Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

PHP and MySQL Image Uploader

  • 01-09-2008 2:10pm
    #1
    Registered Users, Registered Users 2 Posts: 211 ✭✭


    Hi,
    I have created an image uploader for a website. Its not online yet, im testing it using WAMP Server. Everything is working fine up until I submit the image, its displays the following error after clicking submit:

    "403 Forbidden
    You don't have permission to access /< on this server."

    Any help would be great..


Comments

  • Closed Accounts Posts: 8,866 ✭✭✭Adam


    Truck wrote: »
    Hi,
    I have created an image uploader for a website. Its not online yet, im testing it using WAMP Server. Everything is working fine up until I submit the image, its displays the following error after clicking submit:

    "403 Forbidden
    You don't have permission to access /< on this server."

    Any help would be great..
    it's to do with where you're trying to upload the image to, it would seem you have the path incorrect. can you post the code?


  • Registered Users, Registered Users 2 Posts: 211 ✭✭Truck


    Mirror wrote: »
    it's to do with where you're trying to upload the image to, it would seem you have the path incorrect. can you post the code?

    OK heres the php code, the uploaded image will be stored in the MySQL database called 'Gallery', and in a table called 'ae_gallery'

    [PHP]
    <?php
    $db_host = 'localhost';
    $db_user = 'xxxxxxxx';
    $db_pwd = 'xxxxxxxx';

    $database = 'Gallery';
    $table = 'ae_gallery';
    // use the same name as SQL table

    $password = '123';
    // simple upload restriction,
    // to disallow uploading to everyone


    if (!mysql_connect($db_host, $db_user, $db_pwd))
    die("Cant connect to database");

    if (!mysql_select_db($database))
    die("Cant select database");

    // This function makes usage of
    // $_GET, $_POST, etc... variables
    // completly safe in SQL queries
    function sql_safe($s)
    {
    if (get_magic_quotes_gpc())
    $s = stripslashes($s);

    return mysql_real_escape_string($s);
    }

    // If user pressed submit in one of the forms
    if ($_SERVER == 'POST')
    {
    // cleaning title field
    $title = trim(sql_safe($_POST));

    if ($title == '') // if title is not set
    $title = '(empty title)';// use (empty title) string

    if ($_POST != $password) // cheking passwors
    $msg = 'Error: wrong upload password';
    else
    {
    if (isset($_FILES))
    {
    @list(, , $imtype, ) = getimagesize($_FILES);
    // Get image type.
    // We use @ to omit errors

    if ($imtype == 3) // cheking image type
    $ext="png"; // to use it later in HTTP headers
    elseif ($imtype == 2)
    $ext="jpeg";
    elseif ($imtype == 1)
    $ext="gif";
    else
    $msg = 'Error: unknown file format';

    if (!isset($msg)) // If there was no error
    {
    $data = file_get_contents($_FILES);
    $data = mysql_real_escape_string($data);
    // Preparing data to be used in MySQL query

    mysql_query("INSERT INTO {$table}
    SET ext='$ext', title='$title',
    data='$data'");

    $msg = 'Success: image uploaded';
    }
    }
    elseif (isset($_GET)) // isset(..title) needed
    $msg = 'Error: file not loaded';// to make sure weve using
    // upload form, not form
    // for deletion


    if (isset($_POST)) // If used selected some photo to delete
    { // in 'uploaded images form';
    $id = intval($_POST);
    mysql_query("DELETE FROM {$table} WHERE id=$id");
    $msg = 'Photo deleted';
    }
    }
    }
    elseif (isset($_GET))
    {
    $id = intval($_GET);

    $result = mysql_query("SELECT ext, UNIX_TIMESTAMP(image_time), data
    FROM {$table}
    WHERE id=$id LIMIT 1");

    if (mysql_num_rows($result) == 0)
    die('no image');

    list($ext, $image_time, $data) = mysql_fetch_row($result);

    $send_304 = false;
    if (php_sapi_name() == 'apache') {
    // if our web server is apache
    // we get check HTTP
    // If-Modified-Since header
    // and do not send image
    // if there is a cached version

    $ar = apache_request_headers();
    if (isset($ar) && // If-Modified-Since should exists
    ($ar != '') && // not empty
    (strtotime($ar) >= $image_time)) // and grater than
    $send_304 = true; // image_time
    }


    if ($send_304)
    {
    // Sending 304 response to browser
    // "Browser, your cached version of image is OK
    // we're not sending anything new to you"
    header('Last-Modified: '.gmdate('D, d M Y H:i:s', $ts).' GMT', true, 304);

    exit(); // bye-bye
    }

    // outputing Last-Modified header
    header('Last-Modified: '.gmdate('D, d M Y H:i:s', $image_time).' GMT',
    true, 200);

