Printable View
i have a script that resizes images to a thumbnail, and i dont want people to find it, like it and use it on their site. Is there a way that i can make it so they cant use it on other sites?
or maybe make it so that it is hidden. here is how i call the script:
PHP Code:<img src="http://www.mysite.tld/includes/image_resize.php?http://www.mysite.tld/IMAGE.png">
ok i figured it out, I added this:
PHP Code:$image_path = $_SERVER['QUERY_STRING'];
$urlcheck = parse_url($image_path);
if ($urlcheck[host]=="pics.rapidfriends.com"||$urlcheck[host]=="www.rapidfriends.com") {
//some code if the picture is on my server
} else {
$string = "SCRIPT STOLEN";
$im = imagecreate(120, 30);
$bg = imagecolorallocate($im, 255, 255, 255);
$textcolor = imagecolorallocate($im, 0, 0, 255);
imagestring($im, 5, 0, 0, $string, $textcolor);
header("Content-type: image/png");
imagepng($im);
}
You're not generating the thumbnail every single time someone views it are you?
Just generate it once when the image is uploaded and save it as a file on the server. Solves both problems at once.
is it bad to generate the thumbnail everytime?
Well yes, it's an unnecessary strain on the server especially if the original images are large and the thumbnails get a lot of hits. It will slow down requests and drastically reduce the number of visitors you can serve at any one time.
Remember that static files are very quick to serve and anything dynamic is slow.
If you are building a serious website then anything you can do to reduce server load is good.
can you help make it so that it wont just create a temporary file. Here is the source:
PHP Code:# Constants
define(IMAGE_BASE, '../pics/');
define(IMAGE_BASE1, '../pics/');
define(MAX_WIDTH, 100);
define(MAX_HEIGHT, 100);
$image_path = $_SERVER['QUERY_STRING'];
# Load image
$img = null;
$ext = strtolower(end(explode('.', $image_path)));
if ($ext == 'jpg' || $ext == 'jpeg') {
$img = @imagecreatefromjpeg($image_path);
} else if ($ext == 'png') {
$img = @imagecreatefrompng($image_path);
# Only if your version of GD includes GIF support
}
else if ($ext == 'gif') {
$img = @imagecreatefromgif($image_path);
# Only if your version of GD includes GIF support
}
else if ($ext == 'bmp') {
$img = imagecreatefrombmp($image_path);
# Only if your version of GD includes GIF support
}
else if ($ext == 'tif') {
$img = imagecreatefromtif($image_path);
# Only if your version of GD includes GIF support
}
# If an image was successfully loaded, test the image for size
if ($img) {
# Get image size and scale ratio
$width = imagesx($img);
$height = imagesy($img);
$scale = min(MAX_WIDTH/$width, MAX_HEIGHT/$height);
# If the image is larger than the max shrink it
if ($scale < 1) {
$new_width = floor($scale*$width);
$new_height = floor($scale*$height);
# Create a new temporary image
$tmp_img = imagecreatetruecolor($new_width, $new_height);
# Copy and resize old image into new image
imagecopyresampled($tmp_img, $img, 0, 0, 0, 0,
$new_width, $new_height, $width, $height);
imagedestroy($img);
$img = $tmp_img;
}
}
# Create error image if necessary
if (!$img) {
# Get image location
$image_file = str_replace('..', '', $_SERVER['QUERY_STRING']);
$image_path = "http://rapidfriends.com/images1/image.gif";
# Load image
$img = null;
$ext = strtolower(end(explode('.', $image_path)));
if ($ext == 'jpg' || $ext == 'jpeg') {
$img = @imagecreatefromjpeg($image_path);
} else if ($ext == 'png') {
$img = @imagecreatefrompng($image_path);
# Only if your version of GD includes GIF support
}
# If an image was successfully loaded, test the image for size
if ($img) {
# Get image size and scale ratio
$width = imagesx($img);
$height = imagesy($img);
$scale = min(MAX_WIDTH/$width, MAX_HEIGHT/$height);
