126 (edited by cal 2007-10-29 19:48)

Re: Automatic Image Upload with Thumbnails

Im getting this error when trying to upload an image.

Fatal error: Call to undefined function imagecreatefromjpeg() in /glftpd/site/www/nolltid/forum/uploadimg.php on line 289

I have got GD 2.028 and PHP 5.1.4.

This is my PHPINFO.

I havent modified the files, I just did as it said in the read me file.

127

Re: Automatic Image Upload with Thumbnails

You need to ask your host to compile PHP with the jpeg libraries.

128 (edited by cal 2007-10-29 19:48)

Re: Automatic Image Upload with Thumbnails

I compiled PHP with the JPEG libraries and upgraded to PHP 5.2.4.

But now I cant even run the uploadimg.php ?

This is my PHPINFO.

What could be wrong then?

129

Re: Automatic Image Upload with Thumbnails

And the error printed in the log is?

130

Re: Automatic Image Upload with Thumbnails

This is the error that I get in the logs.

PHP Parse error:  syntax error, unexpected '}' in /glftpd/site/www/nolltid/forum/uploadimg.php on line 550

131

Re: Automatic Image Upload with Thumbnails

Have you made any alterations to the uploadimg.php file at all?

There's a syntax error in it somewhere. Try uploading it again to make sure it hasn't become corrupted, and if that doesn't work, post the file.

132 (edited by cal 2007-10-29 17:24)

Re: Automatic Image Upload with Thumbnails

I havent made any changes to the file. I tried uploading a fresh copy from the "zip archive", but I get the same error.

This is the file.

<?php

  /**
   * Automatic Image Upload with Thumbnails - uploadimg.php
   * 
   * @author : Koos
   * @email  : pampoen10@yahoo.com
   * @version 1.3.2
   * @release date : 2007-05-26
   */

  /* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY
   * OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
   * LIMITED   TO  THE WARRANTIES  OF  MERCHANTABILITY,
   * FITNESS    FOR    A    PARTICULAR    PURPOSE   AND
   * NONINFRINGEMENT.  IN NO EVENT SHALL THE AUTHORS OR
   * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
   * OR  OTHER  LIABILITY,  WHETHER  IN  AN  ACTION  OF
   * CONTRACT,  TORT OR OTHERWISE, ARISING FROM, OUT OF
   * OR  IN  CONNECTION WITH THE SOFTWARE OR THE USE OR
   * OTHER DEALINGS IN THE SOFTWARE.
   */
   
   

include "uploadimg_config.php";



define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';

// Load the uploadimg.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/uploadimg.php';



// Detect two byte character sets
$multibyte = (isset($lang_common['lang_multibyte']) && $lang_common['lang_multibyte']) ? true : false;



$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_uploadimg['Upload image'];


require PUN_ROOT.'header.php';


            if ($pun_user['is_guest']) {
        message($lang_common['Not logged in']);
        }
        

        
        if (!in_array($pun_user['g_title'], $Allow_Uploads)) {
                 message($lang_uploadimg['No permission']);
                                                         }
                                                         
                                                         



//********************
        


?>
<div id="uploadimg" class="blockform">
    <h2><span><?php echo $lang_uploadimg['Upload image']; ?></span></h2>
    <div class="box">
    

  <form id="uploadimg" method="post" action="uploadimg.php?subpage=upload" enctype="multipart/form-data">


            
            <div class="inform">
                <fieldset>
                    <legend><?php if ($_GET['subpage'] == "upload") { echo $lang_uploadimg['Result']; } else {echo $lang_uploadimg['Select image']; } ?></legend>
                    <div class="infldset">
                    
                    
                            <?php


$limit_sizef = $limit_size*1024; // convert Kilobytes to bytes
$file_prefix = $pun_user['id']."_"; // the pun user id is used as the prefix for all uploaded files
$absolute_path_images = dirname(__FILE__) . "/" . substr_replace($idir,"",-1);
$absolute_path_thumbs = dirname(__FILE__) . "/" . substr_replace($tdir,"",-1);

  //find forumurl:
  $domain = $_SERVER['HTTP_HOST']; // find out the domain:
  $path = $_SERVER['SCRIPT_NAME']; // find out the path to the current file:
  $urltemp = "http://" . $domain . $path ; // put it all together:
  $parts = Explode('/', $path);
  $currentFile = end($parts);
  $forumurl = substr($urltemp, 0, strpos($urltemp, "$currentFile"));


      function strip_ext($name)

