PHP - Image Hosting Script Help Required

i want a script which should be easily integrated with the website and should fully customizable like cutephp.. the problem with cutephp is that it can't handle large data since it stores all the news articles in one .txt file on the server.. as the number of articles grow.. the size of .txt file increases and it becomes impossible for the server to handle the script.. i want a script which should be easily integrated into the website and should have the following features.

- article categories
- admin panel to add news
- should use mySQL to store articles or it should create .htm files for articles..

i hope you get the point..

by the way if i want to write my own script.. what is the easiest way to write a script which should have categories, show news on webpages, have admin password protected add news area.. should create seperate files on the server or use mysql..nothing complicated.. simple news posting script..

Hello everyone.
I recently coded a Minecraft Voting for Diamonds script. Basically, you enter your username, you vote on the sites, then click "Get Reward". The reward then goes through a RCON script, and rewards the user with their diamonds in-game. the full script works fine, and I am happy with it, but there is one small problem; and that is users being able to abuse the system. If they wanted to, they could just refresh the page, and click Get Rewarded again, and again. I want to make something like this:



It has a countdown on the link, which is started upon click, and then the link re-activates when the timer is done. My script already has "disabled=..." tags, so you have to click all links, this way would make sure a user cannot click the link until the timer is done. I'm pretty new to PHP, and please forgive me if it is not 100% PHP, but this place seemed extremely helpful. I am also pretty new to PHP, so make it for dummies xD

Thanks everyone!

After spending 3 days on internet and struggling with so many different forums , i have found this forum where i believe i will get the solution for my problem.

Friends, I am zero in PHP, but still i have managed to do something to fulfill my requirement.

I am stuck with one thing now..So i need help on....

I am using one html+php form to submit database into mysql.
I created a display of that table through php script on a webpage.
Now i want a datepicker option on that displayed page by which i should able to select the date range and display the data of that date range from my mysql table.
And then take a export of data displayed of selected date range in excel.

This displayed page is login protected, so i want after login the next thing comes in should show a sate selection option which should be fromdate to to date , and then records should displayed from the database and i can take export of those displayed results in excel file.
The code i am using on this page is below which do not have any thing included for excel export and datepicker script, I am pasting the code here and request you to please include the required code in it as required.

Thanks In advance

    <?php
    //database connections
    $db_host = 'localhost';
    $db_user = '***********';
    $db_pwd = '*************';
   
    $database = 'qserves1_uksurvey';
    $table = 'forms'; 
    $file = 'export';
    if (!mysql_connect($db_host, $db_user, $db_pwd))
        die("Can't connect to database");
   
    if (!mysql_select_db($database))
        die("Can't select database");
   
    // sending query
    $result = mysql_query("SELECT * FROM {$table} ORDER BY date desc");
    if (!$result) {
        die("Query to show fields from table failed");
    }
    $num_rows = mysql_num_rows($result);
    $fields_num = mysql_num_fields($result);
   
    echo "$num_rows";
    echo "<h1></h1>";
    echo "<table border='1'><tr>";
    // printing table headers
    for($i=0; $i<$fields_num; $i++)
    {
        $field = mysql_fetch_field($result);
        echo "<td>{$field->name}</td>";
    }
    echo "</tr>\n";
    // printing table rows
    while($row = mysql_fetch_row($result))
    {
        echo "<tr>";
   
        // $row is array... foreach( .. ) puts every element
        // of $row to $cell variable
        foreach($row as $cell)
            echo "<td>$cell</td>";
   
        echo "</tr>\n";
    }
    mysql_free_result($result);
    ?>
    </body></html>

Well the subject line is pretty explicit.  I found this script that uploads a picture onto a folder on the server called images, then inserts the the path of the image on the images folder onto a VACHAR field in a database table. 
Code: [Select]




<?php

//This file inserts the main image into the images table.

//address error handling

ini_set ('display_errors', 1);
error_reporting (E_ALL & ~E_NOTICE);





//authenticate user
//Start session
session_start();

       
        //Connect to database
require ('config.php');

//Check whether the session variable id is present or not. If not, deny access.
if(!isset($_SESSION['id']) || (trim($_SESSION['id']) == '')) {
header("location: access_denied.php");
exit();
}

        else{ 







// Check to see if the type of file uploaded is a valid image type

function is_valid_type($file)

{

     // This is an array that holds all the valid image MIME types

     $valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif");

 

     if (in_array($file['type'], $valid_types))

         return 1;

     return 0;

}

 

// Just a short function that prints out the contents of an array in a manner that's easy to read

