Solve my problem

kashifccc

I installed image hosting script on http://www.stanaca.com/imageupload . When i try to upload a file then these errors appears. Solve the problem.

Warning: move_uploaded_file(): URL file-access is disabled in the server configuration in /home/content/k/a/s/kashifccc/html/imageupload/incs/load_submits.php on line 84

Warning: move_uploaded_file(http://www.stanaca.com/imageupload/userfiles/9047f1115): failed to open stream: no suitable wrapper could be found in /home/content/k/a/s/kashifccc/html/imageupload/incs/load_submits.php on line 84

Warning: move_uploaded_file(): Unable to move '/tmp/phpxAKnI0' to 'http://www.stanaca.com/imageupload/userfiles/9047f1115' in /home/content/k/a/s/kashifccc/html/imageupload/incs/load_submits.php on line 84

Warning: imagecreatefromgif(): URL file-access is disabled in the server configuration in /home/content/k/a/s/kashifccc/html/imageupload/incs/load_functions.php on line 202

Warning: imagecreatefromgif(http://www.stanaca.com/imageupload/userfiles/9047f1115): failed to open stream: no suitable wrapper could be found in /home/content/k/a/s/kashifccc/html/imageupload/incs/load_functions.php on line 202

kashifccc

May the error is for wrong configuration in admin panel see the image.

kashifccc

This the files relative to this error.

load_submits.php

<?php
/*********************************************************
		This Free Script was downloaded at			
				Free-php-Scripts.net	
	This script is produced under the GPL license		
		You can do or modify this script as you like.			
Note 1: Administrator copyright notice CAN NOT be removed					
Note 2: User front Powered by Notices can be removed ONLY
if you change the site design/look so it won't reflect
				www.myimage.us looks
*********************************************************/


//Contact us form
if($_POST['submit_id'] == 1){
	if($_POST['name'] == NULL){ $message = 'Please enter your name.';}
	if($message == NULL && is_valid_email($_POST['email']) == false && $_POST['reason'] != 'Reporting File'){ $message = 'Please enter a valid email.';}
	if($_POST['message_text'] == NULL && $message == NULL){ $message = 'Please enter a comment.';}
	if($message == NULL){
		$te_co = hex2bin($_POST['hid_code']);
		$word_is = encode_password($te_co,$KEY_FILE);
		if($word_is != $_POST['confirm_image']){$message = 'Your verfication code is incorrect.';}
	}
	if($message == NULL){
		send_contact_email($_POST['name'],$_POST['email'],$_POST['message_text'],$_POST['reason'],
			$SITE_TITLE,$SITE_ADMIN,$USER_TEMPLATE_CONT,$ADMIN_TEMPLATE_CONT);
		$message = 'Your message was sent. Please allow us some time to answer you.';
		$page = $_POST['page'];
		$_POST = NULL;
		$_GET['page'] = $page;
	}
}

//Send contact Form Email
function send_contact_email($name,$email,$message,
	$reason,$SITE_TITLE,$SITE_ADMIN,$USER_TEMPLATE_CONT,$ADMIN_TEMPLATE_CONT){
	//Set Headers
	$headers = "Return-Path: $SITE_TITLE <$SITE_ADMIN>\r\n"; 
	$headers .= "From: $SITE_TITLE <$SITE_ADMIN>\r\n"; 
	$headers .= "Content-Type: text/html; charset=utf-8;\n\n\r\n"; 
	$subject = 'Thank you for your contact';

$array_find = array('$+name+$','$+email+$','$+message_text+$','$+reason+$','$+SITE_TITLE+$');
$array_replace = array($name,$email,$message,$reason,$SITE_TITLE);

$user_message = str_replace($array_find,$array_replace,$USER_TEMPLATE_CONT);
$admin_message = str_replace($array_find,$array_replace,$ADMIN_TEMPLATE_CONT);

if($email != NULL){
	mail ($email,$subject,$user_message,$headers);	
}
mail ($SITE_ADMIN,$subject,$admin_message,$headers);	
return true;
}

//File Upload
if($_POST['submit_id'] == 2){
	$invalid_email = false;
	if($_POST['rules'] != 'yes'){ $message = 'Please agree to our TOS before uploading.';}