    // Set expiration time +1 year
    // We do not have any photo re-uploading
    // so, browser may cache this photo for quite a long time
    header('Expires: '.gmdate('D, d M Y H:i:s', $image_time + 86400*365).' GMT',
    true, 200);

    // outputing HTTP headers
    header('Content-Length: '.strlen($data));
    header("Content-type: image/{$ext}");

    // outputing image
    echo $data;
    exit();
    }
    ?>
    <html><head>
    <title>MySQL Blob Image Gallery Example</title>
    </head>
    <body>
    <?php
    if (isset($msg)) // this is special section for
    // outputing message
    {
    ?>
    <p style="font-weight: bold;"><?=$msg?>
    <br>
    <a href="<?=$PHP_SELF?>">reload page</a>
    <!-- I've added reloading link, because
    refreshing POST queries is not good idea -->
    </p>
    <?php
    }
    ?>
    <h1>Blob image gallery</h1>
    <h2>Uploaded images:</h2>
    <form action="<?=$PHP_SELF?>" method="post">
    <!-- This form is used for image deletion -->

    <?php
    $result = mysql_query("SELECT id, image_time, title FROM {$table} ORDER BY id DESC");
    if (mysql_num_rows($result) == 0) // table is empty
    echo '<ul><li>No images loaded</li></ul>';
    else
    {
    echo '<ul>';
    while(list($id, $image_time, $title) = mysql_fetch_row($result))
    {
    // outputing list
    echo "<li><input type='radio' name='del' value='{$id}'>";
    echo "<a href='{$PHP_SELF}?show={$id}'>{$title}</a> – ";
    echo "<small>{$image_time}</small></li>";
    }

    echo '</ul>';

    echo '<label for="password">Password:</label><br>';
    echo '<input type="password" name="password" id="password"><br><br>';

    echo '<input type="submit" value="Delete selected">';
    }
    ?>

    </form>
    <h2>Upload new image:</h2>
    <form action="<?=$PHP_SELF?>" method="POST" enctype="multipart/form-data">
    <label for="title">Title:</label><br>
    <input type="text" name="title" id="title" size="64"><br><br>

    <label for="photo">Photo:</label><br>
    <input type="file" name="photo" id="photo"><br><br>

    <label for="password">Password:</label><br>
    <input type="password" name="password" id="password"><br><br>

    <input type="submit" value="upload">
    </form>
    </body>
    </html>
    [/PHP]


  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    Also post up the raw HTML for the upload form.


  • Registered Users, Registered Users 2 Posts: 211 ✭✭Truck


    seamus wrote: »
    Also post up the raw HTML for the upload form.

    The html upload form is in the php file towards the end


  • Closed Accounts Posts: 8,866 ✭✭✭Adam


    the code is good, and i've tested it, it works. and with no 403 error for me...so with know intricate knowledge of the how or why, i would assume it is to do with your wamp setup.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    I know :)

    But it's always good to see what's popped out. Specifically, I'm looking at the less-than sign that it's in the error message you're getting.

    403 is an http error. You'd usually only get this when you try to access a webpage/directory to which you don't have access. Errors with image uploads don't generate HTTP error messages (because it's a filesytem operation).


  • Closed Accounts Posts: 8,866 ✭✭✭Adam


    seamus wrote: »
    I know :)

    But it's always good to see what's popped out. Specifically, I'm looking at the less-than sign that it's in the error message you're getting.

    403 is an http error. You'd usually only get this when you try to access a webpage/directory to which you don't have access. Errors with image uploads don't generate HTTP error messages (because it's a filesytem operation).
    agreed, i initially asked because i assumed he was using folders rather than a database and was perhaps trying to access the image once it was uploaded.


  • Registered Users, Registered Users 2 Posts: 211 ✭✭Truck


    Mirror wrote: »
    the code is good, and i've tested it, it works. and with no 403 error for me...so with know intricate knowledge of the how or why, i would assume it is to do with your wamp setup.

    Thanks Mirror, good to know the code is working. I'll have a look at the WAMP setup now.


  • Closed Accounts Posts: 8,866 ✭✭✭Adam


    Truck wrote: »
    Thanks Mirror, good to know the code is working. I'll have a look at the WAMP setup now.
    if you fancy going the easy route, look up Xampp, by far the easiest dev env i've ever used, one-click installer and your away.


  • Registered Users, Registered Users 2 Posts: 378 ✭✭sicruise


    Are you sure the URL you are trying to access isn't actually just password protected?

    Use http://httpd.apache.org/docs/1.3/howto/auth.html#basicconfig to check your config.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 211 ✭✭Truck


    At last ive got it !

    Apparently I was'nt using full tags <?php ... ?>
    So in my php.ini from the wamp server I changed the settings

    Short_open_tag = on
    Short_open_tag = on
    Allow Asp-Style <%%>tags
    Asp_tags = on

    It then works fine ! :)


  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    Personal preference, I'd recommend always using the long opening tags. :)


Advertisement