Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PHP Script Problem 1

Status
Not open for further replies.
tdpman

tdpman

Technical User
Apr 29, 2002
44
0
0
US
Afternoon everyone. I recently purchased a PHP script from someone and am having difficulty getting it to work. I am not knowledgeable enough in PHP to figure it out and can't get a reply back from the guy I bought it from. I can post the errors here and hopefully someone can tell what I am doing wrong. The script came with a config file and the actual script. Thanks in advance.

Config Script

<?
/*

*/
$basePATH = " "; // Full PATH to script dir
$baseURL = " // Full URL to script dir
$stylesheet = "style_mfuploaderII.css"; // relative path to stylesheet
// images
$foldericon = "images/folder.gif";
$imageicon = "images/image.gif";
$othericon = "images/text.gif";


$showstatusDir = "yes"; // confirms directory on status report
$numUploads = "5"; // Number of upload blanks to be shown on page
$limitFiles = "yes"; // Allow only certain filetypes?
$showAllowedFiles = "yes"; //
$allowedFiles = array("jpg", "gif", "png", "bmp"); // Allowed filetypes
$mainTableWidth = "75%";
$showCopyright = "yes"; // not required

// Security
$reqSecure = "yes"; // Passcode control?
$profile = array(
// add as many profiles as you like or change any permissions for the following profiles
"admin" => array(
"allowFileDelete" => true, // delete Files
"allowDirDelete" => true, // delete Directories
"allowChangeDir" => true, // create Files
"allowCreateDir" => true, // create Directories
"allowViewGraphic" => true // view images
),
"trusteduser" => array(
"allowFileDelete" => true,
"allowDirDelete" => true,
"allowChangeDir" => true,
"allowCreateDir" => true,
"allowViewGraphic" => true
),
"regularuser" => array(
"allowFileDelete" => false,
"allowDirDelete" => false,
"allowChangeDir" => true,
"allowCreateDir" => true,
"allowViewGraphic" => true
),
"restricteduser" => array(
"allowFileDelete" => false,
"allowDirDelete" => false,
"allowChangeDir" => false,
"allowCreateDir" => false,
"allowViewGraphic" => true
),
// "nosecurityuser" is profile used if you have $reqSecure = no
"nosecurityuser" => array(
"allowFileDelete" => false,
"allowDirDelete" => false,
"allowChangeDir" => true,
"allowCreateDir" => false,
"allowViewGraphic" => true
)
);
$user = array(
// add as many users as you need
// format : "username" =>array("password" =>"password assigned by admin","profile" =>"assign profile from above")
"admin" => array("password" => "*****","profile" => "admin"),
"user1" => array("password" => "*****","profile" => "trusteduser"),
"user2" => array("password" => "*****","profile" => "regularuser"),
"user3" => array("password" => "*****","profile" => "restricteduser")
);
$notsecureprofile = "nosecurityuser"; // profile if no password security on script

// Screen Text & Error Messages - can be changed to any language
$caption = "MULTIFILE UPLOADER/MANAGER";
$loginpageMsg = "Please Enter Your Username and Passcode";
$usernameText = "Username";
$passwordText = "Passcode :";
$loggedonText = "Logged On";
$loginButtonText = "Go To Upload Section";
$logoutText = "logout now";
$directorysectionTitle = "DIRECTORY & FILE LIST ";
$deleteMsg = "Are you sure you want to delete....";
$yesMsg = "YES";
$noMsg = "NO";
$diddeleteMsg = "Deleted....";
$cannotdeleteMsg_1 = "The directory";
$cannotdeleteMsg_2 = "could not be deleted. It must be empty before you can delete it.";
$changeddirMsg = "Moved to directory....";
$makedirectoryTitle = "CREATE A NEW DIRECTORY";
$makedirText = "Directory Name";
$makedirButtonText = "Create Now!";
$existsMsg_1 = "The directory";
$existsMsg_2 = "already exists";
$createddirMsg = "Created the new directory....";
$backlinkText = "ROOT [back]";
$viewText = "View";
$deletelinkText = "DELETE";
$typeText = "Type";
$nameText = "Name";
$sizeText = "Size";
$modifiedText = "Modified";
$uploadsectionTitle = "SELECT FILES TO UPLOAD";
$directorywarningMsg = "- Be Sure You Are At The Correct Directory";
$allowedfiletypesText = "Allowed Filetypes";
$lineText = "File";
$uploadButtonText = "Upload Files";
$statusMsg = "Upload Status :";
$nofileMsg = "No file selected for upload";
$notallowedMsg = "NOT ALLOWED";
$existsMsg = "ALREADY EXISTS";
$successMsg = "has been uploaded";
$linkSpacer = " <b> : </b> ";
?>


