Home/ Questions/Q 7886715
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-03T05:23:20+00:00

I have an multiple image upload script, it resizes images and creates a thumbnail.

  • 0

I have an multiple image upload script, it resizes images and creates a thumbnail. for some odd reasons some images do are not going though. in this case the image size is small and it’s a JPEG type file. for some reason its not going through. it works perfectly with other images. I am using the same script for single files and it uploads that image file. please help! thanks!

<?php require_once("../includes/connection.php"); ?>
<?php require_once("../includes/functions.php"); ?>
<?php 
$albumName = $_GET['album'];
$albumDate = $_GET['date'];
$albumId = $_GET['id'];
$upload_path = "/home/elevat17/public_html/images/gallery/"; //location
$images = $_FILES['userFile']['name'];
$temps = $_FILES['userFile']['tmp_name'];
$types = $_FILES['userFile']['type'];
$errors = $_FILES["userFile"]["error"];
if ($_FILES["userFile"]["name"]=="") {echo "You must choose a file to upload!";}
if(in_array("", $images)) {die('Select an image to upload.');}


else

{
for ($n=0; isset($images[$n]) && isset($temps[$n]) && isset($types[$n]) && isset($errors[$n]); $n++) {
if ((($types[$n] == "image/gif")

|| ($types[$n] == "image/jpeg")

|| ($types[$n] == "image/pjpeg")

|| ($types[$n] == "image/png")

|| ($types[$n] == "image/jpg")

|| ($types[$n] == "image/x-png")))


{

if ($errors[$n] > 0)

{

$content =  "Return Code: " . $errors[$n] . "<br />";

}

else

{

$content =  "Upload: " . $images[$n] . "<br />";

$content =  "Type: " . $types[$n] . "<br />";

$content =  "<br/><br/>";



if (file_exists($upload_path . $images[$n]))

{

die($images[$n].' already exists. Upload cancelled!');

}

else

{

$uploadedfile = $temps[$n];

$image = $images[$n];

$size = getimagesize($uploadedfile);

$type = $size['mime'];

$width = $size[0];

$height = $size[1];

if($height > '900' || $width > '600')

{ 

$newwidth=600; // NEW WIDTH 

$newheight=($height/$width)*$newwidth;

$tmp=imagecreatetruecolor($newwidth,$newheight);

$filename = $upload_path.$image;



if($size[2] == IMAGETYPE_GIF)

    {

        $src = imagecreatefromgif($uploadedfile);

        imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height);

        imagegif($tmp,$filename,100);

    }

elseif($size[2] == IMAGETYPE_JPEG)

    {

        $src = imagecreatefromjpeg($uploadedfile);

        imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height);

        imagejpeg($tmp,$filename,100);

    }

elseif($size[2] == IMAGETYPE_PNG) 

    {

        $src = imagecreatefrompng($uploadedfile);

        imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height);

        imagepng($tmp,$filename,9);

    }
crop_img(75,75);
move_uploaded_file($uploadedfile, $filename);
imagedestroy($src);

imagedestroy($tmp);

}

else

{      




}
$query = "INSERT INTO photos (photo_name, in_album) VALUES ('{$image}', $albumId)";
            if (mysql_query($query)) {header("location: edit_album.php?id={$albumId}");}




}

}

}

else { $content     =  "Invalid file"; }

}

}

?>
<?php require("../includes/footer.php"); ?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You’re not checking if the upload succeeded and are assuming it has. This is a bad way to write code. There is exactly ONE way for an upload to succeed, and MANY ways for it to fail.

    You’re also assuming the person doing the upload is not malicious and won’t simply rename their nastyvirus.exe to be cutekittens.jpg before uploading.

    At bare minimum, you need to have

    if ($_FILES['userfile']['error'] !== UPLOAD_ERR_OK) {
    die('Upload failed with error code ' . $_FILES['userfile']['error']);
}

    to ensure you’ve actually got something useful to work with, and then use something like http://php.net/fileinfo to have the SERVER determine what the file’s type is.

    Never EVER trust what the user sends to you.

    • 0