// I used this function during debugging but it serves no purpose at run time for this example

function showContents($array)

{

     echo "<pre>";

     print_r($array);

     echo "</pre>";

}

 

// Set some constants

 

// This variable is the path to the image folder where all the images are going to be stored

// Note that there is a trailing forward slash

$TARGET_PATH = "images/";

 

// Get our POSTed variable

$image = $_FILES['image'];

 

// Sanitize our input

$image['name'] = mysql_real_escape_string($image['name']);

 

// Build our target path full string.  This is where the file will be moved to

// i.e.  images/picture.jpg

$TARGET_PATH .= $image['name'];

 

// Make sure all the fields from the form have inputs

if ( $image['name'] == "" )

{

     $_SESSION['error'] = "All fields are required";

     header("Location: member.php");

     exit;

}

 

// Check to make sure that our file is actually an image

// You check the file type instead of the extension because the extension can easily be faked

if (!is_valid_type($image))

{

     $_SESSION['error'] = "You must upload a jpeg, gif, or bmp";

     header("Location: member.php");

     exit;

}

 

// Here we check to see if a file with that name already exists

// You could get past filename problems by appending a timestamp to the filename and then continuing

if (file_exists($TARGET_PATH))

{

     $_SESSION['error'] = "A file with that name already exists";

     header("Location: member.php");

     exit;

}

 

// Lets attempt to move the file from its temporary directory to its new home

if (move_uploaded_file($image['tmp_name'], $TARGET_PATH))

{

     // NOTE: This is where a lot of people make mistakes.

     // We are *not* putting the image into the database; we are putting a reference to the file's location on the server

     $sql = "insert into images (member_id, image_cartegory, image_date, image) values ('{$_SESSION['id']}', 'main', NOW(), '" . $image['name'] . "')";

     $result = mysql_query($sql) or die ("Could not insert data into DB: " . mysql_error());

     header("Location: images.php");

echo "File uploaded";

     exit;

}

else

{

     // A common cause of file moving failures is because of bad permissions on the directory attempting to be written to

     // Make sure you chmod the directory to be writeable

     $_SESSION['error'] = "Could not upload file.  Check read/write persmissions on the directory";

     header("Location: member.php");

     exit;

}







        } //End of if session variable id is not present.
 


?> 


The script seems to work fine because I managed to upload a picture which was successfully inserted into my images folder and into the database.
Now the problem is, I can't figure out exactly how to write the script that displays the image on an html page. I used the following script which didn't work.


Code: [Select]

//authenticate user
//Start session
session_start();

       
        //Connect to database
require ('config.php');

$sql = mysql_query("SELECT* FROM images WHERE member_id = '".$_SESSION['id']."' AND image_cartegory = 'main' ");
$row = mysql_fetch_assoc($sql);
$imagebytes = $row['image'];
header("Content-type: image/jpeg");
print $imagebytes;







Seems to me like I need to alter some variables to match the variables used in the insert script, just can't figure out which.  Can anyone help??

Hello,  I am new.  I have created a very simple webpage that has content the changes when a link is clicked.  The site works perfectly on my "localhost".  I am running Apache 2.2 and PHP 5.3 on localhost.  When I upload to my GoDaddy shared hosting, ( I beleive Apahe 1.3 and PHP 5.2) my "index.php" displays fine on load. However, when any of the links are clicked the content area where it is supposed to change disapeears. Here is a sample of the code that I am using:


// These are the links in the index.php
html code...
<li><a href="index.php?id='home'" id="home" name="home">Home</a></li>
<li><a href="index.php?id='form'" id="form" name="form">Register</a></li>
<?php
include("form1.php");
                getPage();
                ?>

html....
Then on the form1.php page is the following code...

function getPage()
{
    $linkID = $_GET['id'];
    if ($linkID == NULL)
    {
        changeBool("'home'");
    }
    else
    changeBool($linkID);
}

//end example

The function "changeBool()" has a switch structure that is determined by the $_GET[] var.
I beleive this has something to do with the php.ini settings, possibly the apache settings...any ideas would be greatly appreciated.

Hello - I have usually run my own servers, and always drop my .php files with MYSQL connection strings in a directory like /var, with webroot being /var/www/mysite.

I now find myself in a shared hosting environment for a client and wondering the safety of my connection string .php files.  Unfortunately they are sitting in a folder in the root of my hosting directory right now, and they feel vulnerable.

It seems the only thing I could do would be to put the root of my hosting into a subdirectory, point the site there, and then put my connection strings on directory back.  But seems the problem is they are still in my shared hosting.

