Hi all, I got a slight problem with my art gallery script. Because in the future I plan on making the script where other people can upload their images. The thing is its unpredictable what filenames people will upload. So I tried to come up with an idea how to solve this. I already tried "urlencode / decode" it messes up if a filename has a '+' sign and a 'space' in it.

If you look at my code snippets below you'll see in 'index.php' that the variable 'showimage' has the 'bin2hex' function in the url. Then in the first section of snippet 'index.php' it changes it back with a function 'hex2bin' (see 'function.php' snippet). It should change the hex back to the binary filename itself and it appears to too with a few tests I've done. But it won't pull up the file and display the thumbnails, why? What am I doing wrong?
But it does work if I just use 'urlencode' except for the other issue I talked about above.
This problem is making me go crazy.

********snippets from: index.php

require "function.php";

if (isset($_GET['showthumb'])) { 
//$_GET['showthumb'] = stripslashes(urldecode($fullpath.$_GET['showthumb']));
$_GET['showthumb']= hex2bin($_GET['showthumb']);
_viewimage($_GET['showthumb']);
exit;
}

$picture_array = array();
$picture_array = filelist($fullpath);
$picture_array_count = count($picture_array);

for($i = $_GET['pic']; $i<sizeof($picture_array); $i++)
{
  if($c >= $tot)
  {
      break;// $display;
  } 
      $c++;

$tmp = process_thumb($picture_array[$i]);

$output[] = "
	<td class='color':'border':'center'><a href = 'showimage.php?image=".urlencode($id.$picture_array[$i]['name'])."'>

//bin2hex code is here
//
    <img border = '0' width = '100' height = '100' src = 
'index.php?showthumb=".bin2hex($id.$picture_array[$i]['thumb'])."' alt = '".htmlentities($picture_array[$i]['name'],ENT_QUOTES)."' title = '".htmlentities($picture_array[$i]['name'],ENT_QUOTES)."'>";

if(SHOW_NAME > 0)
    $output[] = "<br>".$picture_array[$i][name];
    $output[] = "</a>
    </td>
  ";

$div_counter++;

	if($div_counter == COLUMNS)
	{
	  $output[] = "</tr><tr>";
		$div_counter = 0;
  $row_counter++;

	  if($row_counter == ROWS)
  {

	  break;
	  }
	}
	$prev_pic = $_GET['pic'];
$next_pic = $i;
}

******** snippets from: function.php

function hex2bin($s) {
  for ($i = 0; $i < strlen($s); $i += 2) {
  @$bin .= chr(hexdec(substr($s,$i,2)));
  }
  return $bin;
  }


function _viewimage($name) {	
	header("Content-type: image/jpeg");
	$fd = fopen ($name, "r");
	$contents = fread ($fd, filesize ($name));
	fclose ($fd);
	echo $contents;  

}

    urlencode is the right way to do it, unless you have an issue with duplicate names then either add a unique string or rewrite all the filenames to something unique

      dagon;10877979 wrote:

      urlencode is the right way to do it, unless you have an issue with duplicate names then either add a unique string or rewrite all the filenames to something unique

      Here is the problem I'm having with 'urlencode'
      the file looks like this in the url
      %2B+sg.jpg
      The thing is that plus sign is there as a placeholder in the url and the '%2B' is the real plus sign. After clicking the url the image it was supposed to pull up doesn't show, and when I look at the properties of the image that was supposed to show it shows up as ++sg.jpg which is not what was supposed to happen. Am I making a mistake somewhere?

        • is a urelecoded space, i don't understand what you mean by calling it a place holder

          Thank you for everyone's help. I just made a little oversight and forgot to put the $fullpath variable before hex2bin

            Write a Reply...