       {

           $ext = strrchr($name, '.');

          if($ext !== false)

          {

             $name = substr($name, 0, -strlen($ext));

          }

          return $name;

      }


//****
$check = $allow_jpg_uploads + $allow_png_uploads + $allow_gif_uploads;

   $i = 0;

   if ($allow_jpg_uploads == "1"){
   $type_array[$i]= "JPEG";
   $i = $i + 1;
   }

   if ($allow_png_uploads == "1"){
   $type_array[$i]= "PNG";
   $i = $i + 1;
   }

   if ($allow_gif_uploads == "1"){
   $type_array[$i]= "GIF";
   $i = $i + 1;
   }

if ($check == 0){
$message1 = $lang_uploadimg['Upload disabled'];
$message2 = "";
}

if ($check == 1){
$message1 = str_replace('<type1>', $type_array[0], $lang_uploadimg['Can only upload1']);
$message2 = str_replace('<extension1>', $type_array[0], $lang_uploadimg['Has to be1']);
$message2 = " ".$message2;
}

if ($check == 2){
$message1 = str_replace('<type1>', $type_array[0], $lang_uploadimg['Can only upload2']);
$message1 = str_replace('<type2>', $type_array[1], $message1);
$message2 = str_replace('<extension1>', $type_array[0], $lang_uploadimg['Has to be2']);
$message2 = str_replace('<extension2>', $type_array[1], $message2);
$message2 = " ".$message2;
}

if ($check == 3){
$message1 = str_replace('<type1>', $type_array[0], $lang_uploadimg['Can only upload3']);
$message1 = str_replace('<type2>', $type_array[1], $message1);
$message1 = str_replace('<type3>', $type_array[2], $message1);
$message2 = str_replace('<extension1>', $type_array[0], $lang_uploadimg['Has to be3']);
$message2 = str_replace('<extension2>', $type_array[1], $message2);
$message2 = str_replace('<extension3>', $type_array[2], $message2);
$message2 = " ".$message2;
}

if ($size_limit != "yes"){
$message3 = $lang_uploadimg['No size limit'];
}
else {
$message3 = str_replace('<MAX_SIZE>', $limit_size, $lang_uploadimg['Size limit']);
}

//****

if (!isset($_GET['subpage']) || $_FILES['imagefile']['name'] == null) {   // Image Upload Form Below   ?>
 
 <p><?php echo $lang_uploadimg['Upload message']; ?>
 </p>
  <p>
  <br><b><?php echo $lang_uploadimg['Restrictions']; ?></b>
  <br><?php echo $message1; ?>
  <?php 
  if ($resize_images_above_limit == "yes" && $size_limit == "no") {
  echo "<br>".str_replace('<MAX_SIZE>', $limit_size, $lang_uploadimg['Images above']);
  }
  else {
  echo "<br>".$message3;
  }
  ?>
  
  <br>
  </p>
  <p>
  <br></p>
  
  <form method="post" action="uploadimg.php?subpage=upload" enctype="multipart/form-data">
   <?php echo $lang_uploadimg['File']; ?><br />
  <input type="file" name="imagefile" class="form">
  
  <?php if ($allow_resize_option == "1") { ?>
    <br><br>
    <input type="checkbox" name="resizeimage" value="ON"> <?php echo $lang_uploadimg['Resize image']; ?>
    <select size="1" name="resizeoption">
    <option>100x75 (<?php echo $lang_uploadimg['Avatar']; ?>)</option>
    <option>160x120 (<?php echo $lang_uploadimg['Thumbnail']; ?>)</option>
    <option selected>320x240 (<?php echo $lang_uploadimg['Websites and email']; ?>)</option>
    <option>640x480 (<?php echo $lang_uploadimg['Message boards']; ?>)</option>
    </select>
 <?php } ?>



  <br><br>
  <input type="submit" name="uploadimg" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" />
  <br />

  
  
  <p>
      
    
    </p>
  
<? } 




if ((isset($_GET['subpage'])) && (!empty($_FILES['imagefile']['name']))) {   // Uploading/Resizing Script

  $imagefilename = $_FILES['imagefile']['name'];
  $imagefilename_rl = strip_ext($imagefilename);

  $imagefilename_ext = strtolower(end(explode('.',$imagefilename))); // get the file extension
  