# If the image is larger than the max shrink it
if ($scale < 1) {
$new_width = floor($scale*$width);
$new_height = floor($scale*$height);
# Create a new temporary image
$tmp_img = imagecreatetruecolor($new_width, $new_height);
# Copy and resize old image into new image
imagecopyresampled($tmp_img, $img, 0, 0, 0, 0,
$new_width, $new_height, $width, $height);
imagedestroy($img);
$img = $tmp_img;
}
}
}
# Display the image
if($img)
{
header("Content-type: image/jpeg");
imagejpeg($img);
}
else
{
print "$image_path";
}
and here is my current upload image file:
I am looking at the 2nd bit of code, and it looks like it is already making a thumbnail...PHP Code:if ($_POST['submit']=="Upload") {
function func_makethumb_avatar_upload($filename,$width,$ext)
{
//describe dynamic image resize function for uploading user avatars and delete original
ob_start(); //output buffering
$thumb_quality = 60; // JPEG image quality (0-100) for thumbnails
$thumb_width = $width; // resized images will have this width
$req_dir = getcwd();// get current working directory
$avatar_url = $filename;//path to image
if (file_exists($avatar_url)){
list($width, $height, $type, $attr) = getimagesize($avatar_url); //...get its size and stuff like that and...
if ($width != $thumb_width && $width > $thumb_width)
{
//...if the thumbnail is not the same size as $thumb_width we need to resize it so...
if($ext=="jpg"||$ext=="jpeg")
{
$image_handle = imagecreatefromjpeg($avatar_url); //
}
if($ext=="png")
{
$image_handle = imagecreatefrompng($avatar_url); //
}
if($ext=="gif")
{
$image_handle = imagecreatefromgif($avatar_url); //
}
if($ext=="bmp")
{
$image_handle = imagecreatefrombmp($avatar_url); //
}
if($ext=="tif")
{
$image_handle = imagecreatefromtif($avatar_url); //
}
$thumb_height = round(($thumb_width / $width) * $height); //resizing etc
$thumbnail = imagecreatetruecolor($thumb_width, $thumb_height) or
$thumbnail = imagecreate($thumb_width, $thumb_height);
imagecopyresampled($thumbnail, $image_handle, 0, 0, 0, 0, $thumb_width, $thumb_height, $width, $height);
unlink($avatar_url);//now delete the original
imagejpeg($thumbnail, $avatar_url, $thumb_quality); //actually create a jpg from $thumbnail, store it in location $avatar_url, with quality $thumb_quality
imagedestroy($image_handle); //clear buffer #*$!
imagedestroy($thumbnail);
ob_end_flush();
//end output buffering
}
}
}
/*
$file_name=$picture_url;
func_makethumb_avatar_upload($file_name,400,$ext);
$res=chmod($file_name,0755);
$result = move_uploaded_file($_FILES["image"]["tmp_name"], $picture_url);
*/
if(!empty($_FILES["image"])) {
$filename = $_FILES["image"]["name"];
$ext = strtolower(end(explode('.', $filename)));
if($ext!="jpg"&&$ext!="jpeg"&&$ext!="png"&&$ext!="tif"&&$ext!="gif"){
$err['extension'] = "The file you selected was not an image file, or is not supported by our system";
} else{
#MAKES UP A RANDOM FILE NAME FOR IMAGE
$memid = $_SESSION['member_id'];
$rand1 = rand(1, 99);
$rand2 = rand(100, 999);
$rand3 = rand(1000, 9999);
$rand = $rand3 - $rand2 + $rand1;
$picture_id = $rand;
$newpicname = $picture_id.".".$ext;
#IF THERE IS NOT A DIR FOR THE USER, MAKE ONE
if (!is_dir("pics/$memid")){
mkdir("pics/$memid");
}
#CHECK TO SEE IF THE USER CHOOSE TO ADD A NEW ALBUM
if ($_POST['album']=="0") {
if ($_POST['new_album']!="") {
##ADD NEW ALBUM##
$newalbum = $_POST['new_album'];
#CHECK TO SEE IF ALBUM EXISTS
$sql = "SELECT * FROM `picture_albums` WHERE member_id='$memid' AND name='$newalbum'";
$query = mysql_query($sql);
$num = mysql_num_rows($query);
if ($num == "0") {
#ADD ALBUM
$sql = "INSERT INTO `picture_albums` SET member_id='$memid', name='$newalbum'";
$query = mysql_query($sql);
$newalbumstat = "true";
} else {
#ADD ERROR...
