") && ($_FILES['userfile']['type'] != "image/png")) {

die("<BR><BR>Error: Upload file type un-recognized. Only .JPG or .PNG images allowed.");

}

 

//DOUBLE CHECK TYPE: if image MIME type from GD getimagesize() -In case it was a FAKE!

if(($info['mime'] != "image/jpeg") && ($info['mime'] != "image/pjpeg") && ($info['mime'] != "image/png")) {

die("<BR><BR>Error: Upload file type un-recognized. Only .JPG or .PNG images allowed.");

}

 

//check file size (length & width)

if(($info[0] > $max_width) || ($info[1] >$max_height)) {

    die("<BR><BR>Error: Image size error (<b>" . $info[0] . "</b> x <b>" . $info[1] . "</b>). Must not exceed ". $max_width . " x ". $max_height .".");

}

 

//rename file, move it to location.

if(is_uploaded_file($_FILES['userfile']['tmp_name'])) {

 

///////////////////

$filename = $filename = 'aboutus1';

 

  if(move_uploaded_file($_FILES['userfile']['tmp_name'] , $_SERVER['DOCUMENT_ROOT']."/images/".$filename . '.' . $ext)) {

  //echo("File uploaded successfully.");

  header("Location:http://www.embroidaworld.com/admin_menu.php");

  exit();

   

  } else {

        echo("An error occurred while uploading.");

  }//end upload

} //end is_uploaded_file

 

} else { //display form ?>

<link href="embroidered.css" rel="stylesheet" type="text/css" />

 

<span class="left-body-txtbold-red">ABOUT US: Upload and Resize an Image</span><br />

<form enctype="multipart/form-data" action="<? $_SERVER['PHP_SELF']; ?>" method="post" name="uploadImage" />

<input type="hidden" MAX_UPLOAD_SIZE = "100000000000000" />

<input type="file" name="userfile" size="35" />

<input type="submit" name="submit" value="Upload Image"><br />

<span class="left-body-txtbold-red"><a href="admin_menu.php"><< BACK TO ADMIN MENU </a></span>

 

 

<? } //end else ?>

 

Here is the problem:

 

The script successfully uploads the image.

I know this because if I go to my ftp client the image is there and named correctly and in the correct place.

The problem is the page that displays the image puts one of those no-image boxes with the red cross instead of showing the new image.

Link to comment
Share on other sites
daryl999 Newbie

daryl999

Posted
  • Author
Posted

Thats whats weird, the images are definately uploading to the correct place.

 

The way I have set it up is like this:

 

I have a page with an image on it which is in the images folder and called aboutus1.jpg

 

The upload script uploads an image to the images folder and renames it aboutus1.jpg

 

I am using this method in a simple CMS system

 

The problem

 

The script definately uploads the new image to the images folder and definately renames in aboutus1.jpg

 

After running the script if I go to my ftp client and download aboutus1.jpg from the images folder it is the new image.

 

So why is it not showing?

 

Could it be something to do with the way I am uploading it?

Link to comment
Share on other sites
daryl999 Newbie

daryl999

Posted
  • Author
Posted

I just had a look at the properties for the images and i think that this is the problem.

 

The image permission Attributes are showing as 644 on the working image but showing as 600 after uploading a new image.

 

How do I set the permissions Attributes when I upload the image?

Link to comment
Share on other sites
daryl999 Newbie

daryl999

Posted
  • Author
Posted

SOLVED

 

chmod($_SERVER['DOCUMENT_ROOT']."/images/play.jpg", 0777);

 

 

 

New Script:

 

<?php

if (!isset($_SESSION)) {

  session_start();

}

$MM_authorizedUsers = "";

$MM_donotCheckaccess = "true";

 

// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {

  // For security, start by assuming the visitor is NOT authorized.

  $isValid = False;

 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.

  // Therefore, we know that a user is NOT logged in if that Session variable is blank.

  if (!empty($UserName)) {

    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.

    // Parse the strings into arrays.