$thumb_dir = $THUMB_DIR;
$image_dir = $UPLOAD_DIR;
$found = true;
while($found == true){
	$file_name_is = generate_session(5).date("G").date("s");
	if(!is_file($image_dir.$file_name_is)){
		$found = false;
	}
}


if($_POST['filetype'] == 'file'){
	if($message == NULL && $_FILES['user_file']['name'] == NULL){$message = 'Please enter a file name.';}
	if($message == NULL && $_FILES['user_file']['size'] > (($max_upload_do*1024)*1024)){
		$message = 'Image is too large, maximum filesize is '.$max_upload_do.' MB.';}
	if($message == NULL && $_FILES['user_file']['error'] != 0){$message = 'File error, please insure file is correct.';}	
	$ext = explode('.',$_FILES['user_file']['name']);
	$extension = strtolower($ext[count($ext)-1]);

	if($message == NULL && check_extensions($extension,$extensions_allowed) == false){$message = 'Invalid file extension.';}	
	if($message == NULL){
			$file_name_show =  strip_tags($_FILES['user_file']['name']);
			$uploadfile = $image_dir . $file_name_is;
			$check_upload = move_uploaded_file($_FILES['user_file']['tmp_name'], $uploadfile);
			if($ENABLE_THUMB == 1 && $extension != 'swf'){
				$check_thumb = make_thumb($file_name_is,$file_name_show,$THUMB_WIDTH,$THUMB_HEIGHT,$image_dir,$thumb_dir);
			}
	}
	$image_size = $_FILES['user_file']['size'];
} else {
	if(@fopen($_POST['image_link'],'r') == false){ $message = 'The image does not seem to exist. URL can not be found.';}
	$image_size = check_url_size($_POST['image_link']);
	if($message == NULL && $image_size > (($max_upload_do*1024)*1024)){ $message = 'Image is too large, maximum filesize is '.$max_upload_do.' MB.';}
	$ext = explode('.',$_POST['image_link']);
	$extension = strtolower($ext[count($ext)-1]);
	if($message == NULL && check_extensions($extension,$extensions_allowed) == false){$message = 'Invalid file extension.';}
	if($message == NULL){
		$temp = explode('/',$_POST['image_link']);	
		$file_name_show =  strip_tags($temp[count($temp)-1]);
		$uploadfile = $image_dir . $file_name_is;
		$check_upload = download_image($_POST['image_link'],$file_name_is,$image_dir);				
		$uploadfile = $image_dir . $file_name_is;
		if($ENABLE_THUMB == 1 && $extension != 'swf'){
			$check_thumb = make_thumb($file_name_is,$file_name_show,$THUMB_WIDTH,$THUMB_HEIGHT,$image_dir,$thumb_dir);	
		}
	}
}

if($message == NULL && !$check_upload){
	$message = 'There was an internal problem trying to store your image. Please try again later or contact customer support.';
}

if($message == NULL){
	if(is_valid_email($_POST['user_email']) == false && $_POST['user_email'] != NULL){
		$_POST['user_email'] = NULL;
		$invalid_email = true;
	}
	$file_made = date("Y-m-d G:i:s");
	$delete_link = generate_session(10);

	$insert = @mysql_query("INSERT INTO `image_list` 
		(`image_name`,`image_name_is`,`band_used`,`mk_date`,`user_email`,`image_hits`,`image_size`,`delete_link`,`user_id`)
		VALUES
		('$file_name_show','$file_name_is','0','$file_made','$_POST[user_email]','0','$image_size','$delete_link','$user_id')");

	if($MOD_REWRITE == 1){
		$thumbnail_link = $SITE_URL.'view_thumb/'.$file_name_is.'/'.$file_name_show;
		$image_link = $SITE_URL.'view_image/'.$file_name_is.'/'.$file_name_show;
		$delete_link = $SITE_URL.'DELIMAGE/'.$delete_link;
		$selfview_link = $SITE_URL.'EXPRESS/'.$file_name_is.'/'.$file_name_show;
	} else {
		$thumbnail_link = $SITE_URL.'view_thumb.php?id='.$file_name_is.'&name='.$file_name_show;
		$image_link = $SITE_URL.'index.php?page=view&id='.$file_name_is.'&name='.$file_name_show;
		$delete_link = $SITE_URL.'index.php?page=view&id='.$delete_link.'&action=delete';
		$selfview_link = $SITE_URL.'show_comp.php?id='.$file_name_is.'&name='.$file_name_show;
	}
	$html_link = '<a href="'.$image_link.'" target="_blank"><img src="'.$thumbnail_link.'" border="0"></a>';
	if(!$check_thumb && $ENABLE_THUMB == 1 && $extension != 'swf'){
		$message = 'Your image was uploaded, however we couldn\'t create a thumbnail for it.';
		$thumbnail_link = 'No Thumbnail';
	}		
	if($_POST['user_email'] != NULL){
		send_upload($_POST['user_email'],$image_link,$thumbnail_link,$delete_link,
			$SITE_TITLE,$SITE_ADMIN,$EMAIL_TEMPLATE_UPLOAD,$file_name_show);
	}	