  // transliterate all characters with accents,umlauts,ligatures and runes known to ISO-8859-1
  $imagefilename_rl = strtr($imagefilename_rl,"\xA1\xAA\xBA\xBF\xC0\xC1\xC2\xC3\xC5\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF\xD0\xD1\xD2\xD3\xD4\xD5\xD8\xD9\xDA\xDB\xDD\xE0\xE1\xE2\xE3\xE5\xE7\xE8\xE9\xEA\xEB\xEC\xED\xEE\xEF\xF0\xF1\xF2\xF3\xF4\xF5\xF8\xF9\xFA\xFB\xFD\xFF","!ao?AAAAACEEEEIIIIDNOOOOOUUUYaaaaaceeeeiiiidnooooouuuyy");   

  $imagefilename_rl = strtr($imagefilename_rl, array("\xC4"=>"Ae", "\xC6"=>"AE", "\xD6"=>"Oe", "\xDC"=>"Ue", "\xDE"=>"TH", "\xDF"=>"ss", "\xE4"=>"ae", "\xE6"=>"ae", "\xF6"=>"oe", "\xFC"=>"ue", "\xFE"=>"th"));
  
  // strip all non-alphanumeric characters (except _ -) from string and replace all spaces with _ (underscore)
  $find = array("/[^a-zA-Z0-9\-\_\s]/","/\s+/");
  $replace = array("","_");
  $imagefilename_rl = strtolower(preg_replace($find,$replace,$imagefilename_rl));
  $imagefilename = $imagefilename_rl.".".$imagefilename_ext;
  
  $url = $file_prefix . $imagefilename;   // Set $url To Equal The Filename For Later Use
  if ((($_FILES['imagefile']['type'] == "image/jpg" || $_FILES['imagefile']['type'] == "image/jpeg" || $_FILES['imagefile']['type'] == "image/pjpeg") && ($allow_jpg_uploads == "1")) || (($_FILES['imagefile']['type'] == "image/png" || $_FILES['imagefile']['type'] == "image/x-png") && ($allow_png_uploads == "1")) || (($_FILES['imagefile']['type'] == "image/gif") && ($allow_gif_uploads == "1"))) {
  


$nameoffile = $file_prefix.$imagefilename;


if(file_exists("$absolute_path_images/$nameoffile")) {


echo $lang_uploadimg['File exists']."<br>";   

echo "<br>".$lang_uploadimg['Exist message']." <b>".$_FILES['imagefile']['name']."</b><br>\n";

?>
<div style="padding: 5px 6px">
<img src="<?php echo ("$tdir$file_prefix$imagefilename"); ?>">
</div>
<?php

       echo "<br>".$lang_uploadimg['Copy and paste'].": <br>
       <textarea name='select' rows='6' cols='100'>
[url=.$forumurl.$idir.$file_prefix.$imagefilename.][img]".$forumurl.$tdir.$file_prefix.$imagefilename."[/img][/url]
</textarea>
</p>";

  
}
else{ 

// the file does not exist - can now be uploaded ****


  
if (($size_limit == "yes") && ($limit_sizef < $_FILES['imagefile']['size'])) { // file size must be less than $limit_sizef ****
      echo str_replace('<MAX_SIZE>', $limit_size, $lang_uploadimg['Too big']);
} else {

// Allocate all necessary memory for the image

ini_set('memory_limit', '-1');
  
    
    
    if (!empty($_FILES['imagefile']['tmp_name'])) {   

      
      if ($_FILES['imagefile']['type'] == "image/jpg" || $_FILES['imagefile']['type'] == "image/jpeg" || $_FILES['imagefile']['type'] == "image/pjpeg") {
      $simg = imagecreatefromjpeg($_FILES['imagefile']['tmp_name']);   // Make A New Temporary Image To Create The Thumbnail From
      }
      if ($_FILES['imagefile']['type'] == "image/png" || $_FILES['imagefile']['type'] == "image/x-png") {
      $simg = imagecreatefrompng($_FILES['imagefile']['tmp_name']);   // Make A New Temporary Image To Create The Thumbnail From
      }
      if ($_FILES['imagefile']['type'] == "image/gif") {
      $simg = imagecreatefromgif($_FILES['imagefile']['tmp_name']);   // Make A New Temporary Image To Create The Thumbnail From
      }
      
