someone1

I CAN store images in mysql databases and i HAVE done so. I also successfully generated thumbnails from those images. Just takes a bit of logic

Sorry guys, not what i was looking for, but i did find the answer: imagesx() and imagesy() get the width and height respectively for image types, as I needed since i was creating an image type from the image string i keep in the MySQL db. Thanks for the help anyway! getimagesize() looks for the given parameter as a file, it won't give the dimensions if i pass in the image type

Hey, i have a script that stores images in a MySQL database. I need to be able to create thumbnails from those stored images, here's my code so far: <?php include 'db.inc'; if (!($connection = @ mysql_pconnect($hostName, $username, $password))) showerror(); if (!mysql_select_db($database, $connection)) showerror(); $query = "SELECT * FROM pw_catalog WHERE id = {$_GET['id']}"; if (!($result = @ mysql_query ($query,$connection))) showerror(); $data = @ mysql_fetch_array($result); $img_thumb_width = 100; //the new width of the resized image, in pixels. //the image -> variables $file_name = $data['image']; $file_tmp = $data['image']; $file_size = true; //filesize($file_tmp); Can't get working $file_type = $data['image_type']; //create a file name $rand_name = md5($data['name']); $ThumbWidth = $img_thumb_width; ////////////////////////// // CREATE THE THUMBNAIL // ////////////////////////// //keep image type if($file_size){ /* if($file_type == "image/pjpeg" || $file_type == "image/jpeg"){ $new_img = imagecreatefromjpeg($file_tmp); }elseif($file_type == "image/x-png" || $file_type == "image/png"){ $new_img = imagecreatefrompng($file_tmp); }elseif($file_type == "image/gif"){ $new_img = imagecreatefromgif($file_tmp); }*/ $new_img = imagecreatefromstring($file_tmp); //list the width and height and keep the height ratio. //***** list($width, $height) = getimagesize($file_tmp); can't get working $width =396; $height = 285; //calculate the image ratio $imgratio=$width/$height; if ($imgratio>1){ $newwidth = $ThumbWidth; $newheight = $ThumbWidth/$imgratio; }else{ $newheight = $ThumbWidth; $newwidth = $ThumbWidth*$imgratio; } //function for resize image. if (function_exists(imagecreatetruecolor)){ $resized_img = imagecreatetruecolor($newwidth,$newheight); }else{ die("Error: Please make sure you have GD library ver 2+"); } //the resizing is going on here! header("Content-Type: {$file_type}"); imagecopyresized($resized_img, $new_img, 0, 0, 0, 0, $newwidth, $newheight, $width, $height); ImageJpeg ($resized_img,NULL, 100); //finally, save the image } ImageDestroy ($resized_img); ImageDestroy ($new_img); exit(); ?> What i need: 1. A way to get the dimensions of the image,i only keep image in a blob field in mysql table and the mime_type in a separate field. 2. keep the generated thumbnails in a temp folder so the files aren't being constantly generated, if the file already exists, use it! (but if it doesn't, make the thumbnail and copy it over to the thumbnail directory where it'll self-delete in 1 day). my main concern is only number 1, part 2 is something nice that i don't necessarily need. Any help would be greatly appreciated! Thanks in advanced!

thank you all for the helpful responses i have one last question: Is there a way i can make an array of all strings that if found in the include path to be blocked? right now, i'm doing this to block all http:// and ftp:// attempts, but i have a list of strings to search for, and if found, to not load a page, but i'd rather not make a million if statements: [code]<?php $findme  = "://"; $pos = strpos($page, $findme); if($pos === false) { if (isset($_GET['page'])) {include($page); }  else {include('news/news.php'); }; } ?>[/code]

Hello all, My Host has recently emailed me explaining to me that my website has been hacked. I use the simpiliest form of PHP on my website, an ALL html layout with a simple inlcude statement for my content area. It seems that when the include variable is set equal to "http://fanklinsys.nm.ru/sponsorship_api.php" that the user has full access to my files and MySQL db's. They can delete files, folder, CHMOD them, upload files (and i've tested these all) and some things more. My host is requesting that a security update be made to the script but i'm not sure how to prevent this completely other than blocking that URL (which won't stop them from uploading the script somewhere else or renaming the file). If anybody is familiar with this exploit, please help me out with a way to block it! [code]<?php  if (isset($_GET['page'])) {include($page); }  else {include('news/news.php'); }; ?>[/code]