php-general Digest 29 Aug 2006 19:11:39 -0000 Issue 4319
Topics (messages 241172 through 241193):
Re: Comparing strings... need advice. :)
241172 by: Ivo F.A.C. Fokkema
241175 by: Micky Hulse
help - outputting a jpeg
241173 by: Ross
241174 by: Ivo F.A.C. Fokkema
character set when sending emails with PHP
241176 by: Angelo Zanetti
file type and recode
241177 by: Martin Marques
replace single and double quotes
241178 by: Reinhart Viane
241179 by: afan.afan.net
241180 by: Jochem Maas
241181 by: Jochem Maas
241182 by: Peter Lauri
241183 by: Reinhart Viane
241184 by: Reinhart Viane
241186 by: Jochem Maas
241188 by: Peter Lauri
image manipulation with php
241185 by: Ross
241187 by: Jochem Maas
241192 by: zerof
switch()
241189 by: afan.afan.net
241190 by: Ray Hauge
241191 by: Ray Hauge
241193 by: afan.afan.net
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
On Mon, 28 Aug 2006 19:39:49 -0400, Robert Cummings wrote:
> On Mon, 2006-08-28 at 16:50 +0200, Ivo F.A.C. Fokkema wrote:
>> On Mon, 28 Aug 2006 09:47:02 +0100, Stut wrote:
>> > Micky Hulse wrote:
>> >> I am looking for the most secure/efficient way to compare these two
>> >> strings:
>> >>
>> >> /folder1/folder2/folder3/folder4/
>> >> /folder1/folder2/folder3/folder4/file.php
>> >>
>> >> Basically I am trying to setup as many security features as possible for
>> >> a simplistic (home-grown/hand-coded) CMS...
>> >>
>> >> This appears to work:
>> >>
>> >> $haystack = '/folder1/folder2/folder3/folder4/someFileName.php';
>> >> $needle = '/folder1/folder2/folder3/folder4/';
>> >> if(substr_count($haystack, $needle) === 1) echo "yea";
>> >>
>> >> Before making changes to "someFileName.php" I want to make sure it is
>> >> within the allowed path ($needle).
>> >
>> > First of all make sure you are sending both strings through realpath
>> > (http://php.net/realpath) to remove any symbolic links and relative
>> > references. Then you can compare the two strings. The way you're doing
>> > it will work but it's probably not very efficient. This is what I use...
>> >
>> > $valid = (strcmp($needle, substr($haystack, 0, strlen($needle))) == 0);
>> >
>>
>> Personally, this seems simpler to me:
>>
>> $valid = (dirname($haystack) == $needle);
>>
>> But the way the above folders are presented, it should become
>>
>> $valid = (dirname($haystack) == rtrim($needle, '/'));
>>
>> less simple already... Possibly, this is not the best solution for some
>> reason I don't know. If so, I would like to know :)
>
> The above technique doesn't allow for sub-directories. It only allows
> for files within the needle directory.
Ah, thanks. Misunderstood the question, then. Thought just checking if
it's a file in that directory was what's needed.
--- End Message ---
--- Begin Message ---
Ivo F.A.C. Fokkema wrote:
Ah, thanks. Misunderstood the question, then. Thought just checking if
it's a file in that directory was what's needed.
You were right. :)
I did not plan on looking-in anything other than one or two hard-coded
folder locations. But, it is good to know the details. ;)
Thanks again for the help...
Time for me to hit the hay. I have een geeking-out for way too long today.
Cheers,
Micky
--- End Message ---
--- Begin Message ---
I just get all the binary data output
<?
include("includes/config.php");
$link = mysql_connect($host, $user, $password) or die ('somethng went
wrong:' .mysql_error() );
mysql_select_db($dbname, $link) or die ('somethng went wrong, DB error:'
.mysql_error() );
$query = "SELECT DISTINCT gallery FROM thumbnails";
$result = @mysql_query( $query,$link );
while ($row = @mysql_fetch_assoc($result) ) {
$gallery_id=$row['gallery'];
$query2 = "SELECT * FROM thumbnails WHERE gallery ='$gallery_id' LIMIT 1";
$result2 = @mysql_query($query2);
while ($row2 = @mysql_fetch_array($result2, MYSQL_ASSOC)){
Header( "Content-type: image/pjpeg");
echo "<img src=\"".$row2["bin_data"]."\">";
}
--- End Message ---
--- Begin Message ---
On Tue, 29 Aug 2006 09:52:20 +0100, Ross wrote:
> I just get all the binary data output
>
> <?