	$is_complete = 'done';

}
}

//Send File Upload
function send_upload($email,$image_link,$thumbnail_link,$delete_link,
	$SITE_TITLE,$SITE_ADMIN,$EMAIL_TEMPLATE_UPLOAD,$file_name_show){
	//Set Headers
	$headers = "Return-Path: $SITE_TITLE <$SITE_ADMIN>\r\n"; 
	$headers .= "From: $SITE_TITLE <$SITE_ADMIN>\r\n"; 
	$headers .= "Content-Type: text/html; charset=utf-8;\n\n\r\n"; 
	$subject = 'Your uploaded file links';

$array_find = array('$+IMAGE_LINK+$','$+THUMB_LINK+$','$+remove_link+$','$+SITE_TITLE+$','$+file_name+$');
$array_replace = array($image_link,$thumbnail_link,$delete_link,$SITE_TITLE,$file_name_show);

$user_message = str_replace($array_find,$array_replace,$EMAIL_TEMPLATE_UPLOAD);

mail ($email,$subject,$user_message,$headers);	
return true;
}

//Login form
if($_POST['submit_id'] == 4){
	if(is_valid_email($_POST['email']) == false){ $message = 'Invalid email.';}
	if($_POST['pass1'] == NULL && $message == NULL){ $message = 'Please enter password.';}
	if($message == NULL){
		$get_user = @mysql_query("SELECT * FROM `user_list` WHERE `user_email`='$_POST[email]' AND
									`user_password`=PASSWORD('$_POST[pass1]')");
		if(@mysql_num_rows($get_user) != 1){
			$message = 'Invalid Email and/or Password.';
		} else {
			$get_user = @mysql_fetch_array($get_user);
			if($get_user['user_status'] == 1){

			$mkdate  = date("Y-m-d G:i:s");
			$session_id = generate_session(20);
			$inesrt_user_session = @mysql_query("INSERT INTO `user_sessions` (`session_id`,`user_id`,`session_start`)
				VALUES ('$session_id','$get_user[user_id]','$mkdate')");				
			$_SESSION['session_id'] = $session_id;
			disconnect_me();
			header("Location: $SITE_URL");
			exit();
		} else {
			if($get_user['user_status'] == 2){
				$message = 'Your account has been disabled.';
			} else {
				$message = 'Your account is not activated yet, please click on activation link provided with welcome email.';
			}
		}
	}			
}
}

kashifccc

Second file

load_functions.php

<?php
/*********************************************************
		This Free Script was downloaded at			
				Free-php-Scripts.net	
	This script is produced under the GPL license		
		You can do or modify this script as you like.			
Note 1: Administrator copyright notice CAN NOT be removed					
Note 2: User front Powered by Notices can be removed ONLY
if you change the site design/look so it won't reflect
				www.myimage.us looks
*********************************************************/

//Function for ads (whcih
//Appears under download link and while uploading a file
function get_add(){
	//Ads list Format: URL - TITLE - URL = WIDTH - HEIGHT
	$add_array[] = array('http://www.GoldLand.us','Gold Land USA','http://www.myimage.us/images/gold_land.gif','170','113');
	$add_array[] = array('http://www.FunTimes.us','Free Flash MSX Atari Games and Emulators','http://www.myimage.us/images/flash_games.gif','170','113');
	$add_array[] = array('http://www.allfreetemplates.us','Free HTML Flash and Auction Templates','http://www.myimage.us/images/free_templates.gif','170','113');
	$add_array[] = array('http://www.MyImage.us','Free Image Hosting','http://www.myimage.us/images/free_image_hosting.gif','170','113');
	$add_array[] = array('http://www.GoldLand.us','Gold Land USA','http://www.myimage.us/images/gold_land.gif','170','113');

srand ((double) microtime()*1000000);
$random = rand(0,count($add_array)-1);
return $add_array[$random];
}

