Posted by Schraalhans Keukenmeester on 05/09/07 16:14

At Wed, 09 May 2007 11:39:43 -0400, Milagro let his monkeys type:

> Hello Everyone,
>
> I'm trying to debug someone elses php code. I'm actually a Perl
> programmer, with OO experience, but not in php.
>
> The code is supposed to upload a photo from a form and save it both on
> the file system and in a mySql database. 90% of the time it works just
> fine. But for some reason, with some photos, it doesn't work. The
> image never shows up on the filesystem and there is no entry in the
> database. I feel it's a problem with the image because if I resave the
> image in photoshop with a lower resolution -- it uploads just fine. I
> don't completely understand why this resaving of the image works though
> because the orriginal size of the image is still well under the
> FileSize Max, which according to the code below is 3.5mb.
> I'm not including all of the code because there is a lot. I believe
> I've pasted the correct snips below though. If you need any more info,
> please let me know.
>
> My main quesitons are:
> 1. How/where in the code, is the image file being written to the disk?
> I don't see the 'imagejpeg' function I am familar with.
> 2. I want to put in some debugging print statments to figure out what's
> going on -- maybe have a log file being written to but I don't know how
> to go about that in OO php? Can someone give me an example to do this?
>
> Thanks for any help and guidance!
>
> M
>
> -- Snip -- This is the code in the page that accepts the photos from a
> form. There are actually 7 photo fields on that page. This is just one
> of them.
> $this->Image2 = new clsControl(ccsImage, "Image2", "Image2", ccsText,
> "", CCGetRequestParam("Image2", $Method));
> $this->photo2 = new clsFileUpload("photo2", "photo2", "temp/",
> "photos/", "*.jpg", "", 3500000);
>
> -- Snip -- This is the complete clsFileUpload Class
>
> //clsFileUpload Class @0-81C1F4F1
> class clsFileUpload
> {
> var $Name;
> var $Caption;
> var $Visible;
> var $Required;
>
> var $TemporaryFolder;
> var $FileFolder;
> var $AllowedMask; // @deprecated , use AllowedFileMasks property
> var $AllowedFileMasks;
> var $DisallowedFileMasks;
> var $FileSizeLimit;
> var $Value;
> var $Text;
> var $State;
>
> var $CCSEvents = "";
> var $CCSEventResult;
>
> function clsFileUpload($Name, $Caption, $TemporaryFolder,
> $FileFolder, $AllowedFileMasks, $DisallowedFileMasks, $FileSizeLimit)
> {
>
> $this->Errors = new clsErrors;
>
> $this->Name = $Name;
> $this->Visible = true;
> $this->Caption = $Caption;
> if(substr($TemporaryFolder, 0, 1) == "%") {
> $TemporaryFolder = substr($TemporaryFolder, 1);
> $TemporaryFolder = getenv($TemporaryFolder);
> }
> $this->TemporaryFolder = $TemporaryFolder;
> if(substr($FileFolder, 0, 1) == "%") {
> $FileFolder = substr($FileFolder, 1);
> $FileFolder = getenv($FileFolder);
> }
> $this->FileFolder = $FileFolder;
> $this->AllowedFileMasks = $AllowedFileMasks;
> $this->AllowedMask = & $this->AllowedFileMasks;
> $this->DisallowedFileMasks = $DisallowedFileMasks;
> $this->FileSizeLimit = $FileSizeLimit;
> $this->Value = "";
> $this->Text = "";
> $this->Required = false;
>
> $FileName = "";
> $FieldName = $this->Caption;
> if( !is_dir($TemporaryFolder) ) {
> $this->Errors->addError("Unable to upload the file specified in "
> . $FieldName . " - temporary upload folder doesn't exist.");
> } else if( !is_writable($TemporaryFolder) ) {
> $this->Errors->addError("Insufficient filesystem permissions to
> upload the file specified in " . $FieldName . " into temporary
> folder.");
> } else if( !is_dir($FileFolder) ) {
