PDA

View Full Version : Alright, the image upload hack is frustrating me.

12-21-2000, 02:50 PM
The image upload hack found here:
http://www.vbulletin.com/forum/showthread.php?threadid=5669
is not working for me. I've tried posting in that thread but no one is answering. Can anyone help?

I keep on getting the "This is an illegal file type" error even though the images are jpg or gif.

In the upload_file.php script, I have my path as: forums/images/public/ and changed the "public" folder to 777 CHMOD as specified.

For maximum file size, I have 20000.

What am I doing wrong? I am running vB 1.1.4 and PHP4.

Thanks
-Hideki
12-21-2000, 03:02 PM
Hey, I've got the exact problem as you.

I've got all my forums modified to that hack, and it don't work.. grr... And the creator of it, JimF, doesnt seem to talk about it anymore.

I think it might have something to do with the variables I edited in upload_file.php3 (well php in your case). I set the image size to 150000 (I'm thinking this script was counting in bytes, so 150000 = 150kb).

I'm in desperate help now, cause this is taking too long to setup when it could be done in a second by fixing those variables I think.

[Edited by Fred on 12-21-2000 at 12:05 PM]
12-21-2000, 07:47 PM
20000 = 20Kb. That's an awfully small file. It is strange that it is giving you the wrong error. I'm busy as hell this week and next week, but I'll try to find time to work on a fix for this. I don't want to spend too much time doing this, because I could be spending that time working on v2.0, which will include this feature anyway, I believe. But I'll see what I can do.

It works fine for me, that's all I can really say. The code in the Zip file is exactly the same as I have on my board where it works fine.

-jim
12-21-2000, 07:53 PM
For a temporary fix, remove this part of the code:

// Check file type
if (!eregi("\.jpg$", "\.gif$", $userfile_name)) {
print "Illegal file type. Only files with .jpg and .gif extensions can be uploaded.<br>Please <a href=\"javascript:history.back()\">click here</a> to go back and try again.";
exit;

}


I'll see why this code wasn't working as soon as I get a chance. Regardless, the code that the user is given is an img code, so it won't display if it's not an image.

-jim
12-21-2000, 07:54 PM
Thanks Jim, I really would like to incorporate your hack.
-Hideki
12-21-2000, 11:31 PM
JimF,

something is really weird. I did what you said, I removed that part of the coding like the stated above. But now when I uplod an image, it gives me this:


// This is the script that takes the form values and uploads the image to the server.
12-22-2000, 12:29 AM
Use this line here:
if ($userfile_type == "image/gif" or $userfile_type == "image/pjpeg" or $userfile_type == "image/jpeg") {

So in code it would look like this:



if ($userfile_type == "image/gif" or $userfile_type == "image/pjpeg" or $userfile_type == "image/jpeg") {

// Copy the uploaded file to the proper directory

if (copy ($userfile, "$full_path$username$date$time$userfile_name")) {




// Initialize BBCode tags for use in the Image URL - I know this is a cheap way to do this, but I was rushing :-)

$open_img_tag = "https://vborg.vbsupport.ru/";




// Remove the temp file from the server
unlink ($userfile);




// Begin User Code Presentation Page

print "<font face=\"arial\" size=\"-1\"><b><p>Copy the following code (from https://vborg.vbsupport.ru/) and insert it into your post:</p>";
print "<font face=\"arial\" size=\"-1\"><b><p><form><input type=\"text\" size=\"50\" value=\"" . $open_img_tag . "http://www.pbreview.com/fpics/$username$date$time$userfile_name$close_img_tag\"></form></p>";
print "<font face=\"arial\" size=\"-1\"><b><p><a href=\"javascript:self.close()\"><font color=\"#FF9900\">Close This Window</font></a></p>";
print "<font face=\"arial\" size=\"-1\"><b><p><a href=\"http://www.pbreview.com/fpics/$username$date$time$userfile_name\" target=\"_blank\"><font color=\"#FF9900\">Click here to preview your image</font></font></a></p>";


}
} else {
printf("<font face=\"arial\" size=\"-1\"><b>Illegal file type. It has to be a jpg or gif. Please <a href=\"javascript:history.back()\"><font color=\"#FF9900\">click here</font></a> to go back and try again.");

}
12-22-2000, 02:21 AM
6impy, a couple of questions.