> include("includes/config.php");
> $link = mysql_connect($host, $user, $password) or die ('somethng went
> wrong:' .mysql_error() );
> mysql_select_db($dbname, $link) or die ('somethng went wrong, DB error:'
> .mysql_error() );
>
> $query = "SELECT DISTINCT gallery FROM thumbnails";
> $result = @mysql_query( $query,$link );
>
> while ($row = @mysql_fetch_assoc($result) ) {
>
> $gallery_id=$row['gallery'];
>
> $query2 = "SELECT * FROM thumbnails WHERE gallery ='$gallery_id' LIMIT 1";
> $result2 = @mysql_query($query2);
>
> while ($row2 = @mysql_fetch_array($result2, MYSQL_ASSOC)){
> Header( "Content-type: image/pjpeg");
> echo "<img src=\"".$row2["bin_data"]."\">";
>
>
> }
You're mixing binary data with HTML. What do you want to do? If you want
to put multiple pictures on one page, first build the HTML, that loads the
pictures and use a php file to retrieve the given ID from the database and
output the header and binary result.
--- End Message ---
--- Begin Message ---
Hi all,
I have various PHP CRONTAB scripts that run and send automated emails to
people, the subject often contains the "TM" character: ™, in most of the
email clients the character shows correctly but in some webmail
applications the character is replaced with a square, it obviously
doesnt recognise the character. Now if I forward one the mails from the
email client to the webmail account it then recognises and shows the
character correctly? Very weird as it is the same mail just forwarded,
is the problem that the mail forwarded from the email client uses a
different content type when sent? The one specified in the PHP script is
as follows:
$mail->setHeader("Content-type", "text/plain; charset=iso-8859-1");
Or is there something wrong with the charset that I'm specifying above?
Any help or advice would be appreciated.
TIA
Angelo
--
------------------------------------------------------------------------
Angelo Zanetti
Systems developer
------------------------------------------------------------------------
*Telephone:* +27 (021) 469 1052
*Mobile:* +27 (0) 72 441 3355
*Fax:* +27 (0) 86 681 5885
*
Web:* http://www.zlogic.co.za
*E-Mail:* [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
--- End Message ---
--- Begin Message ---
Simple question:
Is there a built-in function in PHP to get the charset of a file, so that
I can pass the right parameters to recode_file()?
--
21:50:04 up 2 days, 9:07, 0 users, load average: 0.92, 0.37, 0.18
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '@' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
--- End Message ---
--- Begin Message ---
This is the code is use to insert/update text into a database field:
$sqledit="update activities set act_extra='$_POST[editextra]',
act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
double quotes.
So the query almost always gives me an error.
I know I have to replace " with ", but I do not know how to replace the
single quote so it is shown as a single quote on a webpage when I get it
from the database
I have been looking into str_replace and preg_replace. But what I really
need is a solution that 'replaces' single quotes, double quotes en curly
quotes so I tackle all possible problems and the same text as it was inputed
in the textarea is shown on the webpage.
Thx in advance
--- End Message ---
--- Begin Message ---
since I had something similar as a problem, let m etry to anser ang see
did I get it correct :)
first, and most important: never store in DB row submitted string
$act_extra = mysql_real_escape_string($_POST[editextra]);
$act_extra_fr = mysql_real_escape_string($_POST[editextrafr])
$act_id = mysql_real_escape_string($_POST[editid]);
then:
$sqledit = "
update activities
set act_extra='".$act_extra."',
act_extra_fr = '".$act_extra_fr."'
where act_id = '".$act_id."'";
to check:
echo $sqledit;
it should work now.
hope this helped.
-afan
> This is the code is use to insert/update text into a database field:
>
> $sqledit="update activities set act_extra='$_POST[editextra]',
> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
>
> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
> double quotes.
> So the query almost always gives me an error.
>
> I know I have to replace " with ", but I do not know how to replace
> the
> single quote so it is shown as a single quote on a webpage when I get it
> from the database
>
> I have been looking into str_replace and preg_replace. But what I really
> need is a solution that 'replaces' single quotes, double quotes en curly
> quotes so I tackle all possible problems and the same text as it was
> inputed
> in the textarea is shown on the webpage.
