romulo
Feb 1 2006, 05:53 PM
ok i have used the following code in my upload.php file Code: CODE $uploaddir = '../photos/'; $uploadfile = $uploaddir . basename($_FILES['userfile']['name']); echo '<pre>'; if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) { echo "File is valid, and was successfully uploaded.\n"; } else { echo "Possible file upload attack!\n"; } using ../photos/ as my upload DIR works, as the file does upload, but when i echo $uploadfile on the same page: Code: CODE <img src="http://www.thedirtybackbeats.com/<?php echo $uploadfile; ?>" alt="uploadedfile" /> IE wont show it as it has two fullstops before the photo dir in the domain e.g : http://www.thedirtybackbeats.com/../photos/playlist.JPGit works in firefox, as it removes the two full stops, but IE isnt having any of it. any ideas? Reply With Quote -----Please use CODE tags when posting codes-----szupie
Reply
minnieadkins
Feb 2 2006, 12:21 AM
Interesting. I'm sure someone will respond as to why this is happening, and why firefox interprets it differently, but it's obvious if you use $uploadfile as part of the href for the image...it will say http://yourdomain.com/../photos because it's just a string and it's putting the text where you tell it to. I don't know if double quotes would make a difference here, but probably not. I personally was goin to try to write a bit of code that uploads images, but I haven't even started yet. Why are you displaying the picture on the same page? Is it just to verify that the image has been loaded and show it in action? As I said, I haven't tried this so if the '../photos/' is required rather than just 'photos/' then a simple fix would be to CODE $uploadfile = substr($uploadfile, 3); Just cut out the first 3 (or 2 characters) in your string after you successfully upload. Then you should have a valid path to your image. I'm just curioius as to why firefox parses it. Anyone?
Reply
vujsa
Feb 2 2006, 03:13 AM
I suggest not using relative urls. I understand the though behind using relitive urls but if you are building the url with PHP anyhow, I suggest using some of the built in PHP file system functions to build the link. I think this link may help. http://us2.php.net/manual/en/function.realpath.phpThis way you'll have all of the benefits of using a relative url for the script but the link that the browser will see will be absolute. You would need to run a few more functions on the variable before it would be usable as a url. Hope this help you. vujsa
Reply
minnieadkins
Feb 2 2006, 07:51 PM
Good idea, I thought about that too, but I've never used that function. I don't even know how that thing works lol. Anyways if you can pass an real address rather than just relative to your upload function you could just build your URL. CODE $uploaddir= 'http://' . $_SERVER['HTTP_HOST'] . '/photos/'; Sometimes you might not want the '//', I've read that somewhere and they used some kind of ternary operator to deal with that problem. In most cases I think something like that would work, as long as you kept the same structure. Perhaps that function realpath would be the better solution tho. Gl with it.
Reply
Similar Topics
Keywords : php, file, upload, works, stupid
- What Is The Medata File?
What is the importance of the file (0)
How To Include A File Using Absolute Paths Under A Secure Php Installation
Alternatives to the Include() Function (6) I suppose every PHP developer invariably uses the include() function to include the contents of
another file into the current one. But if your PHP installation is secure, using absolute paths
(whether to the local server or to a remote server) in this include() function will most likely
result in an error. For example, the following PHP code will work fine... CODE But if
you try to use an absolute path instead of a relative path, you'll run into an error. For
example, if you use the following PHP code... CODE ... you'll receive the follow....
File Sharing
xp mshome not accessible (11) Hi, I so need help on how to straighten out my problem with file sharing. I have a desktop with xp
pro. A laptop with xp pro and the desktop is the main computer wired thru the router. The laptop is
wireless with internal network card. I used to be able to share files between these two. Now I
can't. The desktop see's the laptop, the laptop see's the desktop, only if i show view
workgroup computers. The laptop only shows it's self. I get mshome is not accessible. But if
i click set up a home or small office it shows that i already have it there. W....
How We Resore The Old File.
backup and restore (2) Welcome, My one PC is not working fine i want to restore my old file, i made backup in pen drive but
how we restore my old file in my system, what is the path to restore the file, i have complete c:
drive backup in which i have installing my windows. when i store file by system restore it send
error report, there is any way to restore my old file, restore point and backup i think that both
are different, there may be problem but i cant resolve it. thanks....
Css File Size
(7) Iam using a CSS file of 23+KB size, thats cuz i am not using tables XD, i am gona work on that and
replace everything with tablesbut i still have alot of things to work on my sight. My question, will
this cause any performance issues when people view my sight?....
Mysql And User File_priv
(0) HI, I've hit the grain while trying to import file to mysql database - I need to enable file
permissions of the database user but this seems not possible with most of the hosting providers.
The problem is to set file_priv of the database user to "Y" . This is done in the "user" table of
the maintanance database named "mysql". cPanel doesn't allow this. Via the cPanel you can only
allow privileges on table querries but you cannot grant host file privileges to the database user -
which makes querries like: "LOAD DATA INFILE 'filename' INTO TABLE tablen....
Need To Edit A Wav File [solved]
can you recommend me a free software ? (1) Hi, For ringtone purposes, I need a wav file smaller than 2 megs. This means editing my favourite
song, and shorten the wav file to the first seconds of the intro in order to be less than 2 megs.