> $this->Errors->addError("Unable to upload the file specified in "
> . $FieldName . " - upload folder doesn't exist.");
> } else if( !is_writable($FileFolder) ) {
> $this->Errors->addError("Insufficient filesystem permissions to
> upload the file specified in " . $FieldName . ".");
> }
>
> }
>
> function Validate()
> {
> $validation = true;
> if($this->Required && $this->Value === "" && $this->Errors->Count() == 0)
> {
> $FieldName = $this->Caption;
> $this->Errors->addError("The file attachment in field " .
> $FieldName . " is required.");
> }
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "OnValidate");
> return ($this->Errors->Count() == 0);
> }
>
>
> function Upload($RowNumber = "")
> {
> global $HTTP_POST_FILES;
> $FieldName = $this->Caption;
> if(strlen($RowNumber)) {
> $ControlName = $this->Name . "_" . $RowNumber;
> $FileControl = $this->Name . "_File_" . $RowNumber;
> $DeleteControl = $this->Name . "_Delete_" . $RowNumber;
> } else {
> $ControlName = $this->Name;
> $FileControl = $this->Name . "_File";
> $DeleteControl = $this->Name . "_Delete";
> }
>
> $SessionName = CCGetParam($ControlName);
> $this->State = CCGetSession($SessionName);
>
> if (strlen(CCGetParam($DeleteControl))) {
> // delete file from folder
> $ActualFileName = $this->State[0];
> if( file_exists($this->FileFolder . $ActualFileName) ) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "BeforeDeleteFile");
> unlink($this->FileFolder . $ActualFileName);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "AfterDeleteFile");
> } else if ( file_exists($this->TemporaryFolder . $ActualFileName) ) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "BeforeDeleteFile");
> unlink($this->TemporaryFolder . $ActualFileName);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "AfterDeleteFile");
> }
> $this->Value = ""; $this->Text = "";
> $this->State[0] = "";
> } else if (isset ($HTTP_POST_FILES[$FileControl])
> && $HTTP_POST_FILES[$FileControl]["tmp_name"] != "none"
> && strlen ($HTTP_POST_FILES[$FileControl]["tmp_name"])) {
> $this->Value = ""; $this->Text = "";
> $FileName = $HTTP_POST_FILES[$FileControl]["name"];
> $GoodFileMask = 1;
> $meta_characters = array("*" => ".+", "?" => ".", "\\" => "\\\\",
> "^" => "\\^", "\$" => "\\\$", "." => "\\.", "[" => "\\[", "]" => "\\]",
> "|" => "\\|", "(" => "\\(", ")" => "\\)", "{" => "\\{", "}" => "\\}",
> "+" => "\\+", "-" => "\\-");
> if ($this->AllowedFileMasks != "") {
> $GoodFileMask = 0;
> $FileMasks=split(';', $this->AllowedFileMasks);
> foreach ($FileMasks as $FileMask) {
> $FileMask =
> preg_replace("/(\\*|\\?|\\\\|\\^|\\\$|\\.|\\[|\\]|\\||\\(|\\)|\\{|\\}|\\+|\\-)/ei",
> "\$meta_characters['\\1']", $FileMask);
> if (preg_match("/^$FileMask$/i", $FileName)) {
> $GoodFileMask = 1;
> break;
> }
> }
> }
> if ($GoodFileMask && $this->DisallowedFileMasks != "") {
> $FileMasks=split(';', $this->DisallowedFileMasks);
> foreach ($FileMasks as $FileMask) {
> $FileMask =
> preg_replace("/(\\*|\\?|\\\\|\\^|\\\$|\\.|\\[|\\]|\\||\\(|\\)|\\{|\\}|\\+|\\-)/ei",
> "\$meta_characters['\\1']", $FileMask);
> if (preg_match("/^$FileMask$/i", $FileName)) {
> $GoodFileMask = 0;
> break;
> }
> }
> }
>
>
> if($HTTP_POST_FILES[$FileControl]["size"] > $this->FileSizeLimit) {
> $this->Errors->addError("The file size in field " . $FieldName
> . " is too large.");
> } else if (!$GoodFileMask) {
> $this->Errors->addError("The file type specified in field " .
> $FieldName . " is not allowed.");
> } else {
> // move uploaded file to temporary folder
> $file_exists = true;
> $index = 0;
> while($file_exists) {
> $ActualFileName = date("YmdHis") . $index . "." . $FileName;
> $file_exists = file_exists($ActualFileName);