>
> Thx in advance
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
--- Begin Message ---
[EMAIL PROTECTED] wrote:
> since I had something similar as a problem, let m etry to anser ang see
> did I get it correct :)
seems ok ...
>
> first, and most important: never store in DB row submitted string
>
> $act_extra = mysql_real_escape_string($_POST[editextra]);
> $act_extra_fr = mysql_real_escape_string($_POST[editextrafr])
the following should always be an integer (probably) ...
> $act_id = mysql_real_escape_string($_POST[editid]);
so why not do:
$act_id = intval($_POST[editid]);
if (!$act_id) die('go away script kiddie!');
>
> then:
> $sqledit = "
> update activities
> set act_extra='".$act_extra."',
> act_extra_fr = '".$act_extra_fr."'
> where act_id = '".$act_id."'";
very minor point - but why not save your eyes a little:
$sqledit = "UPDATE activities
SET act_extra='{$act_extra}',
act_extra_fr='{$act_extra_fr}'
WHERE act_id={$act_id}";
>
> to check:
> echo $sqledit;
>
> it should work now.
>
> hope this helped.
>
> -afan
>
>
>
>> This is the code is use to insert/update text into a database field:
>>
>> $sqledit="update activities set act_extra='$_POST[editextra]',
>> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
>>
>> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
>> double quotes.
>> So the query almost always gives me an error.
>>
>> I know I have to replace " with ", but I do not know how to replace
>> the
>> single quote so it is shown as a single quote on a webpage when I get it
>> from the database
>>
>> I have been looking into str_replace and preg_replace. But what I really
>> need is a solution that 'replaces' single quotes, double quotes en curly
>> quotes so I tackle all possible problems and the same text as it was
>> inputed
>> in the textarea is shown on the webpage.
>>
>> Thx in advance
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
--- End Message ---
--- Begin Message ---
Reinhart Viane wrote:
> This is the code is use to insert/update text into a database field:
>
> $sqledit="update activities set act_extra='$_POST[editextra]',
> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
this indicates 'bad' database design ... because adding a language involves
having to change the database schema. I personally think that there should be
no need to change the database schema and/or queries and/or code just because
the client wants an extra language.
it also indicates that you have a glaring SQL injection problem. what happens
when I craft a POST request that contains an 'editid' parameter with the
following in it:
'1 OR 1'
or
'1; DELETE * FROM activities'
google 'SQL injection', do some reading and get into the habit of sanitizing
your user input.
>
> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
> double quotes.
> So the query almost always gives me an error.
>
> I know I have to replace " with ", but I do not know how to replace the
WRONG - you only replace " with " when you OUTPUTTING the string as part of
a
webpage. the database should contain the actual
> single quote so it is shown as a single quote on a webpage when I get it
> from the database
mysql_real_escape_string()
search this archive; there is plenty of discussion about escaping data so that
it
can be inserted into a database (mostly concerning MySQL).
>
> I have been looking into str_replace and preg_replace. But what I really
> need is a solution that 'replaces' single quotes, double quotes en curly
> quotes so I tackle all possible problems and the same text as it was inputed
> in the textarea is shown on the webpage.
>
> Thx in advance
>
--- End Message ---
--- Begin Message ---
Assumning $act_id is integer:
$act_extra = mysql_real_escape_string($_POST[editextra]);
$act_extra_fr = mysql_real_escape_string($_POST[editextrafr])
$act_id = $_POST[editid];
$sql = sprint("UPDATE activities SET act_extra='%s', act_extra_fr='%s' WHERE
act_id=%d", $act_extra, $act_extra_fr, $act_id);
Notice the %d for the id part if $act_id should be integer.
/Peter
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 29, 2006 8:28 PM
To: [EMAIL PROTECTED]
Cc: [email protected]
Subject: Re: [PHP] replace single and double quotes
since I had something similar as a problem, let m etry to anser ang see
did I get it correct :)
first, and most important: never store in DB row submitted string
$act_extra = mysql_real_escape_string($_POST[editextra]);
$act_extra_fr = mysql_real_escape_string($_POST[editextrafr])
$act_id = mysql_real_escape_string($_POST[editid]);
then:
$sqledit = "
update activities
set act_extra='".$act_extra."',
act_extra_fr = '".$act_extra_fr."'
where act_id = '".$act_id."'";
to check:
echo $sqledit;
it should work now.
hope this helped.
-afan
> This is the code is use to insert/update text into a database field:
>
> $sqledit="update activities set act_extra='$_POST[editextra]',
> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
>
> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
> double quotes.