**********************************

Actual Script

**********************************

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<?
/*

*/
include("config_mfuploaderII.php");
if(!$wkgdir) $wkgdir="/";

// table framing whole page
$pageTop = "<html><head><title>$caption</title><link href=$stylesheet rel=stylesheet type=text/css></head><body><div align=\"center\" class=caption>$caption</div><div align=\"center\"><table width=$mainTableWidth border=0><tr><td>";

$pageBottom = "</td></tr></table></div></html></body>";

if($showCopyright == "yes") {
$pre = "Multifile Uploader/Manager";
$version = "1.0";
$startdate = "2003";

$copyright ="&nbsp;<p><div align=center class=copybar>$pre (v.$version) Copyright © $startdate - ". date ("Y")." <a href= target=_new>Teletone [Canada] / 2t2.com</a></div>";
}

// session management
if($reqSecure == "yes") {
session_start();
if (!session_is_registered("mfupload")) {
if (isset($_POST["username"]) && isset($_POST["password"]) && isset($user[$_POST["username"]]) && ($_POST["password"] == $user[$_POST["username"]]["password"])) {
session_register("mfupload");
$_SESSION["mfupload"] = $_POST["username"];
header("Location: $PHP_SELF");
exit;
}
else {
// login page
echo $pageTop;
echo "&nbsp;<p><div align=\"center\" class=sitetag>$loginpageMsg</div>";
echo "&nbsp;<p><div align=\"center\"><table border=0>";
echo "<form name=loginform method=post action=$PHP_SELF>";
echo "<tr><th>$usernameText</th><td><input type=text name=username style=\"width: 135px;\"></td></tr>";
echo "<tr><th>$passwordText</th><td><input type=password name=password style=\"width: 135px;\"></td></tr>";
echo "<tr><th>&nbsp;</th><td><input type=submit class=button value=\"$loginButtonText\" style=\"width: 135px;\"></td></tr>";
echo "</form></table></div>";
echo "<script language=javascript>document.loginform.username.select();document.loginform.username.focus();</script>";
echo $copyright;
echo $pageBottom;
exit;
}
}
else {
$username = $_SESSION["mfupload"];
}
}//end of if $reqSecure

// kill session
if($_GET["action"]=="logout") {
session_unset("mfupload");
header("Location: $PHP_SELF");
exit;
}

// User Permission Settings
if(!session_is_registered("mfupload")) {
$userprofile = $notsecureprofile;
}
else {
$userprofile = $user[$username]["profile"];
}

$allowFileDelete = $profile[$userprofile]["allowFileDelete"];
$allowDirDelete = $profile[$userprofile]["allowDirDelete"];
$allowChangeDir = $profile[$userprofile]["allowChangeDir"];
$allowCreateDir = $profile[$userprofile]["allowCreateDir"];
$allowViewGraphic = $profile[$userprofile]["allowViewGraphic"];


function page_detail(){
include("config_mfuploaderII.php");
global $userprofile,$allowFileDelete,$allowChangeDir,$allowCreateDir,$allowViewGraphic;
global $basePATH,$wkgdir,$msg2,$msg_upload,$action,$file,$image,$fileurl;