      $currwidth = imagesx($simg);   // Current Image Width
      $currheight = imagesy($simg);   // Current Image Height
      
      
      
         $zoomw = $currwidth/$twidth;
         $zoomh = $currheight/$theight;

            if ($zoomw > $zoomh) {
              $zoom = $zoomw;
                      }

            else {
              $zoom = $zoomh;
                }

           $newwidth = $currwidth/$zoom;
           $newheight = $currheight/$zoom;

    
      if ($currwidth < $twidth ) {    // If the Current Image Width is Less than the Thumbnail Width ****
      $dimg = imagecreate($currwidth, $currheight);   // Make New Image ****
      $copy = copy($_FILES['imagefile']['tmp_name'], "$tdir" . $file_prefix . $imagefilename);   // Move Image From Temporary Location To Permanent Location ****
      
      
      }
      
else {

      
      $dimg = @imagecreatetruecolor( $newwidth, $newheight );   // Make New Image For Thumbnail

      

      if (!$dimg) { 

      $dimg = imagecreate( $newwidth, $newheight ); 

      }
      
    imagecopyresampled( $dimg, $simg,

                        0,0,0,0,

                        $newwidth, $newheight, $currwidth, $currheight );   // Copy Resized Image To The New Image (So We Can Save It)
    
    
      if ($_FILES['imagefile']['type'] == "image/jpg" || $_FILES['imagefile']['type'] == "image/jpeg" || $_FILES['imagefile']['type'] == "image/pjpeg") {
      imagejpeg($dimg, "$tdir" . $url,85);   // Saving The Image
      }
      if ($_FILES['imagefile']['type'] == "image/png" || $_FILES['imagefile']['type'] == "image/x-png") {
      imagejpeg($dimg, "$tdir" . $url,85);   // Saving The Image
      }
      if ($_FILES['imagefile']['type'] == "image/gif") {
      imagejpeg($dimg, "$tdir" . $url,85);   // Saving The Image
      }
      
}
      

      
                  if (($resize_images_above_limit == "yes") && ($limit_sizef < $_FILES['imagefile']['size']) && (!isset($_POST['resizeimage']))) {
                         if ($currwidth > $currheight) {
                           $jwidth = "640";   // Maximum Width For Resized Images
                     $jheight = "480";   // Maximum Height For Resized Images
                                   }
                   else {
                        $jwidth = "480";   // Maximum Width For Resized Images
                     $jheight = "640";   // Maximum Height For Resized Images
                                   }
                                   
                                   
                      }
      
      
   if (isset($_POST['resizeimage'])) {
   
        $dimparts = Explode(' ', $_POST['resizeoption']);
        $resizedim = $dimparts [0];
            
                  if ($resizedim == "100x75") {
                         if ($currwidth > $currheight) {
                           $jwidth = "100";   // Maximum Width For Resized Images
                     $jheight = "75";   // Maximum Height For Resized Images
                                   }
                   else {
                        $jwidth = "75";   // Maximum Width For Resized Images
                     $jheight = "100";   // Maximum Height For Resized Images
                                   }
                     }
                  if ($resizedim == "160x120") {
                         if ($currwidth > $currheight) {
                           $jwidth = "160";   // Maximum Width For Resized Images
                     $jheight = "120";   // Maximum Height For Resized Images
                                   }
                   else {
                        $jwidth = "120";   // Maximum Width For Resized Images
                     $jheight = "160";   // Maximum Height For Resized Images
                                   }
                     }
                  if ($resizedim == "320x240") {
                         if ($currwidth > $currheight) {
                           $jwidth = "320";   // Maximum Width For Resized Images
                     $jheight = "240";   // Maximum Height For Resized Images
                                   }
                   else {
                        $jwidth = "240";   // Maximum Width For Resized Images
                     $jheight = "320";   // Maximum Height For Resized Images
                                   }
                     }
                  if ($resizedim == "640x480") {
                         if ($currwidth > $currheight) {
                           $jwidth = "640";   // Maximum Width For Resized Images
                     $jheight = "480";   // Maximum Height For Resized Images
                                   }
                   else {
                        $jwidth = "480";   // Maximum Width For Resized Images
                     $jheight = "640";   // Maximum Height For Resized Images
                                   }
                     }
            }
            


            

//============= RESIZE IMAGE CODE START =============
      if (isset($jwidth)) {
      
      
      

