Alternative to allow_url_fopen = YES

[sde]

in the spirit of 'teach a man to fish ....', .. go visit php.net, and type in fread in the search bar.

errors are your friend. read the errors. if you have a wrong parameter count, then you're missing something in the fread() arguments. you can find out what that argument is supposed to be on the fread() page of the php.net site.

php has awesome documentation. i'm not just saying RTFM, but rather wanting to show you what an awesome tool that site is. no other language i've worked with has such a good set of documentation with examples and user examples like php.net.

[bufster007]

Have looked at the php examples for fread.

Its parameters require fopen, e.g.

PHP Code:

<?php
$filename = "c:\\files\\somepic.gif";
$handle = fopen($filename, "rb");
$contents = fread($handle, filesize($filename));
fclose($handle);
?>

Will have a look for examples like DJMazes which hopefully dont require this as it requires allow_url_fopen = ON. But it seems so far that the parameter error I get requires parameters that I can't supply.

Am still researching uploading files to the server too (rather then DB)

[bufster007]

For a bit more information, the reason why I need this is that I emailed my hosting company to ask them to change Alternative to allow_url_fopen to ON.

Their reply:
Yes, we can enable this but it is off by default because it is often exploited and can be a security risk to your web site. We can enable this, but we will also require a list of IP address that you wish to connect to as we will need to add these as exceptions to the firewall.

I don't have a static IP so it wouldn't work... What does everyone else do?

Most upload examples require fopen... e.g.

PHP Code:

move_uploaded_file($_FILES['imagefile']['tmp_name'],"latest.img");
        $instr = fopen("latest.img","rb");
        $image = addslashes(fread($instr,filesize("latest.img"))); 


So thats why I'm after whys that dont require fopen etc.

Am currently playing with this example:

PHP Code:

    $target = "img/products/";
    $target = $target . basename( $_FILES['uploaded']['name']) ;
    $ok=1;
    if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
    {
    echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
    }
    else {
    echo "Sorry, there was a problem uploading your file.";
    } 


[bufster007]

Have spoken to my host, they don't fopen needs to be ON, they think its a post error.

Will revert the script back and ring them with the original errors and see how we go!

[bufster007]

Good news, they have turned it ON, they told me over the phone they way i am doing it doesn't require a static ip. Which I wish I knew earlier.

I have corrected my code plus a couple of other things that made it work (filepath). Like uploading the images to the server folder path, before using the upload form (not sure if this is normal).

Anyway, they are showing up in phpmyadmin with bytes so thats great.

Weird thing is they arn't displaying as pictures just a cross, but when i echo the productid its all go.... will do some searching.
Maybe theres something else i have forgotten from when I first used this code that made it work.

PHP Code:

<?PHP echo "<img src=\"images.php?productid=$row->ProductID\">"; ?>

images.php

PHP Code:

//include file to allow multiple images to be displayed
include 'inc/connect.inc.php';
//query to display a image
$result=@mysql_query('SELECT * FROM product WHERE ProductID='.$productid) or die("We're sorry but something unexpected has happened.<br/><br/>Please contact your webmaster with the following error message:
<br/><br/>" . mysql_errno() . ": " . mysql_error() . " <br/><br/>To try again, click <a href='javascript:history.go(-2)'>here</a><br/><br/>");
Header("Content-type: image/jpeg");
$row=@mysql_fetch_object($result);
echo $row->ProductImageSmall;
?> 


[bufster007]

found my old latest version (if you know what i mean) which had an update

PHP Code:

$result=@mysql_query('SELECT * FROM product WHERE ProductID='.mysql_real_escape_string($_GET['productid'])) or die("We're sorry but something unexpected has happened.<br/><br/>Please contact your webmaster with the following error message:
<br/><br/>" . mysql_errno() . ": " . mysql_error() . " <br/><br/>To try again, click <a href='javascript:history.go(-2)'>here</a><br/><br/>"); 


Hope this helps people out there...

[DJMaze]

database based binary storage sucks. the following happens to access an image:

1. connect to DB
2. query DB
3. buffer output (say image of 2MB creates 2MB buffer)
4. echo buffer (when output buffer is on, add another 2MB of memory)
5. close DB connection
6. exit;

When using fopen:
1. $fp = fopen('filename', 'rb');
2. fpassthru($fp);
3. exit;

Run a apache benchmark against the two scripts and you know why i hate it.