> So the query almost always gives me an error.
>
> I know I have to replace " with ", but I do not know how to replace
> the
> single quote so it is shown as a single quote on a webpage when I get it
> from the database
>
> I have been looking into str_replace and preg_replace. But what I really
> need is a solution that 'replaces' single quotes, double quotes en curly
> quotes so I tackle all possible problems and the same text as it was
> inputed
> in the textarea is shown on the webpage.
>
> Thx in advance
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
About the language remark:
I believe you try to say I need to find a way that the client can add 25
languages without me having to change the database layout or the coding?
Well I can assure you this will not be the fact. The client only needs these
two languages but maybe I should look into it anyway
About SQl injection:
I must say this is very interesting.
I always wondered what are does and donts when inserting data from a form
into a database and how to check someone did not enter any php code.
Besides the google lookup is there maybe an site or paper dedicated to this?
Thx again, didn't think this question was about to bring up what I was
looking for in the back of my head
-----Oorspronkelijk bericht-----
Van: Jochem Maas [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 29 augustus 2006 15:37
Aan: [EMAIL PROTECTED]
CC: [email protected]
Onderwerp: Re: [PHP] replace single and double quotes
Reinhart Viane wrote:
> This is the code is use to insert/update text into a database field:
>
> $sqledit="update activities set act_extra='$_POST[editextra]',
> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
this indicates 'bad' database design ... because adding a language involves
having to change the database schema. I personally think that there should
be
no need to change the database schema and/or queries and/or code just
because
the client wants an extra language.
it also indicates that you have a glaring SQL injection problem. what
happens
when I craft a POST request that contains an 'editid' parameter with the
following in it:
'1 OR 1'
or
'1; DELETE * FROM activities'
google 'SQL injection', do some reading and get into the habit of sanitizing
your user input.
>
> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
> double quotes.
> So the query almost always gives me an error.
>
> I know I have to replace " with ", but I do not know how to replace
the
WRONG - you only replace " with " when you OUTPUTTING the string as part
of a
webpage. the database should contain the actual
> single quote so it is shown as a single quote on a webpage when I get it
> from the database
mysql_real_escape_string()
search this archive; there is plenty of discussion about escaping data so
that it
can be inserted into a database (mostly concerning MySQL).
--- End Message ---
--- Begin Message ---
Ok 'ill give this a shot together with the guidelines from jochen.
Thx afan.
-----Oorspronkelijk bericht-----
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Verzonden: dinsdag 29 augustus 2006 15:28
Aan: [EMAIL PROTECTED]
CC: [email protected]
Onderwerp: Re: [PHP] replace single and double quotes
since I had something similar as a problem, let m etry to anser ang see
did I get it correct :)
first, and most important: never store in DB row submitted string
$act_extra = mysql_real_escape_string($_POST[editextra]);
$act_extra_fr = mysql_real_escape_string($_POST[editextrafr])
$act_id = mysql_real_escape_string($_POST[editid]);
then:
$sqledit = "
update activities
set act_extra='".$act_extra."',
act_extra_fr = '".$act_extra_fr."'
where act_id = '".$act_id."'";
to check:
echo $sqledit;
it should work now.
hope this helped.
-afan
> This is the code is use to insert/update text into a database field:
>
> $sqledit="update activities set act_extra='$_POST[editextra]',
> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
>
> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
> double quotes.
> So the query almost always gives me an error.
>
> I know I have to replace " with ", but I do not know how to replace
> the
> single quote so it is shown as a single quote on a webpage when I get it
> from the database
>
> I have been looking into str_replace and preg_replace. But what I really
> need is a solution that 'replaces' single quotes, double quotes en curly
> quotes so I tackle all possible problems and the same text as it was
> inputed
> in the textarea is shown on the webpage.
>
> Thx in advance
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
Reinhart Viane wrote:
> About the language remark:
> I believe you try to say I need to find a way that the client can add 25
> languages without me having to change the database layout or the coding?
> Well I can assure you this will not be the fact. The client only needs these
> two languages but maybe I should look into it anyway
it's more a of a theoretical thing. but if the client wants french and flemish
(or dutch) now there is a distinct chance that they will want to add dutch,
english and/or german in the forseeable future... going by my experience of
building multilingual sites for [west] european companies (I have one
client that actually wanted flemish as well as dutch so that they could tailor
texts
in the flemish pages specifically to [search] terms regularly used in belgium).
your db design may very well be sufficient for this particular case.