1. Where does your code go and if it does, what does it replace?

2. I'm getting broken images "red x" in your code in a couple of places.

I really do appreciate your willingness to help though.
Thanks.
12-22-2000, 11:31 PM
Oh here is the file I use (the changes are noted with // CHANGED HERE):

--------------------------------------------------------------------

<?

require("global.php");

// Editable variables
$full_path = "/home/httpd/html/pbreview.com/fpics/"; // full path to directory that you want to store the images in - directory must be CHMOD to 777
$filesize = "102400"; // this is the max file size that you'd like uploaded

// Initialize date and time variables
// These are inserted into the image URL to ensure unique names

$date = (date ("mdy")); // format looks like 121700 - Month, Day, Year
$time = (date ("His")); // format looks like 214521 - Hours, Minutes Seconds



// Check that the user has permission to post/upload

if ($bbuserid == 0)
{
eval("echo standarderror(\$bbtitle,\"".gettemplate("error_nopermission")."\");");
exit;
}

if ($bbusername == "" || (isset($bbusername))==0)
{
$getusername=$DB_site->query_first("SELECT username FROM user WHERE userid=$bbuserid");
$username=$getusername[username];
$bbusername = $username;
}
else
{
$username = $bbusername;
}




// Check file size

if ($userfile_size > $filesize) {
print "<font face=\"arial\" size=\"-1\"><b>Your file is too large. Please <a href=\"javascript:history.back()\"><font color=\"#FF9900\">click here</font></a> to go back and try again.</b></font>";
exit;

}


// CHANGED HERE
if ($userfile_type == "image/gif" or $userfile_type == "image/pjpeg" or $userfile_type == "image/jpeg") {
// END CHANGED HERE

// Copy the uploaded file to the proper directory

if (copy ($userfile, "$full_path$username$date$time$userfile_name")) {




// Initialize BBCode tags for use in the Image URL - I know this is a cheap way to do this, but I was rushing :-)

$open_img_tag = "https://vborg.vbsupport.ru/";




// Remove the temp file from the server
unlink ($userfile);




// Begin User Code Presentation Page

print "<font face=\"arial\" size=\"-1\"><b><p>Copy the following code (from https://vborg.vbsupport.ru/) and insert it into your post:</p>";
print "<font face=\"arial\" size=\"-1\"><b><p><form><input type=\"text\" size=\"50\" value=\"" . $open_img_tag . "http://www.pbreview.com/fpics/$username$date$time$userfile_name$close_img_tag\"></form></p>";
print "<font face=\"arial\" size=\"-1\"><b><p><a href=\"javascript:self.close()\"><font color=\"#FF9900\">Close This Window</font></a></p>";
print "<font face=\"arial\" size=\"-1\"><b><p><a href=\"http://www.pbreview.com/fpics/$username$date$time$userfile_name\" target=\"_blank\"><font color=\"#FF9900\">Click here to preview your image</font></font></a></p>";


}
// CHANGED HERE
} else {
printf("<font face=\"arial\" size=\"-1\"><b>Illegal file type. It has to be a jpg or gif. Please <a href=\"javascript:history.back()\"><font color=\"#FF9900\">click here</font></a> to go back and try again.");

}
//END CHANGED HERE
?>


------------------------------------------------------------

Also make sure to take out the old statement that checks for file type!
12-22-2000, 11:43 PM
Originally posted by Fred
JimF,

something is really weird. I did what you said, I removed that part of the coding like the stated above. But now when I uplod an image, it gives me this:


// This is the script that takes the form values and uploads the image to the server.