What's the best way to secure this type of sensitive info in a shared environment?  I'm also getting ready to explore credit card processing via an API, and wondering if shared hosting is even worth it.

Thanks!!

Hello, we got a site running in to different servers, the other one is a sub domain that will  be use as internal pages and the other one is external. As of that I need to pass session to see if a user details.   Is there a another secure way to pass session data to other server without storing on the database?

Hi;

I had an email from my hosting company which said that my account was hacked and one script in images folder is trying to send thousands of spams(file name : "/public_html/images/sm5vy7.php"). they blocked my account and asked me to check if there is any script or code that may cause this problem.
The only server side page I had was a contact.php file that has mail() function in it. the code is like this;

"if( isset($_POST['submit'])) {
$name=$_POST['name'];
$comment=$_POST['comment'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$to = "sample@gmail.com";
$subject = "sample";
$message = "sample";
$from = "$email";
$headers = "Content-type:text;charset=utf-8" . "\r\n";
$headers .= "From: $from" . "\r\n";
mail($to,$subject,$message,$headers);
}"

My question is "can the code I used cause any security problem that someone be able to create a php file in my images folder or someone has accessed my account?"

Thank you in advance
I'm really in a big trouble

I'm running about 50 domains on a private host that's going out of business, so I need to move providers soon. The Amazon or Google cloud platforms are intriguing. Does anyone have any experience using either for website hosting?   My current solution is a Plesk management interface. So, I'm hoping to install the same wherever I go (because migrating 50 domains manually ...)

I launched my new website about a month ago.  I switched from one web host to another due to poor hosting performance.  Now I'm running into the same issue again -- poor web hosting performance.   My first web host was Hostgator.  My current web host is AT&T.  I hate the thought of switching to a different web host every month trying to find one that will reliably host my site.  Does anyone here have a reliable web host that they use and would recommend?   My question is relative since what is reliable for a simple web site, may not be reliable for one that is more complex.  For this reason, I can't simply trust web host reviews.   My website isn't overly complicated, but it's more complex than just basic HTML.  It uses a lot of PHP, as well as a MySQL database that only has two small tables.  The website uploads and downloads small text files regularly.  It also sends E-mail attatchments quite often.   Because I just launched, my website isn't getting a ton of traffic -- about 10 users per day.  However, I'm beginning to run into the same problem as before.  My web host's server is starting to show itself as being unreliable.  As with my first web host, it seems as if it may be due to overcrowding on the shared server.   Do any of you run any moderately complex websites?  If so, who do you use for a reliable web host?   I've considered setting up my own server with a LAMP configuration and hosting the site myself.  However, I don't know a lot about Linux or Apache, and so would like to avoid this.  But because the computer would only be hosting my own website, and no one else's, I have to believe that a LAMP setup would be more reliable than a shared server that is overcrowded.   A reliable web host is really what I'm looking for.  But I don't want to keep going down the road of trial and error.  If anyone uses a web host that reliably supports their moderately-complex website, then I would love to hear from you.  I'm sick of my site failing due to server issues.  Like the Duracel commercial says, "It just has to work!"   Please forgive me if you feel that my post doesn't correctly fit the forum category.  I tried to figure out which category best fits this topic, but none of them seemed to be perfectly suitable.   Thank you for your time, as well as for any suggestions.

Hi:

I have a site hosted (shared) on 1and1.com hosting, and they seem to have a file upload limit of 2MB.

Is there a way to overwrite this? I have been trying a .htaccess and php.ini file, but can't get it to work.

The folder with the upload form is called "admin," in the ROOT of the site.

Been trying (in both the ROOT and the "admin" folder):
php.ini
Code: [Select]
; Maximum size of POST data that PHP will accept.
post_max_size = 8M

; Maximum allowed size for uploaded files.
upload_max_filesize = 8M

ini_set('memory_limit','128M');

.htaccess (in both the ROOT and the "admin" folder):
Code: [Select]
php_value memory_limit 24M

That is all the code in each file - am I missing some code?

Can this be done?

Thank you.

hello

i have this php code to show the last image upload in a folder and the result is this

http://theplattan.com/screenlive2/Screenshooter2.php

this code must be in the same image folder to work.

I need add a php code from my joomla website but i dont know where i can  change the  path image folder on this script.

i have tried by my self to change rad 33 $files = dirList('.');   to   $files = dirList('screenlive2');

but this show only the list and not the image, somebody have any idea?


