using
Code: Select all
list($width, $height)=getimagesize($_FILES['userfile']);Warning: getimagesize(Array) [function.getimagesize]: failed to open stream: No such file or directory in C:\Program Files\xampp\htdocs\upload.php on line 28
and it will upload big files anyway. of course theres no such file, since im uploading the file to a database and not a directory.
what to do?
heres my whole code:
Code: Select all
<?php
if (isset($_COOKIE["usern"]))
echo "<p>Logged in as ".$_COOKIE["usern"].". | <a href='logout.php'>Logout</a></p>";
else
header("location: login.php");
?>
<html>
<head>
<title>Upload</title>
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="shortcut icon" href="images/favicon.ico" />
</head>
<body>
<form method="post" enctype="multipart/form-data">
<input name="userfile" type="file" id="userfile">
<input name="upload" type="submit" class="box" id="upload" value=" Upload ">
</form>
<?php
include("variables.php");
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$image=$_FILES['userfile'];
$maxwidth=151;
$maxheight=181;
list($width, $height)=getimagesize("$image");
if((($_FILES["userfile"]["type"]=="image/gif") ||
($_FILES["userfile"]["type"]=="image/jpeg") ||
($_FILES["userfile"]["type"]=="image/png") ||
($_FILES["userfile"]["type"]=="image/pjpeg")) &&
($_FILES["userfile"]["size"]<204800) &&
(($width<$maxwidth) || ($height<$maxheight)))
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$fp = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
$fileName=addslashes($fileName);
}
$query="INSERT INTO upload (name, size, type, content, user ) VALUES ('$fileName', '$fileSize', '$fileType', '$content', '$username')";
if($count!=0)
{
$query="UPDATE upload SET name='$fileName', size='$fileSize', type='$fileType', content='$content' WHERE user='$username'";
}
mysql_query($query)or die(mysql_error());
echo "File $fileName uploaded.<br />";
}
else
{
echo "Invalid file.";
}
}
echo "Your current avatar: <br />";
echo $avatar;
?>
</body>
</html>