> $index++;
> }
> if( copy($HTTP_POST_FILES[$FileControl]["tmp_name"],
> $this->TemporaryFolder . $ActualFileName) ) {
> $this->Value = $ActualFileName;
> $this->Text = $ActualFileName;
> if(strlen($this->State[0])) {
> if(file_exists($this->TemporaryFolder . $this->State[0])) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "BeforeDeleteFile");
> unlink($this->TemporaryFolder . $this->State[0]);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "AfterDeleteFile");
> $this->State[0] = $ActualFileName;
> } else {
> if(!is_dir($this->TemporaryFolder . $this->State[1]) &&
> file_exists($this->TemporaryFolder . $this->State[1])) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "BeforeDeleteFile");
> unlink($this->TemporaryFolder . $this->State[1]);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "AfterDeleteFile");
> }
> $this->State[1] = $ActualFileName;
> }
> } else {
> $this->State[0] = $ActualFileName;
> }
> } else {
> $this->Errors->addError("Insufficient filesystem permissions
> to upload the file specified in " . $FieldName . " into temporary
> folder.");
> }
> }
> } else {
> $this->SetValue(strlen($this->State[1]) ? $this->State[1] :
> $this->State[0]);
> }
> }
>
> function Move()
> {
> if (strlen($this->Value) && !file_exists($this->FileFolder .
> $this->Value)) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "BeforeProcessFile");
> $FileName = $this->GetFileName();
> $FieldName = $this->Caption;
> if (!file_exists($this->TemporaryFolder . $this->Value)) {
> $this->Errors->addError("The file " . $FileName . " specified
> in " . $FieldName . " was not found.");
> } else if (!@copy($this->TemporaryFolder . $this->Value,
> $this->FileFolder . $this->Value)) {
> $this->Errors->addError("Insufficient filesystem permissions to
> upload the file specified in " . $FieldName . ".");
> } else if (strlen($this->State[1])) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "BeforeDeleteFile");
> unlink($this->FileFolder . $this->State[0]);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents,
> "AfterDeleteFile");
> }
> if($this->Errors->Count() == 0 &&
> file_exists($this->TemporaryFolder . $this->Value)) {
> unlink($this->TemporaryFolder . $this->Value);
> }
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterProcessFile");
> }
> }
>
> function Delete()
> {
> if( !is_dir($this->FileFolder . $this->State[0]) &&
> file_exists($this->FileFolder . $this->State[0]) ) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeDeleteFile");
> unlink($this->FileFolder . $this->State[0]);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterDeleteFile");
> } else if ( !is_dir($this->TemporaryFolder . $this->State[0]) &&
> file_exists($this->TemporaryFolder . $this->State[0]) ) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeDeleteFile");
> unlink($this->TemporaryFolder . $this->State[0]);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterDeleteFile");
> }
> if( !is_dir($this->FileFolder . $this->State[1]) &&
> file_exists($this->FileFolder . $this->State[1]) ) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeDeleteFile");
> unlink($this->FileFolder . $this->State[1]);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterDeleteFile");
> } else if ( !is_dir($this->TemporaryFolder . $this->State[1]) &&
> file_exists($this->TemporaryFolder . $this->State[1]) ) {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeDeleteFile");
> unlink($this->TemporaryFolder . $this->State[1]);
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterDeleteFile");
> }
> }
>
> function Show($RowNumber = "")
> {
> global $Tpl;
> if($this->Visible)
> {