Could you please recommend me a soft able to do that ? Easy to use and free if possible ? Or a
commercial one having a trial version ? Thanks in advance Yordan ------------------ Edit : OK,
Audacity did perfectly the job. I leave this post here, maybe this info could be useful for somebody
else.....
How To Copy File & Folders From Linux To Windows?.
(12) Many face problem while transfering file from Linux to windows and Vise versa. My solution for
this is "winscp405". Winscp is a windows freeware tool used to copy file from & to Linux machine.
To get this tool just google for " winscp405" tool and download this small package and install.
Enjoy working with Linux and windows /tongue.gif" style="vertical-align:middle" emoid=":P"
border="0" alt="tongue.gif" />....
Is A Php File Searchable?
(8) Hi, I have made my web site solely stored in a SQL database...that will say if I need to load a
page I take it our from the data base and then display it. My question is: is any searcg engine
able to ``crawl'' into my web site content? I would appreciate some info so that I can
change the way my web works. ....
How "light Saber" Works
Yes!! the StarWars Light Saber (2) Was checking out www.howstuffworks.com when i found this one... Click Here to to find out how
Light Sabers Work Hope you like it.....
Internet Explorer 7 Problem
Works fine in Firefox! (Shocker) (8) Hey, I'm helping my mom with one of her web projects for class and I've noticed a pretty
big problem (no thanks to IE7) that cost her a few points. It won't load an image of an email
icon, however, Firefox will load and display it properly. Here's the line for the image: CODE
Also, IE7 complains about some ActiveX content, but this is just a basic page and NO
JavaScript, NO Java applets, NO ActiveX of any kind! I've never seen anything as crazy as this!
Wow... IE really sucks... anyone had a similar problem? F....
Deleting A Corrupt File
Cannot delete a corrupt file on Windows XP... (26) I was upgrading some software and came across a corrupt file that halted the installation process. I
went to see what was wrong with the file, and failed to manually delete it. I tried moving
(cut&paste) it to another location, and the installation succeeded. However, the file is still on my
drive, taking up a KB of space. I know that's not a lot, but where am I supposed to put it? In a
folder created especially for all the corrupt files on my computer? /blink.gif"
style="vertical-align:middle" emoid=":blink:" border="0" alt="blink.gif" /> I've heard
something....
Server Behind Router
Works fine to others, but not internally (7) I have an Apache server set up on my computer so that I can test my scripts without uploading them.
The computer connects to the Internet through a wireless router. I can access my server fine by
going to "localhost" (of course), but when I try to access it on any computer in the network by
going to my modem's IP, my router's setup page shows up. However, this problem does not
exist when I do it from a computer outside the network. I have tried forwarding Inbound port 80 to
this computer, but it still doesn't work. I want to see the server's page using ot....
Read/Write Issues After Copying An Access .mdb File
(3) Alright, I'm currently creating an interface program for a MS Access database. I've only
used Access once in the past but used other DB's a handful of times so I didn't have any
trouble getting the general program created. My issue arose when I tried to make it so that the
users needing to use the program can just copy the .exe and the .mdb files and use it. The program
doesn't require users to share the database but to store their OWN programs information in their
OWN database, so basically each needs to have their own database with the exact same d....
How Do You Use The cPanel File Manager?
How to use File Manager? (14) I feel stupid for asking this but I can’t figure out how to use file manager. How do you
open folders and view the file in it? When I click on a certain folder the options does not include
opening it. And can you upload file from the file manager? I’ve been using FTP to manage my
files so far. ....
How To Create Exe File In Java?
(13) Dear friends I came to know that one can build exe files from java application. How this is
possible? According to me there is no such method in java to cerate exe files. However Microsoft
used to provide a free system development kit (SDK), for Java, which includes the jexegen tool. But
one need install Microsoft Java Virtual Machine to run such application. Some people suggest
InstallAnyWhere.....
How Parental Control Software Works
(4) Parental control software sits on the computer between a browser and the Internet, it's
something like a firewall - no data can be sent to and from the Internet by the browser without it
first being checked by the software. Ways of blocking in Parental Control Software There are
three ways by which parental control software block sites or their contents: CODE (i) They
check requested URLs against a list of blocked sites in their repository, which is automatically
updated like anti-virus updates. (ii) The software checks the text on the site for banned wor....
You Cannot Create A File Named Con
(10) did you know, that on MS Word, you cannot name a document con? nobody can figure out why! ....
Super File Recover
(3) SUPERFileRecover 3.0.0.1052 SUPERFileRecover can recover deleted Files, Documents, Spreadsheets,
Pictures, Movies, and Music easy! SUPERFileRecover utilizes read-only scanning so that the data on
your drive remains intact no matter how many times you scan and attempt recovery! SUPER File
Recove features When a file is deleted the file may still exist on the drive from which it was
deleted even if you have emptied the recycle bin. With SUPERFileRecover you can often recover the
entire file completely intact, saving hours of work reproducing a document, redoing a v....
