I figured i would post my solution to the problem that i found somewhere. It had nothing to do with anything i was doing. Its a bug in some versions of PHP.
here is the function i had to use to fix this function fix_php_upload_bug($tmp){ $infile=fopen($tmp,"r"); // Open the file for the copy $outfile=fopen("$tmp.new","w"); // create a new temp file $header=fgets($infile,255); //get the 1st line (netscape sometimes doesn't add a Content-type line) //if its more than just a \r\n sequence then if (strlen($header)>2) $header=fgets($infile,255); //get next line also while(!feof($infile)) { // Loop through the remaining file $temp=fread($infile,128); fwrite($outfile,$temp,strlen($temp)); //copying contents to new temp file } fclose($outfile); fclose($infile); copy("$tmp.new","$tmp"); //replace the original with our new bug fixed file unlink("$tmp.new"); //and delete the new file return $tmp; } Ryan "Andrey Hristov" <[EMAIL PROTECTED]> wrote in message 0b4501c177eb$8b02c900$0b01a8c0@ANDreY">news:0b4501c177eb$8b02c900$0b01a8c0@ANDreY... > As I showed by this : > <FORM ACTION="http://your.domain.com/your.script.php" Method="Post" ENCTYPE="multipart/form-data" > > <Input Type="text" Name="ImageFile_name" value="../../../../etc/passwd"> > <Input Type="Submit" Name="Submit"> > </FORM> > I can write this in a simple html, press the submit button and instead of file you will receive $ImageFile_name as a text variable. > I can write in it everything but you rely on that PHP made it. No PHP didn't. Also in such form $ImageFile_tmpname can be supplied > and if someone does this : > <?php > echo (implode('',file($ImageFile_tmpname))); > ?> > The /etc/passwd file can be shown easily. > My suggestion : rely on $HTTP_POST_FILES . Yes it is long to type but it's secured. Also as I said. Since the new PHP 4.1.0 there > will > be $_FILES array, equivalent of $HTTP_POST_FILES(which will exists also). > > The GD extension is used for dynamic construction of jpg,png,gif(up to some 1.x version). The constructed image can be saved to file > or sent to the > browser. GetImageSize() is one of the many functions provided by GD. http://www.php.net/manual/en/ref.image.php > > > Best regards, > Andrey Hristov > > ----- Original Message ----- > From: "Ryan Stephens (Hotmail)" <[EMAIL PROTECTED]> > To: "Andrey Hristov" <[EMAIL PROTECTED]> > Sent: Wednesday, November 28, 2001 10:51 AM > Subject: Re: [PHP] Image Uploads beeing corupted > > > > this means nothing to me... sorry, i've only been working with PHP for a > > couple weeks..... and a few month of web learning..... the site im working > > on is hosted by some other guy, so i dont have access to it if i had to > > change anything there. > > > > Why is $ImageFile a possible security hole? > > What is GD extension? > > > > I dont need to find the type... i just used that as a test to see if that > > might have anything to do with my corrupted file problem. And i found that > > all the information beeing entered into the database re: its name and size > > is fine... but it wont return a type... Im thinking if it cant return a type > > (but still uploads the file) there must be a connection to it beeing > > corrupt. > > > > Ryan > > > > > > ----- Original Message ----- > > From: "Andrey Hristov" <[EMAIL PROTECTED]> > > To: "Ryan Stephens" <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Wednesday, November 28, 2001 12:46 AM > > Subject: Re: [PHP] Image Uploads beeing corupted > > > > > > > If you have GD extension build in your PHP use it to find the type(if you > > are limited ot jpeg/gif/png files). > > > I want to say again that the using of $ImageFile* is a possible security > > hole. > > > > > > Regards, > > > Andrey Hristov > > > ----- Original Message ----- > > > From: "Ryan Stephens" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Wednesday, November 