    $arrUsers = Explode(",", $strUsers);

    $arrGroups = Explode(",", $strGroups);

    if (in_array($UserName, $arrUsers)) {

      $isValid = true;

    }

    // Or, you may restrict access to only certain users based on their username.

    if (in_array($UserGroup, $arrGroups)) {

      $isValid = true;

    }

    if (($strUsers == "") && true) {

      $isValid = true;

    }

  }

  return $isValid;

}

 

$MM_restrictGoTo = "admin_login.php";

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { 

  $MM_qsChar = "?";

  $MM_referrer = $_SERVER['PHP_SELF'];

  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)

  $MM_referrer .= "?" . $QUERY_STRING;

  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

  header("Location: ". $MM_restrictGoTo);

  exit;

}

?>

<?

if(isset($_POST['submit'])) { //see if submit button is pressed.

 

//check if they decided to upload a pic:

if($_FILES['userfile']['size'] > 1) {

 

$max_size = 2000000;

$max_height = 198;

$max_width = 777;

 

$info = getimagesize($_FILES['userfile']['tmp_name']);

}

 

 

//check file-size (in bytes):

//if(($_FILES['userfile']['size'] > $_POST['MAX_FILE_SIZE']) || ($_FILES['userfile']['size'] > $max_size)) {

//    die("<BR><BR>Error: Upload file size too large: (<b>" . $_FILES['userfile']['size'] . "</b>). Must not exceed 20ff kb.");

//}

 

//check the extension.

    $array = explode(".", $_FILES['userfile']['name']);

    $nr    = count($array);

    $ext  = $array[$nr-1];

    if(($ext !="jpg") && ($ext !="jpeg") && ($ext !="png"))

    die("<BR><BR>Error: file extension un-recognized. Be sure your image follows the correct extension (.JPG or .PNG)");

 

//CHECK TYPE: (what the browser sent)

if(($_FILES['userfile']['type'] != "image/jpeg") && ($_FILES['userfile']['type'] != "image/pjpeg") && ($_FILES['userfile']['type'] != "image/png")) {

die("<BR><BR>Error: Upload file type un-recognized. Only .JPG or .PNG images allowed.");

}

 

//DOUBLE CHECK TYPE: if image MIME type from GD getimagesize() -In case it was a FAKE!

if(($info['mime'] != "image/jpeg") && ($info['mime'] != "image/pjpeg") && ($info['mime'] != "image/png")) {

die("<BR><BR>Error: Upload file type un-recognized. Only .JPG or .PNG images allowed.");

}

 

//check file size (length & width)

if(($info[0] > $max_width) || ($info[1] >$max_height)) {

    die("<BR><BR>Error: Image size error (<b>" . $info[0] . "</b> x <b>" . $info[1] . "</b>). Must not exceed ". $max_width . " x ". $max_height .".");

}

 

//rename file, move it to location.

if(is_uploaded_file($_FILES['userfile']['tmp_name'])) {

 

//get max number of images the user has uploaded

$filename = 'play';

 

  if(move_uploaded_file($_FILES['userfile']['tmp_name'] , $_SERVER['DOCUMENT_ROOT']."/images/".$filename . '.' . $ext)) {

  chmod($_SERVER['DOCUMENT_ROOT']."/images/play.jpg", 0777);

  //echo("File uploaded successfully.");

  header("Location:http://www.embroidaworld.com/admin_menu.php");

  exit();

   

  } else {

        echo("An error occurred while uploading.");

  }//end upload

} //end is_uploaded_file

 

} else { //display form ?>

<link href="embroidered.css" rel="stylesheet" type="text/css" />

 

<span class="left-body-txtbold-red">HOME (Play) : Upload and Resize an Image</span><br />

<form enctype="multipart/form-data" action="<? $_SERVER['PHP_SELF']; ?>" method="post" name="uploadImage" />

<input type="hidden" MAX_UPLOAD_SIZE = "100000000000000" />

<input type="file" name="userfile" size="35" />

<input type="submit" name="submit" value="Upload Image"><br />

<span class="left-body-txtbold-red"><a href="admin_menu.php"><< BACK TO ADMIN MENU </a></span>

 

 

<? } //end else ?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.