if($allowCreateDir) {
$makenewdir = "&nbsp;<br><div align=\"left\"><li><b>$makedirectoryTitle</b></div><div align=\"center\"><table border=\"0\" width=\"100%\" class=bodytable><form method=\"post\" action=\"$PHP_SELF\"><input type=\"HIDDEN\" name=\"action\" value=\"mkdir\"><input type=\"HIDDEN\" name=\"wkgdir\" value=\"$wkgdir\"><tr><th style=\"width: 20%;\"> $makedirText </td><td><input type=\"text\" name=\"mkdirfile\" style=\"width: 100%;\"></td><td style=\"width: 20%;\"><input type=\"submit\" name=\"mkdir\" value=\"$makedirButtonText\" class=button style=\"width: 100%;\"></td></tr></form></table></div>";
}
$backlink = "<div align=\"center\"><table border=\"0\" width=\"100%\"><tr><td><div align=\"left\"><A HREF=\"$PHP_SELF?action=root\">«$backlinkText</a></div></td></tr></table></div";

if($action == "" || $action == "root") {
echo $makenewdir;
}
else {
echo $backlink;
}
echo "<div align=\"center\"><table border=\"0\" width=\"100%\">";
if($msg2 !="") {
echo " <tr><td colspan=\"2\" class=msg_table>$msg2</td></tr>";
}
echo "</table>";
// Upload Files
echo "&nbsp;<br><div align=\"left\"><li><b>$uploadsectionTitle</b>";
if($allowChangeDir) {
echo $directorywarningMsg;
}
echo "</div>";
echo "<div align=\"center\"><table width=100% border=\"0\" class=bodytable>";
if($showAllowedFiles == "yes") {
echo "<tr><th colspan=2><div align=\"center\">$allowedfiletypesText : ";
for($i=0;$i<count($allowedFiles);$i++) {
if (($i<>count($allowedFiles)-1))$commas=", "; else $commas="";
list($key,$value)=each($allowedFiles);
echo $value.$commas;
}
}
echo "</div></td></tr>";
echo "<tr><td width=50%><table width=100% border=0>";
echo "<form enctype=\"multipart/form-data\" action=\"$PHP_SELF\" method=\"post\">";
echo "<input type=\"hidden\" name=\"wkgdir\" value=\"$wkgdir\">";
$num = 0;
while($num < $numUploads) {
$num++;
echo "<tr><th style=\"width: 20%;\">$lineText $num:</td><td><input name=\"dofile$num\" type=\"file\" style=\"width: 100%;\"></td></tr> ";
}
echo "<tr><td style=\"width: 20%;\">&nbsp;</td><td><input name=\"doupload\" type=\"submit\" value=\"$uploadButtonText\" class=button style=\"width: 100%;\"></td></tr>";
echo "</form>";
echo "</table></td>";
echo "<td width=50%><div align=\"center\"><table width=95% border=0 class=msg_table>";
if($msg_upload) {
echo "<tr><th colspan=3><div align=\"center\">$statusMsg ";
if($showstatusDir == "yes") {
echo $wkgdir;
}
echo "</div></td></tr>";
echo $msg_upload;
}
echo "</table></div></td></tr></table></div>";
}

// File size calculations
function display_size($file){
$file_size = filesize($file);
if($file_size >= 1073741824) {
$file_size = round($file_size / 1073741824 * 100) / 100 . "g";
}
elseif($file_size >= 1048576) {
$file_size = round($file_size / 1048576 * 100) / 100 . "m";
}
elseif($file_size >= 1024) {
$file_size = round($file_size / 1024 * 100) / 100 . "k";
}
else{
$file_size = $file_size . "b";
}
return $file_size;
}
// List the files function
function list_files() {
include("config_mfuploaderII.php");
global $userprofile,$allowFileDelete,$allowViewGraphic;
global $allowedFiles,$basePATH,$wkgdir,$key;

