|
DarkLotus posted:You could make one fairly easily if you are good with PHP. The problem isn't just serving images, you have to somehow tell the script where the image is stored on the server. What exactly are you trying to accomplish by not hard coding image paths? I'm competent but just can't be bothered to think through the security implications to be be honest. The main reason is that I'm going to serve up different images depending on some user settings. Good coders code, great reuse...and all that.
|
# ? Jul 20, 2009 20:14 |
|
|
# ? Jun 6, 2024 05:28 |
|
standard posted:I'm competent but just can't be bothered to think through the security implications to be be honest. Most of the code I have was built for a purpose and not just for general image serving so it probably won't help you much. As for security, if you are trying to secure the images from prying eyes and only want to serve up images that the user is authorized to view that gets tricky but isn't too difficult. If a directory called images and just want to serve up images/hello.jpg but would prefer <img src="image.php?i=1" /> as opposed to <img src="images/hello.jpg" /> then that is easy.
|
# ? Jul 20, 2009 20:19 |
|
DarkLotus posted:Most of the code I have was built for a purpose and not just for general image serving so it probably won't help you much. I meant 'don't give users access to my whole filesystem' type security, rather than authorization type security.
|
# ? Jul 20, 2009 20:22 |
|
standard posted:I meant 'don't give users access to my whole filesystem' type security, rather than authorization type security. Example: <img src="image.php?img=123456" /> php:<?php $imagePath = '/home/user/public_html/images/'; if ($_GET['img'] == '123456') { $imagefile = "sample"; // this value can be pulled from a database or whatever! } else { $imagefile = "blank"; } $newimage = $imagePath.$imagefile.'.png'; header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header('Content-Type: image/png'); // header('Content-Disposition: attachment; filename="' . $_GET['img'] . '.png"'); // FORCE DOWNLOAD header('Content-Disposition: filename="' . $_GET['img'] . '.png"'); $img = LoadPNG($newimage); imagepng($img); imagedestroy($img); ?> Lithium Hosting - Reliable, Affordable, Feature Packed Web Hosting DarkLotus fucked around with this message at 20:37 on Jul 20, 2009 |
# ? Jul 20, 2009 20:30 |
|
DarkLotus posted:
Why are you creating an image object? All you need to do is something like this: php:<? $fh = fopen($newimage, 'r'); while(!feof($fh)) echo fread($fh, 8192); ?>
|
# ? Jul 20, 2009 21:08 |
|
supster posted:Why are you creating an image object? All you need to do is something like this: supster posted:You are also allowing the user access to directly modify the response header. DarkLotus fucked around with this message at 23:38 on Jul 20, 2009 |
# ? Jul 20, 2009 23:34 |
|
supster posted:
readfile Edit: ignore this stupid advice gibbed fucked around with this message at 00:38 on Jul 21, 2009 |
# ? Jul 20, 2009 23:54 |
|
DarkLotus posted:They both work... Is there a good reason not to do it that way? I prefer file_get_contents over fread anyways. The problem with an open source language with many ways of doing anything is that there is no true wrong way or right way unless you are creating a huge security hole. edit: I actually left out some things in my original code that I was reminded by when I was looking at the readfile docs to make sure I wasn't crazy. Here's the full proper way of doing this (as far as I am concerned, at least): php:<? $fh = fopen($newimage, 'rb'); while(!feof($fh)) { echo fread($fh, 8192); ob_flush(); flush(); } ?> supster fucked around with this message at 00:41 on Jul 21, 2009 |
# ? Jul 21, 2009 00:30 |
|
supster posted:readfile is avoided for the same reason
|
# ? Jul 21, 2009 00:38 |
|
gibbed posted:readfile doesn't read and output in chunks? That's horrible.
|
# ? Jul 21, 2009 00:41 |
|
Just read the code. Internally readfile() opens a handle to the file then uses passthru on the handle. The passthru code attempts to mmap the file and writes it out in that case, otherwise it reads the file in 8192 byte chunks and writes them out. So, I'm assuming the problem here is buffering rather than readfile itself, because readfile itself is fine.
|
# ? Jul 21, 2009 00:46 |
|
Yeah, that is correct. The problem isn't in reading the file (which passthru does fine at 8KB chunks), but rather writing. The file gets written to PHP's internal output buffer, which generally doesn't get flushed until the end of the script's execution. The explicit call to ob_flush() forces that output to be sent to the web server (or whatever PHP is running off of) after every chunk. edit: look at php_end_ob_buffer() in output.c if you want to see what's going on, it's pretty dumb. supster fucked around with this message at 01:10 on Jul 21, 2009 |
# ? Jul 21, 2009 00:56 |
|
Lets assume that we are in control of the size of files we are serving up with an image script. If that is true, is it still an issue or has it turned into a best practice scenario now?
