Welcome to WebmasterWorld Guest from 54.146.246.4

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Resizing image problem won't work after turning registers globals

     

irock

9:47 am on Jun 1, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hi after I turned off the registers_globals for my server, my mini image resizing program no longer works. Do you guys know why? Is there a quick fix to this?

<?php
Header("Content-type: image/jpeg");
$filenamee = "$_SERVER[DOCUMENT_ROOT]/$filename";
$orig_image = imagecreatefromjpeg($filenamee);
list($width, $height, $type, $attr) = getimagesize($filenamee);
if ($width > $size) {
$ratio = $size / $width;
$newwidth = $size;
$newheight = $ratio * $height; }
if ($width <= $size) {
$newwidth = $width;
$newheight = $height; }
$sm_image = imagecreatetruecolor($newwidth,$newheight) or die ("Cannot Initialize new GD image stream");;
Imagecopyresampled($sm_image,$orig_image,0,0,0,0,$newwidth,$newheight,imagesx($orig_image),imagesy($orig_image));
imageJPEG($sm_image);
imagedestroy($sm_image);
imageDestroy($orig_image);
?>

coopster

11:44 am on Jun 1, 2009 (gmt 0)

WebmasterWorld Administrator coopster is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Register globals would put any global variable, such as the name part of the name/value pair of a QUERY_STRING, into the global scope automatically. In the following url,
http://www.example.com/myscript.php?name=value&size=100

both $name and $size would be defined and ready for use in the PHP script with their values already assigned. This created security nightmares as you can imagine.

Your $size field looks to be undefined in your script and therefore failing. You need to define it by assigning it the appropriate value.

irock

4:46 pm on Jun 1, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Thanks for the reply. Though I'm not too sure what you mean.

I use this URL before and the program has successfully re-sized the image.
http://example.com/resize.php?size=115&filename=#*$!.jpg

Thanks again.

[edited by: dreamcatcher at 6:04 pm (utc) on June 1, 2009]
[edit reason] use example.com. Thanks. [/edit]

dreamcatcher

6:06 pm on Jun 1, 2009 (gmt 0)

WebmasterWorld Senior Member dreamcatcher is a WebmasterWorld Top Contributor of All Time 10+ Year Member



What coopster means is that the variables are only available in the global scope automatically with register globals ON. If you have them off you need to access them directly in the superglobal array $_GET.

$size = $_GET['size'];
$filename = $_GET['filename'];

dc