28, 2001 10:39 AM > > > Subject: Re: [PHP] Image Uploads beeing corupted > > > > > > > > > > the funny thing is this.... > > > > > > > > the information is beeing inserted into the database... the file is > > beeing > > > > uploaded (as i can see it in the directory). I can get results from > > > > $ImageFile > > > > $ImageFile_name > > > > $ImageFile_size > > > > > > > > but i cant get a result for $ImageFile_type.... this comes up blank.... > > > > there is obviously some connection, but just not sure what. > > > > > > > > Ryan > > > > > > > > > > > > "Andrey Hristov" <[EMAIL PROTECTED]> wrote in message > > > > 0b0c01c177e5$f0e15580$0b01a8c0@ANDreY">news:0b0c01c177e5$f0e15580$0b01a8c0@ANDreY... > > > > > The problem is in that you do global only for $ImageFile, but not for > > > > $ImageFile_name. > > > > > Big flaw is that if someone make a form > > > > > <FORM ACTION="<?php $SCRIPT_NAME ?>" Method="Post" > > > > > ENCTYPE="multipart/form-data" > > > > > > <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000000"> > > > > > > > > > > <Input Type="text" Name="ImageFile__name" > > value="../../../../etc/passwd"> > > > > > <Input Type="Submit" Name="Submit"> > > > > > </FORM> > > > > > > > > > > may be can make a big shot. Depends on under which user Apache is > > running. > > > > > The best technique is to use $HTTP_POST_FILES. Since PHP4.1.0 there > > will > > > > be new name > > > > > for it => $_FILES .This array will be global, so there is no need to > > write > > > > > global $_FILES . The same is done for $_GET, $_POST, $_COOKIE. > > $_REQUEST > > > > is > > > > > merged array of $_GET,$_POST,$_COOKIE in the order of gpc(from > > php.ini). > > > > > > > > > > Regards, > > > > > Andrey Hristov > > > > > IcyGEN Corporation > > > > > http://www.icygen.com > > > > > BALANCED SOLUTIONS > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > From: "Ryan Stephens" <[EMAIL PROTECTED]> > > > > > To: <[EMAIL PROTECTED]> > > > > > Sent: Wednesday, November 28, 2001 10:12 AM > > > > > Subject: [PHP] Image Uploads beeing corupted > > > > > > > > > > > > > > > > Hey guys, > > > > > > > > > > > > I got my uploads to work thanks to some peoples help here in > > this > > > > > > newsgroup.... but now im having a problem with the files beeing > > > > corrupted > > > > > > upon upload..... not sure why.... any help would be greatly > > apreciated. > > > > > > > > > > > > I have included my code again if it helps any. > > > > > > > > > > > > <----------------------------------------> > > > > > > function UploadImage(){ > > > > > > global $HTTP_POST_FILES; > > > > > > global $ImageFile; > > > > > > reset($HTTP_POST_FILES); > > > > > > $pic_file = $HTTP_POST_FILES['ImageFile']; > > > > > > copy ($pic_file['tmp_name'], "../images/$ImageFile_name"); > > > > > > } > > > > > > > > > > > > <FORM ACTION="<?php $SCRIPT_NAME ?>" Method="Post" > > > > > > ENCTYPE="multipart/form-data" > > > > > > > <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000000"> > > > > > > > > > > > > <Input Type="File" Name="ImageFile"> > > > > > > <Input Type="Submit" Name="Submit"> > > > > > > </FORM> > > > > > > <----------------------------------------> > > > > > > > > > > > > I've found that just doing this seems to do the same > > > > > > > > > > > > function UploadImage(){ > > > > > > global $ImageFile; > > > > > > copy ($ImageFile, "../images/$ImageFile_name"); > > > > > > } > > > > > > > > > > > > > > > > > > Thanks > > > > > > Ryan Stephens > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > PHP General Mailing List (http://www.php.net/) > > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > To contact the list administrators, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > PHP General Mailing List (http://www.php.net/) > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]