API tools faq
paste
Guest User

Untitled

a guest
Jan 22nd, 2018
87
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.25 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $db_host = 'localhost'; // don't forget to change
  3. $db_user = 'root';
  4. $db_pwd = '';
  5.  
  6. $database = 'gallery';
  7. $table = 'ae_gallery';
  8. // use the same name as SQL table
  9.  
  10. $password = '123';
  11. // simple upload restriction,
  12. // to disallow uploading to everyone
  13.  
  14.  
  15. if (!mysql_connect($db_host, $db_user, $db_pwd))
  16. die("Can't connect to database");
  17.  
  18. if (!mysql_select_db($database))
  19. die("Can't select database");
  20.  
  21. // This function makes usage of
  22. // $_GET, $_POST, etc... variables
  23. // completly safe in SQL queries
  24. function sql_safe($s)
  25. {
  26. if (get_magic_quotes_gpc())
  27. $s = stripslashes($s);
  28.  
  29. return mysql_real_escape_string($s);
  30. }
  31.  
  32. // If user pressed submit in one of the forms
  33. if ($_SERVER['REQUEST_METHOD'] == 'POST')
  34. {
  35. // cleaning title field
  36. $title = trim(sql_safe($_POST['title']));
  37.  
  38. if ($title == '') // if title is not set
  39. $title = '(empty title)';// use (empty title) string
  40.  
  41. if ($_POST['password'] != $password) // cheking passwors
  42. $msg = 'Error: wrong upload password';
  43. else
  44. {
  45. if (isset($_FILES['photo']))
  46. {
  47. @list(, , $imtype, ) = getimagesize($_FILES['photo']['tmp_name']);
  48. // Get image type.
  49. // We use @ to omit errors
  50.  
  51. if ($imtype == 3) // cheking image type
  52. $ext="png"; // to use it later in HTTP headers
  53. elseif ($imtype == 2)
  54. $ext="jpeg";
  55. elseif ($imtype == 1)
  56. $ext="gif";
  57. else
  58. $msg = 'Error: unknown file format';
  59.  
  60. if (!isset($msg)) // If there was no error
  61. {
  62. $data = file_get_contents($_FILES['photo']['tmp_name']);
  63. $data = mysql_real_escape_string($data);
  64. // Preparing data to be used in MySQL query
  65.  
  66. mysql_query("INSERT INTO {$table}
  67. SET ext='$ext', title='$title',
  68. data='$data'");
  69.  
  70. $msg = 'Success: image uploaded';
  71. }
  72. }
  73. elseif (isset($_GET['title'])) // isset(..title) needed
  74. $msg = 'Error: file not loaded';// to make sure we've using
  75. // upload form, not form
  76. // for deletion
  77.  
  78.  
  79. if (isset($_POST['del'])) // If used selected some photo to delete
  80. { // in 'uploaded images form';
  81. $id = intval($_POST['del']);
  82. mysql_query("DELETE FROM {$table} WHERE id=$id");
  83. $msg = 'Photo deleted';
  84. }
  85. }
  86. }
  87. elseif (isset($_GET['show']))
  88. {
  89. $id = intval($_GET['show']);
  90.  
  91. $result = mysql_query("SELECT ext, UNIX_TIMESTAMP(image_time), data
  92. FROM {$table}
  93. WHERE id=$id LIMIT 1");
  94.  
  95. if (mysql_num_rows($result) == 0)
  96. die('no image');
  97.  
  98. list($ext, $image_time, $data) = mysql_fetch_row($result);
  99.  
  100. $send_304 = false;
  101. if (php_sapi_name() == 'apache') {
  102. // if our web server is apache
  103. // we get check HTTP
  104. // If-Modified-Since header
  105. // and do not send image
  106. // if there is a cached version
  107.  
  108. $ar = apache_request_headers();
  109. if (isset($ar['If-Modified-Since']) && // If-Modified-Since should exists
  110. ($ar['If-Modified-Since'] != '') && // not empty
  111. (strtotime($ar['If-Modified-Since']) >= $image_time)) // and grater than
  112. $send_304 = true; // image_time
  113. }
  114.  
  115.  
  116. if ($send_304)
  117. {
  118. // Sending 304 response to browser
  119. // "Browser, your cached version of image is OK
  120. // we're not sending anything new to you"
  121. header('Last-Modified: '.gmdate('D, d M Y H:i:s', $ts).' GMT', true, 304);
  122.  
  123. exit(); // bye-bye
  124. }
  125.  
  126. // outputing Last-Modified header
  127. header('Last-Modified: '.gmdate('D, d M Y H:i:s', $image_time).' GMT',
  128. true, 200);
  129.  
  130. // Set expiration time +1 year
  131. // We do not have any photo re-uploading
  132. // so, browser may cache this photo for quite a long time
  133. header('Expires: '.gmdate('D, d M Y H:i:s', $image_time + 86400*365).' GMT',
  134. true, 200);
  135.  
  136. // outputing HTTP headers
  137. header('Content-Length: '.strlen($data));
  138. header("Content-type: image/{$ext}");
  139.  
  140. // outputing image
  141. echo $data;
  142. exit();
  143. }
  144. ?>
  145. <html><head>
  146. <title>MySQL Blob Image Gallery Example</title>
  147. </head>
  148. <body>
  149. <?php
  150. if (isset($msg)) // this is special section for
  151. // outputing message
  152. {
  153. ?>
  154. <p style="font-weight: bold;"><?php=$msg?>
  155. <br>
  156. <a href="<?php $PHP_SELF?>">reload page</a>
  157. <!-- I've added reloading link, because
  158. refreshing POST queries is not good idea -->
  159. </p>
  160. <?php
  161. }
  162. ?>
  163. <h1>Blob image gallery</h1>
  164. <h2>Uploaded images:</h2>
  165. <form action="<?php $PHP_SELF?>" method="post">
  166. <!-- This form is used for image deletion -->
  167.  
  168. <?php
  169. $result = mysql_query("SELECT id, image_time, title FROM {$table} ORDER BY id DESC");
  170. if (mysql_num_rows($result) == 0) // table is empty
  171. echo '<ul><li>No images loaded</li></ul>';
  172. else
  173. {
  174. echo '<ul>';
  175.  
  176. $self = $_SERVER["PHP_SELF"];
  177.  
  178. while(list($id, $image_time, $title) = mysql_fetch_row($result))
  179. {
  180. // outputing list
  181. echo "<li><input type='radio' name='del' value='{$id}'>";
  182. echo "<a href='{$self}?show={$id}'>{$title}</a> &ndash; ";
  183. echo "<small>{$image_time}</small></li>";
  184. }
  185.  
  186. echo '</ul>';
  187.  
  188. echo '<label for="password">Password:</label><br>';
  189. echo '<input type="password" name="password" id="password"><br><br>';
  190.  
  191. echo '<input type="submit" value="Delete selected">';
  192. }
  193. ?>
  194.  
  195. </form>
  196. <h2>Upload new image:</h2>
  197. <form action="<?php $PHP_SELF?>" method="POST" enctype="multipart/form-data">
  198. <label for="title">Title:</label><br>
  199. <input type="text" name="title" id="title" size="64"><br><br>
  200.  
  201. <label for="photo">Photo:</label><br>
  202. <input type="file" name="photo" id="photo"><br><br>
  203.  
  204. <label for="password">Password:</label><br>
  205. <input type="password" name="password" id="password"><br><br>
  206.  
  207. <input type="submit" value="upload">
  208. </form>
  209. </body>
  210. </html>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!