      //resize image
      
      //----create resized image start
      

    
           $zoomw = $currwidth/$jwidth;
         $zoomh = $currheight/$jheight;

            if ($zoomw > $zoomh) {
              $zoom = $zoomw;
                      }

            else {
              $zoom = $zoomh;
                }
            
            if (($currwidth < $jwidth) && ($currheight < $jheight)) {
            $zoom = "1";
            }    

           $newwidth = $currwidth/$zoom;
           $newheight = $currheight/$zoom;
           

      
      
        $jdimg = @imagecreatetruecolor( $newwidth, $newheight );   // Make New Image
        $gd_flag = "0";

      

        if (!$jdimg) { 

        $jdimg = imagecreate( $newwidth, $newheight );
        $gd_flag = "1";

        }

                imagecopyresampled( $jdimg, $simg,

                        0,0,0,0,

                        $newwidth, $newheight, $currwidth, $currheight );   // Copy Resized Image To The New Image (So We Can Save It)
    
      if ($_FILES['imagefile']['type'] == "image/jpg" || $_FILES['imagefile']['type'] == "image/jpeg" || $_FILES['imagefile']['type'] == "image/pjpeg") {
      imagejpeg($jdimg, "$idir" . $url,85);   // Saving The Image
      }
      if ($_FILES['imagefile']['type'] == "image/png" || $_FILES['imagefile']['type'] == "image/x-png") {
          if ($gd_flag != "1") {
              imagetruecolortopalette($jdimg, TRUE, 256);  // convert to 256 colors
              }
      imagepng($jdimg, "$idir" . $url);   // Saving The Image
      }
      if ($_FILES['imagefile']['type'] == "image/gif") {
          if ($gd_flag != "1") {
              imagetruecolortopalette($jdimg, TRUE, 256);  // convert to 256 colors
              }
      imagegif($jdimg, "$idir" . $url);   // Saving The Image
      }
      
      
      imagedestroy($jdimg);   // Destroying The Temporary Image
      //----create resized image end
    
      
            
      
      
      
      }
      
      else {
      $copy = move_uploaded_file($_FILES['imagefile']['tmp_name'], "$idir" . $file_prefix . $imagefilename);   // Move Image From Temporary Location To Permanent Location

      }
      
//============= RESIZE IMAGE CODE END =============
      
      
      imagedestroy($simg);   // Destroying The Temporary Image
      imagedestroy($dimg);   // Destroying The Other Temporary Image
      
      
      echo $lang_uploadimg['Successful upload']."<br />";   // Was Able To Successfully Upload Image
      echo $lang_uploadimg['Successful thumbnail']."<br>";   // Resize successful
      
      //only delete image if thumb doesn't exist
      if(file_exists("$absolute_path_images/$nameoffile")) {

                   if(!file_exists("$absolute_path_thumbs/$nameoffile")) {
                    unlink($idir.$nameoffile);

                    }
               }

               

               

      //only delete thumb if image doesn't exist
      if(file_exists("$absolute_path_thumbs/$nameoffile")) {

                   if(!file_exists("$absolute_path_images/$nameoffile")) {
                    unlink($tdir.$nameoffile);

                    }
               }


    
    } else {
      echo "<font color=\"#FF0000\">".$lang_uploadimg['Unable to upload']."</font>";   // Error Message If Upload Failed
    }
  
  
?>
<div style="padding: 5px 6px">
<img src="<?php echo ("$tdir$file_prefix$imagefilename"); ?>">
</div>
<?php


      echo "<br>".$lang_uploadimg['Copy and paste'].": <br>
       <textarea name='select' rows='6' cols='100'>
[url=.$forumurl.$idir.$file_prefix.$imagefilename.][img]".$forumurl.$tdir.$file_prefix.$imagefilename."[/img][/url]
</textarea>
</p>";
      


  }
  
  

  } 
  
  } else {
    echo "<font color=\"#FF0000\">".$lang_uploadimg['Wrong filetype'].$message2.". ".$lang_uploadimg['Yours is']." ";   // Error Message If Filetype Is Wrong
    // Show The Invalid File's Extention
    echo "<b>".$_FILES['imagefile']['type']."</b></font>";  
  }
} 



?>

                        
                    </div>
                </fieldset>
                
            </div>
            
            
            <?
            if (!isset($_GET['subpage']) || $_FILES['imagefile']['name'] == null) {     ?>
            