//Check File Extension
function check_extensions($extension,$isflash){
	if($isflash == 1){
		$allowed_array = array('gif','jpg','jpeg','bmp','png','swf'); 
	} else {
		$allowed_array = array('gif','jpg','jpeg','bmp','png'); 
	}

return in_array($extension,$allowed_array);
}

//Function to report error
function do_error($error,$is_fatal){
	mail($SITE_ADMIN,'Error @'.$SITE_TITLE,$error,$headers);
	if($is_fatal == 2){
		die('An error has occured, a message has been dispatched to site administrator.');
	}
	return;
}

//Function to encrypt
function encode_password($data,$keyfile) { //ecncrypt $data with the key in $keyfile with an rc4 algorithm
    $pwd = $keyfile;
        $pwd_length = strlen($pwd);
    for ($i = 0; $i < 255; $i++) {
          $key[$i] = ord(substr($pwd, ($i % $pwd_length)+1, 1));
            $counter[$i] = $i;
        }
        for ($i = 0; $i < 255; $i++) {
            $x = ($x + $counter[$i] + $key[$i]) % 256;
            $temp_swap = $counter[$i];
            $counter[$i] = $counter[$x];
            $counter[$x] = $temp_swap;

    }
    for ($i = 0; $i < strlen($data); $i++) {
                    $a = ($a + 1) % 256;
        $j = ($j + $counter[$a]) % 256;
        $temp = $counter[$a];
        $counter[$a] = $counter[$j];
        $counter[$j] = $temp;
        $k = $counter[(($counter[$a] + $counter[$j]) % 256)];
        $Zcipher = ord(substr($data, $i, 1)) ^ $k;
        $Zcrypt .= chr($Zcipher);
    }
    return $Zcrypt;
}


//Hex to binary
function hex2bin($hexdata) {

   for ($i=0;$i<strlen($hexdata);$i+=2) {
     $bindata.=chr(hexdec(substr($hexdata,$i,2)));
   }

   return $bindata;
} 

//Function to generate a new random number
function generate_session($strlen){
    return substr(md5(uniqid(rand(),1)),1,$strlen);
}

//function to get user_ip
function get_ip(){
	$ipParts = explode(".", $_SERVER['REMOTE_ADDR']);
	if ($ipParts[0] == "165" && $ipParts[1] == "21") {    

    	if (getenv("HTTP_CLIENT_IP")) {
        	$ip = getenv("HTTP_CLIENT_IP");
        } elseif (getenv("HTTP_X_FORWARDED_FOR")) {
            $ip = getenv("HTTP_X_FORWARDED_FOR");
        } elseif (getenv("REMOTE_ADDR")) {
            $ip = getenv("REMOTE_ADDR");
        }
    } else {
       return $_SERVER['REMOTE_ADDR'];
   	}
   	return $ip;
}

//Function to check for valid email
function is_valid_email($string) {
	return preg_match('/^[.\w-]+@([\w-]+\.)+[a-zA-Z]{2,6}$/', $string);
}

//Find the difference in seconds
function find_difference($end_date){
	list($date,$time) = explode(' ',$end_date);
	$startdate = explode("-",$date);
	$starttime = explode(":",$time);

list($date,$time) = explode(' ',date("Y-m-d G:i:s"));
$enddate = explode("-",$date);
$endtime = explode(":",$time);


$secons_dif = mktime($endtime[0],$endtime[1],$endtime[2],$enddate[1],$enddate[2],$enddate[0]) - mktime($starttime[0],$starttime[1],$starttime[2],$startdate[1],$startdate[2],$startdate[0]);

$difference = floor($secons_dif/60);

return $difference;
}

//Function to check for url filesize
function check_url_size($url){
   $head = "";
   $url_p = parse_url($url);
   $host = $url_p["host"];
   $path = $url_p["path"];

   $fp = @fsockopen($host, 80, $errno, $errstr, 20);
   if(!$fp) 
   { return false; } 
   else 
   {
       @fputs($fp, "HEAD ".$url." HTTP/1.1\r\n");
       @fputs($fp, "HOST: dummy\r\n");
       @fputs($fp, "Connection: close\r\n\r\n");
       $headers = "";
       while (!@feof($fp)) {
           $headers .= @fgets ($fp, 128);
       }
   }
   @fclose ($fp);
   $return = false;
   $arr_headers = explode("\n", $headers);
   foreach($arr_headers as $header) {
       $s = "Content-Length: ";
       if(substr(strtolower ($header), 0, strlen($s)) == strtolower($s)) {
           $return = trim(substr($header, strlen($s)));
           break;
       }
   } 
   return $return;
}