|
# ? Jul 21, 2009 01:35 |
|
It's ideal to not use up more resources than you have to, even if the amount of resources are insignificant.
|
# ? Jul 21, 2009 01:36 |
|
If you're going to serve up random images or other poo poo like that, never ever output it in a PHP file unless they're really loving tiny. Because you're not sending Cache headers the browser redownloads it every time. You're better off writing to a folder if the image is dynamic and then sending a 302 or 307 HTTP status with a Location header. I repeat: using PHP to send binary data is extra retarded. That goes double for serving images out of a database with PHP. waffle iron fucked around with this message at 02:26 on Jul 21, 2009 |
# ? Jul 21, 2009 02:21 |
|
waffle iron posted:That goes double for serving images out of a database with PHP. Yeah, storing images in a db is retarded.
|
# ? Jul 21, 2009 02:53 |
|
DarkLotus posted:Yeah, storing images in a db is retarded. The moral of the story is static content or content that changes less than once a day should be served off a static web server or cached to disk and served from a static web server.
|
# ? Jul 21, 2009 02:58 |
|
waffle iron posted:I repeat: using PHP to send binary data is extra retarded. That goes double for serving images out of a database with PHP.
|
# ? Jul 21, 2009 04:21 |
|
standard posted:Does anyone know of a nice image serving type script? For public or private use? I wrote one after a request sometime before, I recently updated it for some speed tweaking after Google published their performance article: http://junko.hk/junko-php-latest.tbz2 Supports i18n, Gears, loading from URL, thumbnails, etc.
|
# ? Jul 21, 2009 06:05 |
|
supster posted:This is way too wide of a generalization. There are a lot of legitimate reasons for doing it. Additionally, just because you're serving the file through PHP doesn't mean you can't set cache-control or expires headers - in fact it gives you more control to make better use of them.
|
# ? Jul 21, 2009 12:12 |
|
I'm looking for a PHP function that will compare a date with today's date and then return humanized strings such as "today", "yesterday", "in 2 days" "in 3 months", "3 years ago". Similar to "Posted" timestamp on these forums (posted 4 hours ago). I could probably manage to do it myself but it seems like a lot of hassle for something that probably exists as a function. I've tried searching...probably aren't typing the right keywords.
|
# ? Jul 21, 2009 16:42 |
|
Yossarko posted:I'm looking for a PHP function that will compare a date with today's date and then return humanized strings such as "today", "yesterday", "in 2 days" "in 3 months", "3 years ago". This is the function I use, I don't remember where I took it from unfortunately. code:
code:
|
# ? Jul 21, 2009 16:53 |
|
Thank you, it's perfect.
|
# ? Jul 21, 2009 18:02 |
|
I'm messing around with the Google Maps API and Google's Latitude and wondered how I would construct a regex to return only "latitude_e6=[NUMBERS-INCLUDING-MINUS-SIGN]&longitude_e6=[NUMBERS-INCLUDING-MINUS-SIGN]" from the fopen() results. Possibly even throw those values into their own variables. Thank you in advance
|
# ? Jul 21, 2009 19:04 |
|
Safety Shaun posted:I'm messing around with the Google Maps API and Google's Latitude and wondered how I would construct a regex to return only "latitude_e6=[NUMBERS-INCLUDING-MINUS-SIGN]&longitude_e6=[NUMBERS-INCLUDING-MINUS-SIGN]" from the fopen() results. Possibly even throw those values into their own variables. http://www.php.net/manual/en/function.parse-url.php
|
# ? Jul 21, 2009 19:12 |
|
Sorry for not explaining myself correctly. The GPS location is in the source of the body I am retriving, not the URL.
|
# ? Jul 21, 2009 19:16 |
|
What does the file look like?
|
# ? Jul 21, 2009 19:17 |
|
royallthefourth posted:What does the file look like? php:<? $handle = fopen("http://www.google.com/latitude/apps/badge/api?user=99999999999999&type=iframe&maptype=hybrid&z=20", "rt"); $contents = ''; while (!feof($handle)) { $contents .= fread($handle, 8192); } fclose($handle); ?>
|
# ? Jul 21, 2009 19:20 |
|
Safety Shaun posted:Sorry for not explaining myself correctly. The GPS location is in the source of the body I am retriving, not the URL. Use preg_match with /latitude_e6=(-?\d+\.\d+)/ and /longitude_e6=(-?\d+\.\d+)/ and $matches[1] should contain your number. If they ever use floats without leading zeroes, the first \d would have to be followed by a * instead of a +. Aaand I guess you could use /(latitude|longitude)_e6=(-?\d+\.\d+)/ and deal with the more complex return array. Whichever.
