Create a PNG

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
SidewinderX
Forum Contributor
Posts: 407
Joined: Fri Jul 16, 2004 9:04 pm
Location: NY

Create a PNG

Post by SidewinderX »

Well I have a script and it is pretty self explanatory. A form posts values to it, it uses GD to create an image, and uses some file functions to create a file called $pid.php.

I can use the <img src=".....$pid.php" /> to display the *image* but what I want it to do is actually create a png file rather than a php file.

I know the imagepng() function allows you to specify the name of the image, but the way I have it currently setup, when i submit the first form it creates the file $pid.php and I have to execute that (http://www....../$pid.php) file for the png file to be created. So my question is, how can I make the png file automatically created once the form is submitted?

Code: Select all

<?php
$stat1 = $_POST['stat1'];
$stat2 = $_POST['stat2'];
$stat3 = $_POST['stat3'];
$stat4 = $_POST['stat4'];
$stat5 = $_POST['stat5'];
$stat6 = $_POST['stat6'];
$stat7 = $_POST['stat7'];
$stat8 = $_POST['stat8'];
$stat9 = $_POST['stat9'];
$pid = $_POST['pid'];

$sig = "<?php
header('Content-type: image/png');

/**** Variables ****/
\$r = 0;
\$g = 0;
\$b = 0;
\$bgImage = \"bg-sidewinder.png\";
/*******************/

\$im = imagecreatefrompng (\$bgImage);
\$color = imagecolorallocate(\$im, \$r, \$g, \$b);

include(\"../config.php\");
\$result = mysql_query(\"SELECT * FROM \". \$dbtable .\" WHERE pid = '$pid'\", \$db);
while (\$row = mysql_fetch_assoc(\$result)) {
	\$text[1] = \$row['$stat1'];
	\$text[2] = \$row['$stat2'];
	\$text[3] = \$row['$stat3'];
	\$text[4] = \$row['$stat4'];
	\$text[5] = \$row['$stat5'];
	\$text[6] = \$row['$stat6'];
	\$text[7] = \$row['$stat7'];
	\$text[8] = \$row['$stat8'];
	\$text[9] = \$row['$stat9'];
}

\$font = 'arial.ttf';
\$size[1] = 7;
\$size[2] = 9;

imagettftext(\$im, \$size[2], 0, 15, 21, \$color, \$font, \$text[1]);
imagettftext(\$im, \$size[2], 0, 190, 21, \$color, \$font, \$text[2]);
imagettftext(\$im, \$size[1], 0, 65, 45, \$color, \$font, \$text[3]);
imagettftext(\$im, \$size[1], 0, 250, 45, \$color, \$font, \$text[4]);
imagettftext(\$im, \$size[1], 0, 50, 64, \$color, \$font, \$text[5]);
imagettftext(\$im, \$size[1], 0, 260, 64, \$color, \$font, \$text[6]);
imagettftext(\$im, \$size[1], 0, 63, 82, \$color, \$font, \$text[7]);
imagettftext(\$im, \$size[1], 0, 259, 82, \$color, \$font, \$text[8]);
imagettftext(\$im, \$size[1], 0, 78, 100, \$color, \$font, \$text[9]);

imagepng(\$im, $pid.png);
imagedestroy(\$im);
?>";

$fp = fopen("$pid.php", "w");
fputs($fp, $sig);
fclose($fp);

echo "The image has been created...";
?>
User avatar
aaronhall
DevNet Resident
Posts: 1040
Joined: Tue Aug 13, 2002 5:10 pm
Location: Back in Phoenix, missing the microbrews
Contact:

Post by aaronhall »

Hmmm... the script in $sig should simply be run in this context. What you're doing is placing a script in a variable, saving the contents of that variable to a file, and then calling the file... all in the same script. Just run that code that's in $sig right now. You are already saving the image file as $pid.png via the imagepng() call toward the bottom of the script. Just refer to that file.
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

You realize people could maliciously inject php code into your script right?... and potentially cripple your server.

Yeed my warning of not sanitizing your variables.

What if $stat1 was

Code: Select all

somevarname']; system('-rm ...... bad code here');
SidewinderX
Forum Contributor
Posts: 407
Joined: Fri Jul 16, 2004 9:04 pm
Location: NY

Post by SidewinderX »

Thanks aaronhall :D
Jcart wrote:You realize people could maliciously inject php code into your script right?... and potentially cripple your server.

Yeed my warning of not sanitizing your variables.

What if $stat1 was

Code: Select all

somevarname']; system('-rm ...... bad code here');


Nope, I did not realize that but I should have, thank you!
Post Reply