>
> About SQl injection:
> I must say this is very interesting.
> I always wondered what are does and donts when inserting data from a form
> into a database and how to check someone did not enter any php code.
> Besides the google lookup is there maybe an site or paper dedicated to this?
phpsec.org - recommended to read it back to front!
>
> Thx again, didn't think this question was about to bring up what I was
> looking for in the back of my head
>
>
> -----Oorspronkelijk bericht-----
> Van: Jochem Maas [mailto:[EMAIL PROTECTED]
> Verzonden: dinsdag 29 augustus 2006 15:37
> Aan: [EMAIL PROTECTED]
> CC: [email protected]
> Onderwerp: Re: [PHP] replace single and double quotes
>
> Reinhart Viane wrote:
>> This is the code is use to insert/update text into a database field:
>>
>> $sqledit="update activities set act_extra='$_POST[editextra]',
>> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
>
> this indicates 'bad' database design ... because adding a language involves
> having to change the database schema. I personally think that there should
> be
> no need to change the database schema and/or queries and/or code just
> because
> the client wants an extra language.
>
> it also indicates that you have a glaring SQL injection problem. what
> happens
> when I craft a POST request that contains an 'editid' parameter with the
> following in it:
>
> '1 OR 1'
>
> or
>
> '1; DELETE * FROM activities'
>
> google 'SQL injection', do some reading and get into the habit of sanitizing
> your user input.
>
>> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
>> double quotes.
>> So the query almost always gives me an error.
>>
>> I know I have to replace " with ", but I do not know how to replace
> the
>
> WRONG - you only replace " with " when you OUTPUTTING the string as part
> of a
> webpage. the database should contain the actual
>
>> single quote so it is shown as a single quote on a webpage when I get it
>> from the database
>
> mysql_real_escape_string()
>
> search this archive; there is plenty of discussion about escaping data so
> that it
> can be inserted into a database (mostly concerning MySQL).
>
>
--- End Message ---
--- Begin Message ---
It might be bad database design yes, however, it all depends on what he is
trying to do. I do it your way Jochem (normalizing the database), but in
some cases the budget to do that might not be big enough. If the client
gives you a task and an budget, normalizing the database might be a "waste"
of time.
I do recommend he should do some reading about SQL injection, phpsec.org is
probably good enough. But to get him going he could just learn that he
should always mysql_real_escape_string on strings, and if he expect integers
to come, use the sprintf and %d.
You can read my blog
http://www.lauri.se/article/4/security-hole-in-golfdatase about a big and
important golf organization in Sweden and how they screwed up about their
security.
Hrm, I might be wrong here :)
/Peter
-----Original Message-----
From: Jochem Maas [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 29, 2006 8:37 PM
To: [EMAIL PROTECTED]
Cc: [email protected]
Subject: Re: [PHP] replace single and double quotes
Reinhart Viane wrote:
> This is the code is use to insert/update text into a database field:
>
> $sqledit="update activities set act_extra='$_POST[editextra]',
> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
this indicates 'bad' database design ... because adding a language involves
having to change the database schema. I personally think that there should
be
no need to change the database schema and/or queries and/or code just
because
the client wants an extra language.
it also indicates that you have a glaring SQL injection problem. what
happens
when I craft a POST request that contains an 'editid' parameter with the
following in it:
'1 OR 1'
or
'1; DELETE * FROM activities'
google 'SQL injection', do some reading and get into the habit of sanitizing
your user input.
>
> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
> double quotes.
> So the query almost always gives me an error.
>
> I know I have to replace " with ", but I do not know how to replace
the
WRONG - you only replace " with " when you OUTPUTTING the string as part
of a
webpage. the database should contain the actual
> single quote so it is shown as a single quote on a webpage when I get it
> from the database
mysql_real_escape_string()
search this archive; there is plenty of discussion about escaping data so
that it
can be inserted into a database (mostly concerning MySQL).
>
> I have been looking into str_replace and preg_replace. But what I really
> need is a solution that 'replaces' single quotes, double quotes en curly
> quotes so I tackle all possible problems and the same text as it was
inputed
> in the textarea is shown on the webpage.
>
> Thx in advance
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--- End Message ---
--- Begin Message ---
I have an saved images I output with this...
