what have on webpage didnt want show entire web page if have will. site goes edit-profile.php , doesnt upload image database when outside of web page in dummy page works. when add web page stops working
<form action="/sub/test.php" method="post" enctype="multipart/form-data"> <label for="title">title:</label><br> <input type="text" name="title" id="title" size="64"><br><br> <label for="photo">photo:</label><br> <input type="file" name="photo" id="photo"><br><br> <label for="password">password:</label><br> <input type="password" name="password" id="password"><br><br> test.php: <?php $db_host = ''; // don't forget change $db_user = ''; $db_pwd = ''; $database = ''; $table = ''; // use same name sql table $password = '123'; // simple upload restriction, // disallow uploading if (!mysql_connect($db_host, $db_user, $db_pwd)) die("can't connect database"); if (!mysql_select_db($database)) die("can't select database"); // function makes usage of // $_get, $_post, etc... variables // completly safe in sql queries function sql_safe($s) { if (get_magic_quotes_gpc()) $s = stripslashes($s); return mysql_real_escape_string($s); } // if user pressed submit in 1 of forms if ($_server['request_method'] == 'post') { // cleaning title field $title = trim(sql_safe($_post['title'])); if ($title == '') // if title not set $title = '(empty title)';// use (empty title) string if ($_post['password'] != $password) // cheking passwors $msg = 'error: wrong upload password'; else { if (isset($_files['photo'])) { @list(, , $imtype, ) = getimagesize($_files['photo'] ['tmp_name']); // image type. // use @ omit errors if ($imtype == 3) // cheking image type $ext="png"; // use later in http headers elseif ($imtype == 2) $ext="jpeg"; elseif ($imtype == 1) $ext="gif"; else $msg = 'error: unknown file format'; if (!isset($msg)) // if there no error { $data = file_get_contents($_files['photo']['tmp_name']); $data = mysql_real_escape_string($data); // preparing data used in mysql query mysql_query("insert {$table} set ext='$ext', title='$title', data='$data'"); $msg = 'success: image uploaded'; } } elseif (isset($_get['title'])) // isset(..title) needed $msg = 'error: file not loaded';// make sure we've using // upload form, not form // deletion if (isset($_post['del'])) // if used selected photo delete { // in 'uploaded images form'; $id = intval($_post['del']); mysql_query("delete {$table} id=$id"); $msg = 'photo deleted'; } } } elseif (isset($_get['show'])) { list item --------- $id = intval($_get['show']); $result = mysql_query("select ext, unix_timestamp(image_time), data {$table} id=$id limit 1"); if (mysql_num_rows($result) == 0) die('no image'); list($ext, $image_time, $data) = mysql_fetch_row($result); $send_304 = false; if (php_sapi_name() == 'apache') { // if our web server apache // check http // if-modified-since header // , not send image // if there cached version $ar = apache_request_headers(); if (isset($ar['if-modified-since']) && // if-modified-since should exists ($ar['if-modified-since'] != '') && // not empty (strtotime($ar['if-modified-since']) >= $image_time)) // , grater $send_304 = true; // image_time } if ($send_304) { // sending 304 response browser // "browser, cached version of image ok // we're not sending new you" header('last-modified: '.gmdate('d, d m y h:i:s', $ts).' gmt', true, 304); exit(); // bye-bye } // outputing last-modified header header('last-modified: '.gmdate('d, d m y h:i:s', $image_time).' gmt', true, 200); // set expiration time +1 year // not have photo re-uploading // so, browser may cache photo quite long time header('expires: '.gmdate('d, d m y h:i:s', $image_time + 86400*365).' gmt', true, 200); // outputing http headers header('content-length: '.strlen($data)); header("content-type: image/{$ext}"); // outputing image echo $data; exit(); } ?> <input type="submit" value="upload">
Comments
Post a Comment