// Load directory into array
$handle=opendir(".");
while ($file = readdir($handle)) {
if(is_file($file)) $filelist[] = $file;
}
closedir($handle);
// List files
if($filelist) {
asort($filelist);
while (list ($key, $file) = each ($filelist)) {
$ext = substr(strrchr( $file , "." ), 1);
$ext = str_replace("jpeg", "jpg", $ext);
// Image
if(in_array($ext,$allowedFiles)) {
$icon = "<img src=\"$imageicon\" alt=\"Image\" border=\"0\" width=\"16\" height=\"16\">";
}
// Not an image
else {
$icon = "<img src=\"$othericon\" alt=\"Not An Image\" border=\"0\" width=\"15\" height=\"15\">";
}

$filename=$basePATH.$wkgdir.$file;
$fileurl=rawurlencode($wkgdir.$file);
$lastchanged = filectime($filename);
$changeddate = date("d-m-Y H:i:s", $lastchanged);
// List the file(s)
echo "<tr><td align=\"center\">$icon</td><td>".htmlspecialchars($file)."</td><td align=\"right\">".display_size($filename)."</td><td align=\"right\">".$changeddate."</td><td>";
if($allowViewGraphic && in_array($ext,$allowedFiles)) {
echo "<a href=$baseURL$wkgdir$file target=_new>$viewText</a>";
} else { echo "&nbsp;"; }
echo "</td><td>";
if($allowFileDelete) {
echo "<a href=\"$PHP_SELF?action=del&wkgdir=$wkgdir&file=$file\">$deletelinkText</a>";
} else { echo "&nbsp;"; }
echo "</td></tr>";
}
}
}
// List the directories
function displaydir() {
include("config_mfuploaderII.php");
global $userprofile,$allowDirDelete,$allowChangeDir;
global $username,$file,$basePATH,$wkgdir;

// logout link
if (session_is_registered("mfupload")) {
echo "<div align=\"right\">$loggedonText - $username&nbsp;&nbsp;$linkSpacer<a href=$PHP_SELF?action=logout>$logoutText</a>$linkSpacer</div>";
}

if($allowChangeDir) {
// Draw the main table for directories and files
echo "&nbsp;<br><div align=\"left\"><li><b>$directorysectionTitle $wkgdir</b></div>";
echo "<div align=\"center\"><table border=\"0\" cellspacing=\"1\" cellpadding=\"1\" width=\"100%\" class=bodytable>";
echo "<tr><th>$typeText</th><th style=\"width: 40%;\">$nameText</th><th style=\"width: 10%;\">$sizeText</th><th>$modifiedText</th><th>&nbsp;</th><th>&nbsp;</th></tr>";
// Load directory into array
chdir($basePATH . $wkgdir);
$handle=opendir(".");
while (false !== ($file = readdir($handle))) {
if(is_dir($file)) $dirlist[] = $file;
}
closedir($handle);
// List directories first
if($dirlist) {
asort($dirlist);
while (list ($key, $file) = each ($dirlist)) {
if($file != "." && $file != "..") {

$fileurl=rawurlencode($wkgdir.$file);

echo "<tr><td align=\"center\"><img src=\"$foldericon\" border=\"0\" width=\"15\" height=\"13\"></td><td><A HREF=\"$PHP_SELF?action=chdr&file=$fileurl\">".htmlspecialchars($file)."</a></td><td align=\"right\"></td><td align=\"right\">&nbsp;</td><td>&nbsp;</td><td>";
if($allowDirDelete) {
echo "<A HREF=\"$PHP_SELF?action=del&wkgdir=$wkgdir&file=$file\">$deletelinkText</A></td></tr>";
}
}
}
list_files();
echo "</table></div>";
}
}
}
// User has entered .. as directory. Potential security breach. Deny access.
$regexp="\\.\\.";
if (ereg( $regexp, $file, $regs )| ereg( $regexp, $wkgdir,$regs ))
{
$msg2 = "ERROR: Directories may not contain the character \"..\"";
echo $pageTop;
page_detail();
killit();
echo $copyright;
echo $pageBottom;
exit;
}

if($doupload) {
global $allowedFiles;
$num = 0;
while($num < $numUploads) {
$num++;