Code: [Select]
1:
<html>
2:
<head>
3:
<style type="text/css">
4:
#files { float: left; font-size: small; }
5:
#image { float: right; }
6:
.links { float: right; left: -40px; position: relative; }
7:
.selected { font-weight: bold; }
8:
</style>
9:
</head>
10:
<body>
11:
 
12:
<?php
13:
 
14:
function dirList ($directory)
15:
{
16:
    $results = array();
17:
    $handler = opendir($directory);
18:
    while ($file = readdir($handler)) {
19:
       if ($file != '.' && $file != '..')
20:
         {
21:
            $suffix = "gif";
22:
 
23:
            if( substr($file, -3) == $suffix )
24:
            {
25:
            $results[] = $file;
26:
            }
27:
         }
28:
    }
29:
    closedir($handler);
30:
    return $results;
31:
}
32:
 
33:
$files = dirList('.');
34:
 
35:
arsort($files);
36:
 
37:
//$files = array_reverse( $files );
38:
 
39:
echo "<div id='files'><ul>";
40:
 
41:
$prev = "";
42:
$next = "";
43:
$last = "";
44:
 
45:
foreach( $files as $entry )
46:
{
47:
   if( isset($_GET['sel']) == false )
48:
   {
49:
      $_GET['sel'] = $entry;
50:
   }
51:
 
52:
   $style = "";
53:
 
54:
   if( $_GET['sel'] == $entry )
55:
   {
56:
      $style="selected";
57:
      $selected = $entry;
58:
      $prev = $last;
59:
   }
60:
 
61:
   echo "<li class='".$style."'><a href='i.php?sel=".$entry."'>";
62:
   print_r( $entry );
63:
   echo "</a></li>";
64:
 
65:
   if( ($last == $selected) && ($last != "") )
66:
   {
67:
      $next = $entry;
68:
   }
69:
 
70:
   $last = $entry;
71:
}
72:
 
73:
echo "</ul></div>";
74:
 
75:
echo "<div id='image'><img src='".$selected."' alt=''/></div>";
76:
   
77:
echo "<p class='links'>";
78:
 
79:
   if( $prev != "" ) echo "<a href='i.php?sel=".$prev."'>Up</a>";
80:
   echo "<br/>";
81:
   if( $next != "" ) echo "<a href='i.php?sel=".$next."'>Down</a>";
82:
 
83:
echo "</p>";
84:
 
85:
?>
86:
 
87:
</body>
88:
</html>

Hi Guys,

I am trying to disguise my php script as a .gif file for the purposes of a shopping cart. Basically, you click on the .gif which is placed on the page and it takes you to an image unless it has variables attached to it. Google use this for their checkout so I know this is possible. Does anyone have any ideas how I would go about doing this?

Thanks in advance, Jacob.

I have 23 products in a db, all with a unique ID that Im creating a user site for. Some of the items have 1 or 2 images and others have as many as 30 images.
In my db I have a field called "pics". All the images are saved as a .jpg, according to their id on the server. So if item 1 has 10 images the files a "1_001.jpg," "1_002.jpg," ect.

How do I create a script that will display the correct amount of images based on the number in the db.
I was going to do something like this:
Code: [Select]
if ($row['pics'] =="1") {
$pictures = '<img src="pictures/'.$id.'_001.jpg" width="200" alt="" />';
} elseif ($row['pics'] =="2") {
$pictures = '<img src="pictures/'.$id.'_001.jpg" width="200" alt="" /><img src="pictures/'.$id.'_002.jpg" width="200" alt="" />';
} elseif ($row['pics'] =="3") {
$pictures = '<img src="pictures/'.$id.'_001.jpg" width="200" alt="" /><img src="pictures/'.$id.'_002.jpg" width="200" alt="" /><img src="pictures/'.$id.'_003.jpg" width="200" alt="" />';
}
but that would just be retarded...

Thank you!

Hi

Im trying to write a script to clean up my image directory which has quite a lot of unused images that have built up over time.
In order to do this I am doing the following.

First Create a database table called 'image_clean' Then I'm searching through 3 tables and collecting all the image file names and dumping the names in the table 'image_clean'

Can do that no problem. So now I have all the images I need in this one table 'image_clean' I now want to go through my directory 'image_uploads' and delete anything thats not in the 'image_clean' table.

I know how to delete the files using unlink Im just unsure how to search through the directory file by file and check the file against the database. Im asumming I need to put them in an array. Could anyone give be a clue or two to get me started.

I have no problem checking a database against a directory but when its the other way round 'checking a directory against a database I'm lost. What I might do is pop the files to delete in a new database called 'image_delete' so that I can then check the images to delete before I write the unlink script. But I'm just not sure how to pick up each file and compare it to the table.

Thanks in advance.