//Function to download file
function download_image($url,$file_name,$dir){
   $url_stuff = @parse_url($url);
   $port = isset($url_stuff['port']) ? $url_stuff['port'] : 80;

   $fp = fsockopen($url_stuff['host'], $port);
	if(!$fp){ return false;}
   $query  = 'GET ' . $url_stuff['path'] . " HTTP/1.0\n";
   $query .= 'Host: ' . $url_stuff['host'];
   $query .= "\n\n";

   @fwrite($fp, $query);

   while ($tmp = fread($fp, 8192))   {
       $buffer .= $tmp;
   }

   preg_match('/Content-Length: ([0-9]+)/', $buffer, $parts);
   $image_binary = substr($buffer, - $parts[1]);
   $file_open = @fopen($dir . "/" . $file_name,'w');
   if(!$file_open){ return false;}
   @fwrite($file_open,$image_binary);
   @fclose($file_open);
   return true;

}

//Function to generate thumbnail
function make_thumb($filename,$filename_is,$max_width,$max_height,$upload_dir,$thumb_dir){   

$thumb_dir = $thumb_dir;
$comp_name = $upload_dir.$filename;
if( !file_exists( $thumb_dir ."$filename" )) 
{ 

    if ( strstr ( $filename_is, '.gif' ) ) 
    { 
        $im = imagecreatefromgif( $path . $comp_name); 
    } 
    elseif ( preg_match( '/(.jpg|.jpeg)/i', $filename_is )) 
    { 
        $im = imagecreatefromjpeg( $path . $comp_name); 
    } 
    elseif ( preg_match( '/.png/i', $filename_is )) 
    { 
        $im = imagecreatefrompng( $path . $comp_name);                     
    }         
	if(!$im){ return false;}
    $white = imagecolorallocate($im, 255, 255, 255); 
    $black = imagecolorallocate($im, 0,0,0); 
    $y = 50 * imagesy($im) / 100; 

    $widths = imagesx($im); 
    $heights = imagesy($im); 

    if ( $widths > $max_width ) 
    { 
        $img_width  = $max_width; 
        $img_height = ceil( ( $heights * ( ( $max_width * 100 ) / $widths ) ) / 100 ); 
        $heights = $img_height; 
        $widths  = $img_width; 
    } 
    else 
    { 
        $img_height = $heights; 
    } 

    if ( $heights > $max_height ) 
    { 
        $img_height  = $max_height; 
        $img_width   = ceil( ( $widths * ( ( $max_height * 100 ) / $heights ) ) / 100 ); 
    } 
    else 
    { 
        $img_width = $widths; 
    } 

    $newwidth = $img_width; 
    $newheight = $img_height; 

    $sourcedata = getimagesize ( $path . $comp_name ); 

    $image = imagecreatetruecolor($newwidth, $newheight); 

    imagecopyresampled($image,$im,0,0,0,0,$newwidth,$newheight,$sourcedata[0],$sourcedata[1]); 

    $a = imagejpeg($image, $thumb_dir ."$filename"); 
	if(!$a){ return false;}

}
return true;
}

?>

Solve my problem if you can.

bpat1434

This is not an error you yourself can fix. Your code is not an issue. The server configuration (a.k.a. php.ini) is restricting users from accessing files outside the home-dir it seems. The only way around this is to tell your host that you can't upload and move images and you need the proper rights to the /tmp folder.

bradgrafelman

bpat1434 wrote:
This is not an error you yourself can fix.

I beg to differ; your destination for the [man]move_uploaded_file/man command is a URL when it needs to be a local path (e.g. /home/username/public_html/etc).

EDIT: When posting PHP code, please use the board's [PHP][/PHP] bbcode tags as they make your code much easier to read and analyze. Also, there's no reason to post two entire scripts; just post the relevant section(s) (e.g. a few lines before and after the line number indicated in the error message(s)).

bpat1434

crap.... I read the line wrong.....

bradgrafelman

Heh, it's okay, it happens :p

Also, kashifccc, you'll also have to use the local path in the image functions later on. Basically, if the file you're after is on your server, you should NOT be using a URL but rather a local path.