|
# ? Jul 21, 2009 20:09 |
|
Munkeymon posted:Use preg_match Thanks but I'm having trouble getting it to work. Here is a snippet of the returned string with the actual GPS location changed slighly. code:
|
# ? Jul 21, 2009 20:48 |
|
waffle iron posted:Oh man you're hilarious. You think people actually send e-tags or expires headers when they're coming to the internet for help. All I'm saying is that you're absolutely wrong when saying "never ever output it in a PHP file" - it can be the correct solution and you're not creating any sort of caching problems if you do it right. In reality I just finished working on a 6-month project I designed that involved serving files through PHP and felt the need to defend it supster fucked around with this message at 20:55 on Jul 21, 2009 |
# ? Jul 21, 2009 20:53 |
|
Safety Shaun posted:Thanks but I'm having trouble getting it to work. Oh, sorry, I just assumed they would be floats for some reason. Take out the \.\d+ part: /(latitude|longitude)_e6=(-?\d+)/ Edit: or, if you think they will ever be floats and want to be safe /(latitude|longitude)_e6=(-?\d+(?:\.\d+)?)/ Munkeymon fucked around with this message at 21:33 on Jul 21, 2009 |
# ? Jul 21, 2009 21:29 |
|
Munkeymon posted:Oh, sorry, I just assumed they would be floats for some reason. Thanks so far, sir. [php] $pattern = "/latitude_e6=(-?\d+(?:\.\d+)?)/"; preg_match($pattern, $contents, $matches); //print_r($matches); $lat = $matches[1]; [php] This prints out the value as an integer, is there anything I am wrong?
|
# ? Jul 21, 2009 21:53 |
|
How do I insert items randomly into an array of fixed size and avoid collisions? I have a list of items that I need to insert randomly into an array. The number of items will always be smaller than the size of the array and in the event of a collision I need to pick another random spot in the array. How can I do this?
|
# ? Jul 21, 2009 21:59 |
|
Agrikk posted:How do I insert items randomly into an array of fixed size and avoid collisions?
|
# ? Jul 21, 2009 22:18 |
|
Safety Shaun posted:Thanks so far, sir. No, the extra junk just keeps it from missing out on the decimals in floats if they ever get sent. If you make your own test data with decimal places you should see the difference.
|
# ? Jul 21, 2009 22:28 |
|
Munkeymon posted:If you make your own test data with decimal places you should see the difference. code:
Safety Shaun fucked around with this message at 22:36 on Jul 21, 2009 |
# ? Jul 21, 2009 22:33 |
|
Safety Shaun posted:My output is this: I get the whole thing: php:<? preg_match('/latitude_e6=(-?\d+(?:\.\d+)?)/', 'somewhereAtGoogle?latitude_e6=-51741341.123&longitude_e6=-231444&w=0&h=0&hl=en&zl=-3&cc=us&tstyp=3', $matches); print_r($matches); ?> code:
|
# ? Jul 21, 2009 23:04 |
|
I'm pretty sure parse_url will do this without any need for regexes. It doesn't actually need to be a URL, it'll take anything formatted key1=value1&key2=value2
|
# ? Jul 21, 2009 23:07 |
|
|
# ? Jun 6, 2024 05:28 |
|
supster posted:I can almost gaurantee there's a better way to do what you're trying to accomplish. What are you trying to accomplish? shuffle may be what you're looking for. To pull out the :nerd: hat here, I am writing a script that generates a star system around existing data based on the rules set forth in the MegaTraveller RPG. I have a database of approximately 50,000 star systems and each system has 1-4 suns, 0-7 gas giants, 0-3 asteroid belts and assorted worlds. The game's star system generation chapter has a pretty detailed method for generating orbital bodies in a star system and I am automating it using php/mysql. My current thought is to have an array that represents the orbits of the system and all of the sub orbits (for moons around worlds, binary & trinary systems, etc). The rules have a complicated method to place suns in a system randomly but with many modifiers, then to place gas giants, then belts, then worlds each with its own set of rules and modifiers. Since an orbit can only contain one object, rerolls are necessary. Here's the core of what I have so far, but it's broken. It doesn't check if the array is occupied properly, so if the array item is occupied, it gets overwritten buy the incoming record: code:
|
# ? Jul 21, 2009 23:20 |