> $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeShow");
>
> if(!$this->Visible) {
> $Tpl->setblockvar("FileUpload " . $this->Name, "");
> return;
> }
>
> if(strlen($RowNumber)) {
> $ControlName = $this->Name . "_" . $RowNumber;
> $FileControl = $this->Name . "_File_" . $RowNumber;
> $DeleteControl = $this->Name . "_Delete_" . $RowNumber;
> } else {
> $ControlName = $this->Name;
> $FileControl = $this->Name . "_File";
> $DeleteControl = $this->Name . "_Delete";
> }
>
> $SessionName = CCGetParam($ControlName);
> if(!strlen($SessionName)) {
> srand ((double) microtime() * 1000000);
> $random_value = rand();
> $SessionName = "FileUpload" . $random_value . date("dHis");
> $this->State = array($this->Value, "");
> }
>
> CCSetSession($SessionName, $this->State);
>
> $Tpl->SetVar("State", $SessionName);
> $Tpl->SetVar("ControlName", $ControlName);
> $Tpl->SetVar("FileControl", $FileControl);
> $Tpl->SetVar("DeleteControl", $DeleteControl);
> if (strlen($this->Value) ) {
> $Tpl->SetVar("ActualFileName", $this->Value);
> $Tpl->SetVar("FileName", $this->GetFileName());
> $Tpl->SetVar("FileSize", $this->GetFileSize());
> $Tpl->parse("FileUpload " . $this->Name . "/Info", false);
> if($this->Required) {
> $Tpl->parse("FileUpload " . $this->Name . "/Upload", false);
> $Tpl->setblockvar("FileUpload " . $this->Name .
> "/DeleteControl", "");
> } else {
> $Tpl->setblockvar("FileUpload " . $this->Name . "/Upload", "");
> $Tpl->parse("FileUpload " . $this->Name . "/DeleteControl", false);
> }
> } else {
> $Tpl->parse("FileUpload " . $this->Name . "/Upload", false);
> $Tpl->setblockvar("FileUpload " . $this->Name . "/Info", "");
> $Tpl->setblockvar("FileUpload " . $this->Name . "/DeleteControl", "");
> }
>
> $Tpl->Parse("FileUpload " . $this->Name, false);
> }
> else
> {
> $Tpl->setblockvar("FileUpload " . $this->Name, "");
> }
> }
>
> function SetValue($Value) {
> $this->Text = $Value;
> $this->Value = $Value;
> $this->State[0] = $Value;
> if(strlen($Value)
> && !file_exists($this->TemporaryFolder . $Value)
> && !file_exists($this->FileFolder . $Value)) {
> $FileName = $this->GetFileName();
> $FieldName = $this->Caption;
> $this->Errors->addError("The file " . $FileName . " specified
> in " . $FieldName . " was not found.");
> }
> }
>
> function SetText($Text) {
> $this->SetValue($Text);
> }
>
> function GetValue() {
> return $this->Value;
> }
>
> function GetText() {
> return $this->Text;
> }
>
> function GetFileName() {
> return preg_match("/^\d{14,}\./", $this->Value) ?
> substr($this->Value, strpos($this->Value, ".") + 1) : $this->Value;
> }
>
> function GetFileSize() {
> $filesize = 0;
> if( file_exists($this->FileFolder . $this->Value) ) {
> $filesize = filesize($this->FileFolder . $this->Value);
> } else if ( file_exists($this->TemporaryFolder . $this->Value) ) {
> $filesize = filesize($this->TemporaryFolder . $this->Value);
> }
> return $filesize;
> }
>
> }
>
> //End clsFileUpload Class


But, what's important here, do you know what the accepted upload size is
in php.ini? (check using phpinfo(), variable upload_max_filesize). If
that's under the form's limit, this might explain why the uploads fail on
originals and succeed on the resized/recompressed versions.
I think the default might be 2megs.
The size specified in the form isn't a hard limit per se, the
upload_max_filesize in php.ini is.

HTH
Sh.

PS can't help but get the idea (haven't read all the posted code in
detail) the class you got is rather, errm, huge for what it's supposed to
do. And not that easy to decipher. Documenting's not the programmer's
first priority I suppose...

Good luck, let us know what you find!
Sh.

[Back to original message]