Page 1 of 1

Help with random names

Posted: Sun Jul 05, 2009 9:53 pm
by teh1337ex
I have an image uploading script im using, and i want to add a random naming function to it using md5(time()), but i cant because it wont work for me. is there anyway someone can rewrite my code to do this?

Code: Select all

<?php 
ini_set("memory_limit", "200000000"); 
 
 
if ((isset($_POST["submitted_form"])) && ($_POST["submitted_form"] == "image_upload_form")) {
    
    
    if (($_FILES["image_upload_box"]["type"] == "image/jpeg" || $_FILES["image_upload_box"]["type"] == "image/pjpeg" || $_FILES["image_upload_box"]["type"] == "image/gif" || $_FILES["image_upload_box"]["type"] == "image/x-png") && ($_FILES["image_upload_box"]["size"] < 4000000))
    {
        
  
        
        $max_upload_width = 2500;
        $max_upload_height = 2500;
          
        
        if(isset($_REQUEST['max_width_box']) and $_REQUEST['max_width_box']!='' and $_REQUEST['max_width_box']<=$max_upload_width){
            $max_upload_width = $_REQUEST['max_width_box'];
        }    
        if(isset($_REQUEST['max_height_box']) and $_REQUEST['max_height_box']!='' and $_REQUEST['max_height_box']<=$max_upload_height){
            $max_upload_height = $_REQUEST['max_height_box'];
        }   
 
        
        
        if($_FILES["image_upload_box"]["type"] == "image/jpeg" || $_FILES["image_upload_box"]["type"] == "image/pjpeg"){    
            $image_source = imagecreatefromjpeg($_FILES["image_upload_box"]["tmp_name"]);
        }       
        
        if($_FILES["image_upload_box"]["type"] == "image/gif"){ 
            $image_source = imagecreatefromgif($_FILES["image_upload_box"]["tmp_name"]);
        }   
            
        
        if($_FILES["image_upload_box"]["type"] == "image/bmp"){ 
            $image_source = imagecreatefromwbmp($_FILES["image_upload_box"]["tmp_name"]);
        }           
        
        if($_FILES["image_upload_box"]["type"] == "image/x-png"){
            $image_source = imagecreatefrompng($_FILES["image_upload_box"]["tmp_name"]);
        }
        
 
        $remote_file = "image_files/".$_FILES["image_upload_box"]["name"];
        imagejpeg($image_source,$remote_file,100);
        chmod($remote_file,0644);
    
    
 
        
        list($image_width, $image_height) = getimagesize($remote_file);
    
        if($image_width>$max_upload_width || $image_height >$max_upload_height){
            $proportions = $image_width/$image_height;
            
            if($image_width>$image_height){
                $new_width = $max_upload_width;
                $new_height = round($max_upload_width/$proportions);
            }       
            else{
                $new_height = $max_upload_height;
                $new_width = round($max_upload_height*$proportions);
            }       
            
            
            $new_image = imagecreatetruecolor($new_width , $new_height);
            $image_source = imagecreatefromjpeg($remote_file);
            
            imagecopyresampled($new_image, $image_source, 0, 0, 0, 0, $new_width, $new_height, $image_width, $image_height);
            imagejpeg($new_image,$remote_file,100);
            
            imagedestroy($new_image);
        }
        
        imagedestroy($image_source);
        
        
        header("Location: index.php?upload_message=Image has been uploaded&upload_message_type=success&show_image=".$_FILES["image_upload_box"]["name"]);
        exit;
    }
    else{
        header("Location: index.php?upload_message=Please make sure the file is an image and under 4 MB&upload_message_type=error");
        exit;
    }
}
?>
 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="styler.css" type="text/css">
<title>Treatspin - Image Uploader</title></head>
 
<body>
<center>
<h1 style="margin-bottom: 0px">Treatspin Image Hosting</h1><hr>
 
 
        <?php if(isset($_REQUEST['upload_message'])){?>
            <div class="upload_message_<?php echo $_REQUEST['upload_message_type'];?>">
            <?php echo htmlentities($_REQUEST['upload_message']);?>
            </div>
        <?php }?>
 
 
<form action="index.php" method="post" enctype="multipart/form-data" name="image_upload_form" id="image_upload_form" style="margin-bottom:0px;">
<label>Image file, maximum 4MB. it can be jpg, gif,  png:</label><br />
          <input name="image_upload_box" type="file" id="image_upload_box" size="40" /> <br />
          <input type="submit" name="submit" value="Upload image" />     
     
     <br />
    <br />
 
     
      <label>Scale down image? (2592 x 1944 px max):</label>
      <br />
      <input name="max_width_box" type="text" id="max_width_box" value="1024" size="4">
      x      
      
      <input name="max_height_box" type="text" id="max_height_box" value="768" size="4">
      px.
      <br />
      <br />
      <p style="padding:5px; border:1px solid #EBEBEB; background-color:#FAFAFA;">
  <a href="http://treatspin.com/about/index.htm">[About the site]</a><br />
  </p>
 
      
 
<input name="submitted_form" type="hidden" id="submitted_form" value="image_upload_form" />
          </form>
 
 
 
 
<?php 
 
$filename = stripslashes($_FILES['image']['name']);
 
if(isset($_REQUEST['show_image']) and $_REQUEST['show_image']!=''){
 
?></center>
<p>
    <center><img src="image_files/<?php echo $_REQUEST['show_image'];?>" hspace="5" vspace="5" align="bottom"></center><br />  
<tr>
<td>
<strong><center>Direct link to image</strong>:</center><br/> <center><textarea cols="50" rows="1">http://www.treatspin.com/image_files/<?php echo $_REQUEST['show_image'];?></textarea></center></td>
</tr>
    
    
</p>
 
 
<?php }?>
 
<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br />
 
<center><a href="http://www.youn00b.com">
<img src="http://www.youn00b.com/images/yn_alternate.png" style="border-style: none"/>
</a>
</center>
 
 
 
 
</body>
</html>
Please help, thanks.

Re: Help with random names

Posted: Sun Jul 05, 2009 10:41 pm
by requinix
teh1337ex wrote:is there anyway someone can rewrite my code to do this?
Ha. Ha ha. Hahahahahaha.

Are you willing to pay somebody to do it? If not then you're stuck with learning PHP yourself or waiting for a Good Samaritan to come along.

Re: Help with random names

Posted: Sun Jul 05, 2009 10:56 pm
by jackpf
Lol.

How does that not work for you anyway?

Btw, you should use uniqid() or something instead.

Re: Help with random names

Posted: Sun Jul 05, 2009 11:32 pm
by teh1337ex
i didnt mean to come off as a charity case. i've just been so frustrated with this particular code.

And it works fine, it just overrides the exisiting image if it has the same name.

Re: Help with random names

Posted: Mon Jul 06, 2009 12:04 am
by Eric!
Here's a lame way to do it.

Code: Select all

$i=1;
while(is_file($_FILES["image_upload_box"]["tmp_name"]))
{   $_FILES["image_upload_box"]["tmp_name"]='$i'.$_FILES["image_upload_box"]["tmp_name"];
$i++;
}
instead of linear $i values you could use uniqid() or rand(1000,9999)....

Re: Help with random names

Posted: Mon Jul 06, 2009 12:22 am
by requinix
Make sure you validate the file, or at the very least its extension. If they upload a .php file and you don't check it, they could run their PHP code on your server.

Re: Help with random names

Posted: Mon Jul 06, 2009 12:40 am
by teh1337ex
Thank you guys for all your help.