<img src="includes/viewphoto.php?id=<?=$photo?>">
I want to use getimagesize() to get the height and width of the image and if
it is above a certain size then scale/ reduce it.
The problems are
(i) using getimage() without a url just my viewphoto.php script
(ii) comparing and reducing the file
Ross
--- End Message ---
--- Begin Message ---
Ross wrote:
> I have an saved images I output with this...
>
>
> <img src="includes/viewphoto.php?id=<?=$photo?>">
>
>
> I want to use getimagesize() to get the height and width of the image and if
> it is above a certain size then scale/ reduce it.
>
> The problems are
>
> (i) using getimage() without a url just my viewphoto.php script
why is this a problem? getimagesize() just needs a path to the image.
given that this is all new to you you might consider that storing the
image data directly in the DB is best left to crazy fools who really know
where their towels are at.
>
> (ii) comparing and reducing the file
RTFM or STFW - there are lots of examples related to image
resampling/thumbnailing/etc
and even more readymade scripts that do more or less what you want.
>
> Ross
>
--- End Message ---
--- Begin Message ---
Ross escreveu:
I have an saved images I output with this...
<img src="includes/viewphoto.php?id=<?=$photo?>">
I want to use getimagesize() to get the height and width of the image and if
it is above a certain size then scale/ reduce it.
The problems are
(i) using getimage() without a url just my viewphoto.php script
(ii) comparing and reducing the file
Ross
----
http://www.educar.pro.br/abc/gdlib/index.php?pageNum_rsNVER=22&totalRows_rsNVER=67
----
zerof
--- End Message ---
--- Begin Message ---
I have something like this:
<?php
$query = mysql_query("
SELECT col_1, col_2
FROM table
");
$result = mysql_fetch_array($query);
if ($result['col_1'] == 'value_1')
{
// do something
}
if ($result['col_2'] == 'value_2')
{
// do something
}
?>
when I tried to use swiitch()
<?php
switch (true)
{
case ($result['col_1'] == 'value_1'):
// do something
break;
case ($result['col_2'] == 'value_2'):
// do something
break;
}
?>
it will give me only the first true case. if $result['col_1'] == 'value_1'
is true 2nd case will never be executed?
Does it mean I CANNOT use switch() in this case?
-afan
--- End Message ---
--- Begin Message ---
On Tuesday 29 August 2006 13:31, [EMAIL PROTECTED] wrote:
> I have something like this:
>
> <?php
> $query = mysql_query("
> SELECT col_1, col_2
> FROM table
> ");
> $result = mysql_fetch_array($query);
> if ($result['col_1'] == 'value_1')
> {
> // do something
> }
>
> if ($result['col_2'] == 'value_2')
> {
> // do something
> }
> ?>
>
> when I tried to use swiitch()
> <?php
> switch (true)
> {
> case ($result['col_1'] == 'value_1'):
> // do something
> break;
>
> case ($result['col_2'] == 'value_2'):
> // do something
> break;
> }
> ?>
>
> it will give me only the first true case. if $result['col_1'] == 'value_1'
> is true 2nd case will never be executed?
> Does it mean I CANNOT use switch() in this case?
>
> -afan
Using a switch like this is more equivalent of
if(something){
// true
} else {
// false
}
You're doing :
if(something1){
// true 1
}
if(something2){
// true2
}
hope that helps.
--
Ray Hauge
Programmer/Systems Administrator
American Student Loan Services
www.americanstudentloan.com
1.800.575.1099
--- End Message ---
--- Begin Message ---
On Tuesday 29 August 2006 13:44, Ray Hauge wrote:
> Using a switch like this is more equivalent of
>
> if(something){
> // true
> } else {
> // false
> }
Actually, it's more like an if/elseif/else (if you use default:) or if/elseif
(without default:)
--
Ray Hauge
Programmer/Systems Administrator
American Student Loan Services
www.americanstudentloan.com
1.800.575.1099
--- End Message ---
--- Begin Message ---
Means, my first solution was the only solution.
Thanks.
-afan
> Using a switch like this is more equivalent of
>
> if(something){
> // true
> } else {
> // false
> }
>
> You're doing :
>
> if(something1){
> // true 1
> }
>
> if(something2){
> // true2
> }
>
> hope that helps.
>
> --
> Ray Hauge
> Programmer/Systems Administrator
> American Student Loan Services
> www.americanstudentloan.com
> 1.800.575.1099
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--- End Message ---