$upFile = "dofile$num"."_name";
$upFile1 = $$upFile;
$upFile2 = "dofile$num";
$upFile3 = $$upFile2;

$ext = substr(strrchr( $upFile1 , "." ), 1);
$ext = str_replace("jpeg", "jpg", $ext);

$size = filesize($upFile3)/1024;
$size = round($size,1);

// error messages
if($upFile3 == "") {
$msg_upload .= "<tr><td>$lineText $num :</td><td colspan=2>$nofileMsg</td></tr>";
}
elseif($limitFiles == "yes" && !in_array($ext,$allowedFiles)) {
$msg_upload .= "<tr><td>$lineText $num :</td><td><b>$upFile1</b></td><td>$notallowedMsg</td></tr>";
}
elseif(file_exists("$basePATH.$wkgdir$upFile1")) {
$msg_upload .="<tr><td>$lineText $num :</td><td><b>$upFile1</b></td><td>$existsMsg</td></tr>";
}
else {
// everything OK
move_uploaded_file ($upFile3, "$basePATH.$wkgdir$upFile1");
$msg_upload .="<tr><td>$lineText $num :</td><td><b>$upFile1</b> ($size)</td><td>$successMsg</td></tr>";
}
}
echo $pageTop;
displaydir();
page_detail();
echo $copyright;
echo $pageBottom;
exit;
}


// Begin actions code
switch ($action){
// No $action variable? Display initial page
case "":
echo $pageTop;
displaydir();
page_detail();
echo $copyright;
echo $pageBottom;
break;
// Change to root dir
case "root":
$wkgdir="/";
echo $pageTop;
displaydir();
page_detail();
echo $copyright;
echo $pageBottom;
break;

// Change directory
case "chdr":
$wkgdir=$file."/";
$msg2 = "$changeddirMsg $wkgdir";
echo $pageTop;
displaydir();
page_detail();
echo $copyright;
echo $pageBottom;
break;
// Delete file or directory
case "del":
if ($confirm=="yes") {
if(is_dir($basePATH.$file)) {
$result = @rmdir($basePATH.$file);
if($result == 0) {
$msg2 = "$cannotdeleteMsg_1 '$file' $cannotdeleteMsg_2";
}
}
else {
unlink($basePATH.$wkgdir.$file);
$msg2 = "$diddeleteMsg $file";
}
}
else {
$msg2 = "$deleteMsg $wkgdir$file ? <a href=\"$PHP_SELF?action=del&confirm=yes&wkgdir=$wkgdir&file=$file\">$yesMsg</a> | <a href=\"$PHP_SELF\">$noMsg</a>";
}
echo $pageTop;
displaydir();
page_detail();
echo $copyright;
echo $pageBottom;
break;

// Create directory
case "mkdir":
// The directory already exists.
if(file_exists($basePATH.$wkgdir.$mkdirfile)) {
$msg2 = "$existsMsg_1 $wkgdir$mkdirfile $existsMsg_2";
}
else {
$msg2 = "$createddirMsg $wkgdir$mkdirfile";
mkdir($basePATH.$wkgdir.$mkdirfile,0750);
}
echo $pageTop;
displaydir();
page_detail();
echo $copyright;
echo $pageBottom;
break;
}
?>

********************

I am getting these errors:

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/tdpearc/public_html/mfuploaderII.php:2) in /home/tdpearc/public_html/mfuploaderII.php on line 28

Warning: chdir(): No such file or directory (errno 2) in /home/tdpearc/public_html/mfuploaderII.php on line 217

Warning: filectime(): Stat failed for /.ftpquota (errno=2 - No such file or directory) in /home/tdpearc/public_html/mfuploaderII.php on line 185

Warning: filesize(): Stat failed for /.ftpquota (errno=2 - No such file or directory) in /home/tdpearc/public_html/mfuploaderII.php on line 141

********************

I think it may just be a path issue or possibly where I have loaded the scripts in my server space. I hope its' that simple. Again, I certainly appreciate any help you might be able to provide.
 
