Alex1646 Posted May 28, 2011 Share Posted May 28, 2011 Here is the error: Warning: image_type_to_extension() expects parameter 1 to be long, string given in C:\wamp\www\Login\inc\edit-profile.php on line 23 Here is the code for line 23: $type = image_type_to_extension($_FILES['pic']['type'], true); Here is the code for the whole page: <?php if(!$userb) { login('?p=edit-profile'); die(); } if(isset($_POST['submit'])) { $mottof = mysql_real_escape_string(bb($_POST['motto'])); $aboutf = mysql_real_escape_string(bb($_POST['about'])); $interesrsf = mysql_real_escape_string(bb($_POST['interests'])); $booksf = mysql_real_escape_string(bb($_POST['books'])); $authorsf = mysql_real_escape_string(bb($_POST['author'])); $randf = mysql_real_escape_string(bb($_POST['random'])); if($_FILES['pic']['type'] == 'image/gif' || $_FILES['pic']['type'] == 'image/jpeg' || $_FILES['pic']['type'] =-'image/pjpeg' || $_FILES['pic']['type'] == 'image/png') { if($_FILES['pic']['size'] < 8388608) { if($_FILES['pic']['name'] != '') { //mkdir('/images/user_images/' .$user_log); $type = image_type_to_extension($_FILES['pic']['type'], true); move_uploaded_file($_FILES['pic']['tmp_name'], 'images/user_images/' .$user_log .'pp' .$type); $path = 'images/user_images/' .$user_log .'pp' .$type; } else { $path = 'images/user_images/user.jpg';} } $q2 = "UPDATE login_info SET profile_picture = '$path' WHERE user='$user_log' "; mysql_query($q2) or die(mysql_error()); } $query = " UPDATE login_info SET motto = '$mottof', about = '$aboutf', fav_books = '$booksf', fav_authors = '$authorsf', interests = '$interesrsf', random = '$randf' WHERE user='$user_log' "; mysql_query($query); echo '<h3> Profile Updated </h3>'; } $q = "SELECT * FROM login_info WHERE user='$user_log' "; $s = mysql_query($q) or die(mysql_error()); $r = mysql_fetch_assoc($s); $motto = $r['motto']; $about = $r['about']; $books= $r['fav_books']; $authors = $r['fav_authors']; $rand = $r['random']; $interests = $r['Interests']; if(isset($_GET['act'])){$red = '?p=' .$rpage ;} else {$red='?p=edit_profile';} echo" <form action='?p=edit-profile' enctype='multipart/form-data' method='post' > <label>Motto: </label> <input type='text' name='motto' value='$motto' placeholder='Motto' /> <label> About :</label> <textarea name='about' cols='40' rows='10'> $about</textarea> <label> Interests: </label> <textarea name='interests' cols='40' rows='10'> $interests </textarea> <label> Favorite Books: </label> <textarea name='books' cols='40' rows='10'> $books </textarea> <label> Favorite Authors </label> <textarea name='author' cols='40' rows='10'> $authors </textarea> <label> Random: </label> <textarea name='random' cols='40' rows='10'> $rand </textarea> "; ?> <script type='text/javascript'> function if_checked() { if($('#cur').is(':checked')) { $('#pic').attr('disabled', true); } else { $('#pic').removeAttr('disabled'); } } </script> <label> Profile Picture: </label> <input type='checkbox' name= 'current' id='cur' onchange="if_checked();" checked /> <label for='current' style='display:inline;'> Current profile picture </label> <br /> <input type='file' id='pic' name='pic' disabled="disabled" /> <br /> <input type='submit' value ='Submit' name='submit' /> </form> Ive used the function before and I havent encountered this error. Im not sure what it means. Quote Link to comment Share on other sites More sharing options...
xyph Posted May 28, 2011 Share Posted May 28, 2011 image_type_to_extension() wants an integer, recommending using the predefined constants IMAGETYPE_XXX http://www.php.net/manual/en/image.constants.php Quote Link to comment Share on other sites More sharing options...
Alex1646 Posted May 28, 2011 Author Share Posted May 28, 2011 What paramiter has the integer? Quote Link to comment Share on other sites More sharing options...
xyph Posted May 28, 2011 Share Posted May 28, 2011 string image_type_to_extension ( int $imagetype [, bool $include_dot = TRUE ] ) First one should be in integer. I don't have time to look through your entire code, but just to give you a heads up - The mime-type PHP gives is BASED on the extension of the file uploaded, and not the content. Verifying that you have the correct extension by using the image's mime-type is therefor redundant. You only need to check for extensions, unless your server executes files such as JPG/GIF/PNG etc. as if it were code. Malicious code uploaded as a JPG file should only ever output as a broken JPG, and never actually get executed. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.