hello,
i wrote a script that it upload a jpg image and then
it save the image in mysql table...
in my computer there is no problem all image can be uploaded succesfully,
but some of the other computers there is a problem.
they can't upload any image ...
what causes this problem?
image can't be uploaded from some computer
Moderator: General Moderators
Here is my code...
i send a file to this page and some computer can't save this image file into the mysql table
Code: Select all
if ($_FILES['foto']['type']!="image/pjpeg")
{
echo "<script language=javascript>
alert('Dosyaniz uygun formatta degil.Dosyanizi jpg formatinda gönderiniz.');
self.history.back();
</script>";
exit;
}
else if ($_FILES['foto']['size']>500000)
{
echo "<script language=javascript>
alert('Dosyanizin boyutu çok büyük 500KB küçük dosyalar gönderiniz ');
self.history.go(-1);
</script>";
exit;
}
$resim=addslashes(fread(fopen($_FILES['foto']['tmp_name'],"r"),filesize($_FILES['foto']['tmp_name'])));
$aciklama=addslashes($_POST['aciklama']);
$today = getdate();
$date="$today[year]-$today[mon]-$today[mday]";
$sql="insert into ".$tablo_fotograf."
(okul_kodu,Resim,Aciklama,Tarih) values
('".$okul_kodu."', '$resim' , '$aciklama' , '$date')";
$tpl->define(fotogonder_durum ,"durum.tpl");
if ( $db->query( $sql ) )
{
$tpl->assign( MESAJ , "Gönderdiðiniz fotoðraf kaydedilmistir." );
$mesaj="merhaba\n".
"\nwww.e-yillik.net te ki yilliga $aciklama diye aciklamasi olan yeni fotograf eklendi.\n".
"\nBilgilerinize sunulur.\n".
"\nIyi gunler...\n".
"\nwww.e-yillik.net/yonetim/?okul=$okul_kodu ";
@mail( $yonetici_mail , "Fotograf eklendi" , $mesaj ,"from:info@e-yillik.net");
}
else
{
$tpl->assign( MESAJ , "Gönderdiðiniz fotoðraf kaydedilemedi.<br>")
}
$tpl->parse( fotogonder_durum , "fotogonder_durum" );
$tpl->FastPrint( fotogonder_durum );i send a file to this page and some computer can't save this image file into the mysql table
Last edited by mekya on Tue Mar 28, 2006 11:13 am, edited 1 time in total.
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
image/pjpeg is just one of the mime types JPEG files can come in on and you should never rely on the browser to tell you what type of file it is.
Use getimagesize() to determine that it is an image and if it is a type you want to accept. Use file_get_contents() instead of fopen()-fread(), if possible, it's just easier to work with. addslashes() alone may not be enough to avoid injection problems. If you're using MySQL, use mysql_real_escape_string() instead.
Use getimagesize() to determine that it is an image and if it is a type you want to accept. Use file_get_contents() instead of fopen()-fread(), if possible, it's just easier to work with. addslashes() alone may not be enough to avoid injection problems. If you're using MySQL, use mysql_real_escape_string() instead.