Sort by date Sort by votes
For the warning "Warning: session_start()", see section 1.4 of faq434-2999


As for the other three errors, I'm disinclined to examine ~600 lines of PHP code for details, but I suspect that the probem is in this line in the configuration script:

$basePATH = " "; // Full PATH to script dir

I infer from the comment that the script will expect $basePATH to contain a filesystem path. However, the variable contains a URL. Since the very next line reads:

$baseURL = " // Full URL to script dir

I feel pretty good about my inference.

Change the $basePATH line to match the filesystem path where the scripts are running.


Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
One thing at a time:

The meta tag before the PHP code makes the header for the session fail:
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
The original author probably did not test the script with the $reqSecure = yes switch on. There cannot be any output before a header() command and incidentally the session_start() directive sends a header.


It is highly recommended to keep back payment until the product actually works. I guess, we've all made such a mistake in the past.
 
Upvote 0 Downvote
Thanks sleipnir214 & DRJ478 for the quick replies. I removed the meta tag and that fixed the cookie issue. I am a little unclear on the $basePATH issue. Since I am uploading this to a server that I do not own, how do I know the path that it should be pointed to? Sorry about this, I'm new at all this. The unedited script had this in it:

$basePATH = "e:/inetpub/ // Full PATH to script dir

I'm not sure what I need to change that to.
 
Upvote 0 Downvote
Is that information they would supply and if so, what exactly should I ask?
 
Upvote 0 Downvote
Write a code snippet and have it prompt out where it actually resides (from the perspective of the file system):
Code: 
<?php
# show where you are
echo "The current Path is: ";
echo getcwd();
?>
AN ispection of the server variables also might reveal the path:
Code: 
<?php
print_r($_SERVER);
?>
 
Upvote 0 Downvote
Ran the first script and got this:

The current Path is: /home/tdpearc/public_html

2nd Script got this:

Array ( [PATH] => /usr/local/bin:/usr/bin:/bin [DOCUMENT_ROOT] => /home/tdpearc/public_html [HTTP_ACCEPT] => text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7 [HTTP_ACCEPT_ENCODING] => gzip,deflate [HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5 [HTTP_CONNECTION] => keep-alive [HTTP_COOKIE] => PHPSESSID=3f814cea659648144717a72c59bdc541 [HTTP_HOST] => [HTTP_KEEP_ALIVE] => 300 [HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6 [REMOTE_ADDR] => 165.122.125.216 [REMOTE_PORT] => 4255 [SCRIPT_FILENAME] => /home/tdpearc/public_html/NoName2.php [SERVER_ADDR] => 66.98.228.31 [SERVER_ADMIN] => webmaster@leachfiredepartment.com [SERVER_NAME] => [SERVER_PORT] => 80 [SERVER_SOFTWARE] => Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.22 OpenSSL/0.9.7a PHP-CGI/0.1b [GATEWAY_INTERFACE] => CGI/1.1 [SERVER_PROTOCOL] => HTTP/1.1 [REQUEST_METHOD] => GET [QUERY_STRING] => [REQUEST_URI] => /NoName2.php [SCRIPT_NAME] => /NoName2.php [PHP_SELF] => /NoName2.php [argv] => Array ( ) [argc] => 0 )
 
Upvote 0 Downvote
OK, I changed the BASEpath to /home/tdpearc/public_html and it appears to have fixed it. Again, thanks for the help and the patience. It is most appreciated.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
122
SashaBuilder3
SashaBuilder3
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
109
PeDa
PeDa
Mandy_crw
  • Locked
  • Question
How to send sms in PHP using usb gsm modem?
Replies
1
Views
123
vishvajit
vishvajit
lflynnlrf
  • Locked
  • Question
wordpress/ shortcode/ PHP duplicating code
Replies
1
Views
67
spamjim
spamjim
cmayo
  • Locked
  • Question
Is PHP/PEAR MDB2 dead? Which PHP abstraction layer should I use?
Replies
1
Views
52
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top