$err['album'] = "Album Already Exists";
}
} else {
$err['noalbum'] = "No Album Was Selected";
}
} else {
#ADD TO EXISTING ALBUM
#CHECK TO SEE IF IT IS THEIR ALBUM
$album = $_POST['album'];
if ($album != "default") {
$sql = "SELECT `member_id` FROM `picture_albums` WHERE album_id='$album' AND member_id='$memid' LIMIT 1";
$query = mysql_query($sql);
$num = mysql_num_rows($query);
if ($num !="0") {
#IT IS THEIR ALBUM
$newalbumstat = "false";
} else {
#ADD ERROR...
$err['album'] = "The Album Selected Does Not Belong To You";
}
} else {
$newalbumstat = "false";
}
}
if ($err=="") {
#UPLOAD FILE!!!
switch($newalbumstat) {
case "true":
#IS A NEW ALBUM, GET ALBUM ID, INSERT INTO DB, THEN UPLOAD
$sql = "SELECT `album_id` FROM `picture_albums` WHERE `name`='$newalbum' AND member_id='$memid' LIMIT 1";
$query = mysql_query($sql);
$a = mysql_fetch_array($query);
$albumid = $a['album_id'];
#ADD IMAGE TO DATABASE
$fullurl = "http://pics.rapidfriends.com/$memid/$newpicname";
$uploadurl = "pics/$memid/$newpicname";
$caption = $_POST['caption'];
$sql = "INSERT INTO `pictures` SET member_id='$memid', caption='$caption', url='$fullurl', album='$albumid'";
$query = mysql_query($sql);
func_makethumb_avatar_upload($uploadurl,400,$ext);
$result = move_uploaded_file($_FILES["image"]["tmp_name"], $uploadurl);
$res=chmod($uploadurl,0755);
break;
case "false":
#NOT A NEW AlBUM
$albumid = $_POST['album'];
$fullurl = "http://pics.rapidfriends.com/$memid/$newpicname";
$uploadurl = "pics/$memid/$newpicname";
$caption = $_POST['caption'];
$sql = "INSERT INTO `pictures` SET member_id='$memid', caption='$caption', url='$fullurl', album='$albumid', location='$uploadurl'";
$query = mysql_query($sql);
$result = move_uploaded_file($_FILES["image"]["tmp_name"], $uploadurl);
func_makethumb_avatar_upload($uploadurl,400,$ext);
$res=chmod($uploadurl,0755);
break;
}
}
if (!$result) {
$err['upload'] = "<div align='center'><span class='dark_orange'>File Did Not Upload Correctly, There Was An Error</span></div>";
} else {
echo "<div align='center'><span class='dark_orange'>Your images was successfuly uploaded!</span></div><br><br>";
echo "<div align='center'><img src='$uploadurl' title='$caption'><br>$caption</div><br><br>";
echo "<a href='member_home.php'>Home</a>";
}
if(is_array($err)) {
echo "The Following Errors Were Returned:<font color='red'><ul>";
while(list($key, $val) = each($err)){
echo "<li> > " . $val . "</li>";
}
echo "</ul></font><br><br>";
}
}
}
}