            <p align="right"><a href="uploadimg_view.php?view=gallery"><?php echo $lang_uploadimg['My uploads']; ?></a></p>
            
            <?php 
            if (in_array($pun_user['g_title'], $Allow_Stats)) {
            ?>
                   <p align="right"><a href="uploadimg_stats.php"><?php echo $lang_uploadimg['Upload statistics']; ?></a></p>
             <?php 
              }
            
            } ?>
            
        
        </form>
    </div>
</div>
<?php

require PUN_ROOT.'footer.php';

?>

133

Re: Automatic Image Upload with Thumbnails

Is there nothing mentioned previously in this thread or over on the punres thread about this? If not, best to wait for Koos to have a peek in. Tried looking at that uploadimg.php script, but it's awkward to see what follows where, so Koos himself would be best to advise on this problem. I do seem to vaguely remember this being asked before, though, so it may be worthwhile searching the threads for this mod. smile

134

Re: Automatic Image Upload with Thumbnails

Hi cal - send me an email, so that we can try and fix this. Please also reactivate the php info link (test.php)

135

Re: Automatic Image Upload with Thumbnails

My PHP version has been changed to PHP Version 4.3.9, but this still not works...
The same - says that "succesful", gives links, but in "upload" folder is nothing...

136

Re: Automatic Image Upload with Thumbnails

Ahmed wrote:

My PHP version has been changed to PHP Version 4.3.9, but this still not works...
The same - says that "succesful", gives links, but in "upload" folder is nothing...

Ask your system administrator to upgrade to a more recent version of php. Also make sure that gd has been configured correctly.

I will update this mod soon - will include the fix that solved cal's problem.

Re: Automatic Image Upload with Thumbnails

I sent this in an email to Koos, but I figured... why not post it here for the community to benefit:

Hey Koos,

Long time no write!  I hope you?re doing well.  I?m using your image upload script on two forums and it is working GREAT!   I?m wondering if you would be interested in me making a donation in exchange for a little upgrade:

Basically, I want to limit the number of pictures people can upload.   Limiting the size is great, but it would be AWESOME if I could give different groups different #s of images to upload? for example:

Admin: unlimited
Mods: 200
Supporter: 100
Members: 20

Something like that.   Let me know what type of donation would make it worth your while and I?ll see what I can pull together.

Rob Ludlow 
www.Nifty-Stuff.com - Repository of all Stuff Nifty!
www.reviewum.com - Professor Ratings + Teacher Reviews

138

Re: Automatic Image Upload with Thumbnails

Time for a little update. Just some minor fixes - including one I am surprised no one noticed: when uploading an image where image width < max thumbnail width, and image height > max thumbnail width - the image does not resize. For example: when uploading a 80x500 pixel image. Also: decided to remove the dimensions column in the list view - makes the list view look to cluttered. If you want to enable it again, just set the $show_dim variable to "1" in the uploadimg_view.php file.

reviewum.com wrote:

I?m wondering if you would be interested in me making a donation in exchange for a little upgrade:

Basically, I want to limit the number of pictures people can upload.   Limiting the size is great, but it would be AWESOME if I could give different groups different #s of images to upload

This would be very easy to do - so no donation necessary. Will mail you the modded version when I get a chance.

Re: Automatic Image Upload with Thumbnails

Hello,


I was very happy to find - at last - an easy installing mod to post images on my forum. Unfortunatly, it seems that I can't add the additionnal menu item since I get this message :

An error was encountered
Error: Unable to write configuration cache file to cache directory. Please make sure PHP has write access to the directory 'cache'.

I thought about a 777 CHMOD on the cache directory, with no avail. Is there anything more to do to get "write access" ?

Thanks

Re: Automatic Image Upload with Thumbnails

Well, I fixed that part of the pb : I had to CHMOD all files in the 'cache' directory. Now I still can't use this mod : I get a blank screen.  can someone have a look at what happens ? (www.francafrique.infos.st) / http://www.francafrique.infos.st/uploadimg.php

141

Re: Automatic Image Upload with Thumbnails

new morning wrote:

Well, I fixed that part of the pb : I had to CHMOD all files in the 'cache' directory. Now I still can't use this mod : I get a blank screen.  can someone have a look at what happens ? (www.francafrique.infos.st) / http://www.francafrique.infos.st/uploadimg.php

Are you using the latest version of this mod (v1.3.3)? Also make sure that your  php version is not outdated, and that gd has been configured properly.