At the very top of file_upload.php there is "// This is the script that takes the form values and uploads the image to the server. "

Remove that!

It is not commenting it because it is not between <? and ?>
12-23-2000, 04:52 AM
Originally posted by 6impy
Oh here is the file I use (the changes are noted with // CHANGED HERE):

--------------------------------------------------------------------

<?

require("global.php");

// Editable variables
$full_path = "/home/httpd/html/pbreview.com/fpics/"; // full path to directory that you want to store the images in - directory must be CHMOD to 777
$filesize = "102400"; // this is the max file size that you'd like uploaded

// Initialize date and time variables
// These are inserted into the image URL to ensure unique names

$date = (date ("mdy")); // format looks like 121700 - Month, Day, Year
$time = (date ("His")); // format looks like 214521 - Hours, Minutes Seconds



// Check that the user has permission to post/upload

if ($bbuserid == 0)
{
eval("echo standarderror(\$bbtitle,\"".gettemplate("error_nopermission")."\");");
exit;
}

if ($bbusername == "" || (isset($bbusername))==0)
{
$getusername=$DB_site->query_first("SELECT username FROM user WHERE userid=$bbuserid");
$username=$getusername[username];
$bbusername = $username;
}
else
{
$username = $bbusername;
}




// Check file size

if ($userfile_size > $filesize) {
print "<font face=\"arial\" size=\"-1\"><b>Your file is too large. Please <a href=\"javascript:history.back()\"><font color=\"#FF9900\">click here</font></a> to go back and try again.</b></font>";
exit;

}


// CHANGED HERE
if ($userfile_type == "image/gif" or $userfile_type == "image/pjpeg" or $userfile_type == "image/jpeg") {
// END CHANGED HERE

// Copy the uploaded file to the proper directory

if (copy ($userfile, "$full_path$username$date$time$userfile_name")) {




// Initialize BBCode tags for use in the Image URL - I know this is a cheap way to do this, but I was rushing :-)

$open_img_tag = "";
$close_img_tag = "";




// Remove the temp file from the server
unlink ($userfile);




// Begin User Code Presentation Page

print "<font face=\"arial\" size=\"-1\"><b><p>Copy the following code (from to ) and insert it into your post:</p>";
print "<font face=\"arial\" size=\"-1\"><b><p><form><input type=\"text\" size=\"50\" value=\"" . $open_img_tag . "http://www.pbreview.com/fpics/$username$date$time$userfile_name$close_img_tag\"></form></p>";
print "<font face=\"arial\" size=\"-1\"><b><p><a href=\"javascript:self.close()\"><font color=\"#FF9900\">Close This Window</font></a></p>";
print "<font face=\"arial\" size=\"-1\"><b><p><a href=\"http://www.pbreview.com/fpics/$username$date$time$userfile_name\" target=\"_blank\"><font color=\"#FF9900\">Click here to preview your image</font></font></a></p>";


}
// CHANGED HERE
} else {
printf("<font face=\"arial\" size=\"-1\"><b>Illegal file type. It has to be a jpg or gif. Please <a href=\"javascript:history.back()\"><font color=\"#FF9900\">click here</font></a> to go back and try again.");

}
//END CHANGED HERE
?>


------------------------------------------------------------

Also make sure to take out the old statement that checks for file type!


Doesn't work. Now when I upload something, this comes up:


Warning: File Upload Error - Unable to open temporary file [./phpkJROIT] in /home/truthugs/forum/upload_file.php3 on line 299

Warning: Unable to open '' for reading: No such file or directory in /home/truthugs/forum/upload_file.php3 on line 54
12-23-2000, 04:53 AM
I didn't bother to look at any of the code but uploads won't work if PHP doesn't have write access to the directory.
12-23-2000, 04:57 AM
6impy,

Do me a huge favour, take both your files (upload.php and upload_file.php) and zip them up. Then upload them for a couple days or so or Email it to fred@truthugs.com.

I would be extremely greatful, because this stil isn't work.. :(