How To Use Psd File
(15) I'm redesigning my website, and I found a template for it that is in a PSD format. I have Adobe
Photoshop so I can open it and edit it. I changed the text and images exactly the way I want it, but
what do I do from here? How do I get the images and text from the PSD to the individual files that
makes it up? Or am I supposed to be doing that at all? Thanks....
Uploading Image File Through JSP Code To Server
(9) I have to upload images from client side to server side, without using input tag or browseing of
file. I know the absolute path of file in client side. And that file I want to shift to server with
JSP code or any servlet code. I have done uploading through servlet to the server with input tag
and type is file . Servlet code : CODE import com.oreilly.servlet.MultipartRequest;
import java.io.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; public
class UploadPhoto extends HttpServlet { public void doPost(HttpServletRequest req, Ht....
Rapidshare
Free File Hosting (1) Rapidshare Upload limit: Unlimited Download limit: Unlimited Excellent file hosting/storage
site. FAST uploads and downloads. Highly recommended! Tell me what you think! This topic has
been posted on several times earlier. Use SEARCH before posting. If you want to discuss about this
hosting service, follow up on the older threads. Topic closed. ....
Ebay Sucks!
ebay is for stupid people (35) Looking past the low prices, eBay is a marketing based trap. Some people might wonder why the heck
would anyone sell prices that low? I mean, $0.01 cents? Some items are reserved. That means if you
don't bid up to a set price not displayed, then the vender has the right to not sell you their
garbage. That makes some feel jipped. And if you ever manage to get a good deal on something (like a
computer), you have to deal with shipping charges. Some sellers overcharge their shipping prices. I
know people that do so. And if you're really unlucky, you might end up with....
What Is Mkv? Need Help With This File Format?
(10) I've download a movie, but I don't know how to open it. What's MKV format. Never used
that before. This is the file name : Final_Fantasy_VII_Last_Order_v2.DVD(H264.AAC) .mkv I'm
very excited to watch the movie. So, please reply as soon as possible. Please include information
about the codec in your post. Where to download the codec ?....
Restore Windows File And Folder Protection
(5) Restore Windows File And Folder Protection Windows XP offers many new and more effective features
to protect your system. For example, Windows hides files and folders stored on Windows, Program
files and system directory to protect them from being changed or deleted. When you want to open
system folders for first time, windows displays below screen These Files Are Hidden This folder
contains files that keep your system working properly. You should not modify its contents Show the
contents of this folder If you click on “Show the contents of this folder” in left p....
Get Rid Of Stupid Flash/activex-warning
IE Users only :-) (4) Finally found a way to get rid of the stupid ActiveX-warning when ActiveX-plugins (Flash) are
disabled in Internet Explorer! Those who need it, know what I'm talking about. Let me say one
thing first: I HATE Flash, I really do. Well and I LIKE Internet Explorer, I want to use Internet
Explorer and I want to use it without Flash. This little workaround is for people who want to use
Internet Explorer without Flash, and not for happy Firefox users with their nice flashblocker,
alright. In Internet Explorer, when you disable ActiveX-Plugins, you get an extremely annoyi....
Text File Operations VB.NET
(6) In this tutorial you will learn most of the operations you can use on a text file. They include
finding if a file exists, opening/creating a file, reading/writing file, closing file, copying
file, deleting file. You will need a form with two buttons on it. Use the names Step1 and Step2.
First thing we are going to do is import system.IO. To do this go into the forms code view. At
the very top add this line. CODE Imports system.IO This lets us use the file operations
that we need for this tutorial. Next we need to check to see if a file exists. To ....
How To Increase Windows Shutdown Speed
when you enabled “clear Page File at shu (40) How to increase Windows shutdown speed when you enabled “clear Page File at shutdown”? /blink.gif'
border='0' style='vertical-align:middle' alt='blink.gif' /> Note that making incorrectly changes
to the registry may damage your system; please back up any valued data on your computer. 1) Go to
Start menu > Run > and type regedit and click OK. 2) Find following address: HKEY_LOCAL_MACHINE \
SYSTEM \ CurrentControlSet \ Control \Session Manager \ Memory Management 3) In right side right
click on “ClearPageFileAtShutdown”, select Modify and make value of “1”, and Exit ....
Recover Tables From A MySQL .frm File
(8) I have a couple of .frm files with no corresponding data or index files. Is it possible to recover
the table structure (field names, types, sizes, rows,col, etc) from these files? The table type is
innodb....
Counter With Img In Flat File
(2) this is a counter with images and stor in flat file becouse i can not upload .zip .rar file iwell
program it on this post at frist you need to 2 files count.php count.txt and you need else make
folder has name gifs and make 10 pictuer 10 file 0.gif to 9.gif now all ok open the count.php and
add this code CODE ### IMAGE FORMAT $format = ".gif"; $file = file("count.txt"); $num =
($file + 1); exec("echo $num > count.txt"); switch($type) { case "text": echo $num; break;
case "gfx": $i = 0; $cntn = strlen($num); while($i $tmpnum = subst....
Looking for php, file, upload, works, stupid
|
*SIMILAR VIDEOS*
Searching Video's for php, file, upload, works, stupid
|
advertisement
|
|