Re: Automatic Image Upload with Thumbnails

Koos wrote:

Are you using the latest version of this mod (v1.3.3)?

Yes

-  Also make sure that your  php version is not outdated
phpMyAdmin 2.7.0-pl1


- and that gd has been configured properly.

What is GD ?

143

Re: Automatic Image Upload with Thumbnails

new morning wrote:

phpMyAdmin 2.7.0-pl1

PHP, not the PHP admin programme.


new morning wrote:

What is GD ?

Graphics library.

Re: Automatic Image Upload with Thumbnails

I was under PHP 4 and asked to upgrade to PHP 5... I hoppe this will solve the problem.


By the way, is this GD correctly configured ?

gd :
GD Support     enabled
GD Version     2.0 or higher
FreeType Support     enabled
FreeType Linkage     with freetype
T1Lib Support     enabled
GIF Read Support     enabled
GIF Create Support     enabled
JPG Support     enabled
PNG Support     enabled
WBMP Support     enabled

145

Re: Automatic Image Upload with Thumbnails

That looks fine. smile

146

Re: Automatic Image Upload with Thumbnails

Automatic Image Upload with Thumbnails 1.3.4 now available. I would advice everyone to update - since this release includes an important vulnerability fix. Here are some of the changes made in this version:

* Rewrote the "uploadimg.php" page
* Fixed a vulnerability
* All pages now valid XHTML 1.0 Strict
* Stats totals now also include thumb size

147

Re: Automatic Image Upload with Thumbnails

Koos wrote:

Automatic Image Upload with Thumbnails 1.3.4 now available. ...

Where?

148

Re: Automatic Image Upload with Thumbnails

PunRes

149

Re: Automatic Image Upload with Thumbnails

Vulnerability in the Automatic Image Upload with Thumbnails v. 1.3.4

Description:
Peter Österberg has discovered a vulnerability in the Automatic Image Upload with Thumbnails module for PunBB, which can be exploited by malicious users to conduct cross-site scripting attacks and to compromise a vulnerable system.

The uploadimg.php script fails to validate the extension of an uploaded file. This can be exploited to upload files with ".html" or ".php" extensions by passing an allowed MIME media type in the HTTP headers.

Successful exploitation allows to conduct cross-site scripting attacks or to execute arbitrary PHP code on the server, but requires valid user credentials in a group that is allowed to upload files.

http://secunia.com/advisories/28138

solution:
open uploadimg.php and find line (~193):

// Determine whether file is correct filetype-
if (!((($_FILES['imagefile']['type'] == "image/jpg" || $_FILES['imagefile']['type'] == "image/jpeg" || $_FILES['imagefile']['type'] == "image/pjpeg") && ($allow_jpg_uploads == "1")) || (($_FILES['imagefile']['type'] == "image/png" || $_FILES['imagefile']['type'] == "image/x-png") && ($allow_png_uploads == "1")) || (($_FILES['imagefile']['type'] == "image/gif") && ($allow_gif_uploads == "1"))))

replace with (added extension checking):

if (!((($_FILES['imagefile']['type'] == "image/jpg" || $_FILES['imagefile']['type'] == "image/jpeg" || $_FILES['imagefile']['type'] == "image/pjpeg") && ($imagefilename_ext == 'jpg' || $imagefilename_ext == 'jpeg') && ($allow_jpg_uploads == "1")) || (($_FILES['imagefile']['type'] == "image/png" || $_FILES['imagefile']['type'] == "image/x-png") && ($imagefilename_ext == 'png') && ($allow_png_uploads == "1")) || (($_FILES['imagefile']['type'] == "image/gif") && ($imagefilename_ext == 'gif') && ($allow_gif_uploads == "1"))))

be careful! wink

150

Re: Automatic Image Upload with Thumbnails

IMPORTANT UPDATE - V1.3.5 RELEASED

Thanks for the feedback. Peter Österberg contacted me last year about this vulnerability which was found in v1.3.2 and confirmed in v1.3.3. I attempted to fix it in v1.3.4, but there are some things I missed.  This is indeed a very serious vulnerability - and I have now released v1.3.5. Everyone should update to this version. Download from punres.org

I have also created the file uploadimg_check.php which will check for potentially harmful files that were uploaded with previous versions and give you the option to delete them. Click here to download it. Note that you must be logged in as Admin to use it.