¿cómo puedo cambiar el tamaño de la imagen antes o durante la carga?php cambiar el tamaño de la imagen en o antes de la carga
<?php
// Start a session for error reporting
session_start();
?>
<?php
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: index.html');
exit;
}
// *** Include the class
include("resize-class.php");
// Call our connection file
include('config.php');
// Check to see if the type of file uploaded is a valid image type
function is_valid_type($file)
{
// This is an array that holds all the valid image MIME types
$valid_types = array("image/jpg", "image/JPG", "image/jpeg", "image/bmp", "image/gif", "image/png");
if (in_array($file['type'], $valid_types))
return 1;
return 0;
}
// Just a short function that prints out the contents of an array in a manner that's easy to read
// I used this function during debugging but it serves no purpose at run time for this example
function showContents($array)
{
echo "<pre>";
print_r($array);
echo "</pre>";
}
// Set some constants
// Grab the User ID we sent from our form
$user_id = $_SESSION['username'];
$category = $_POST['category'];
// This variable is the path to the image folder where all the images are going to be stored
// Note that there is a trailing forward slash
$TARGET_PATH = "img/users/$category/$user_id/";
if (! is_dir($TARGET_PATH)) {
mkdir($TARGET_PATH, 0775, true);
}
// Get our POSTed variables
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$contact = $_POST['contact'];
$price = $_POST['price'];
$conditional = $_POST['conditional'];
$image = $_FILES['image'];
// Build our target path full string. This is where the file will be moved do
// i.e. images/picture.jpg
$TARGET_PATH .= $image['name'];
// Make sure all the fields from the form have inputs
if ($fname == "" || $lname == "" || $image['name'] == "" || $category['category'] == "" || $conditional['conditional'] == "" || $price['price'] == "")
{
$_SESSION['error'] = "All fields required";
header("Location: securedpage1.php");
exit;
}
// Check to make sure that our file is actually an image
// You check the file type instead of the extension because the extension can easily be faked
if (!is_valid_type($image))
{
$_SESSION['error'] = "You must upload a jpeg, gif, or bmp";
header("Location: securedpage1.php");
exit;
}
// Here we check to see if a file with that name already exists
// You could get past filename problems by appending a timestamp to the filename and then continuing
if (file_exists($TARGET_PATH))
{
$_SESSION['error'] = "A file with that name already exists";
header("Location: securedpage1.php");
exit;
}
// Lets attempt to move the file from its temporary directory to its new home
if (move_uploaded_file($image['tmp_name'], $TARGET_PATH))
{
// NOTE: This is where a lot of people make mistakes.
// We are *not* putting the image into the database; we are putting a reference to the file's location on the server
$imagename = $image['name'];
$sql = "insert into people (price, contact, category, username, fname, lname, expire, filename, conditional, posttime) values (:price, :contact, :category, :user_id, :fname, :lname, now() + INTERVAL 1 MONTH, :imagename, :conditional, now())";
$q = $conn->prepare($sql) or die("failed!");
$q->bindParam(':price', $price, PDO::PARAM_STR);
$q->bindParam(':contact', $contact, PDO::PARAM_STR);
$q->bindParam(':category', $category, PDO::PARAM_STR);
$q->bindParam(':user_id', $user_id, PDO::PARAM_STR);
$q->bindParam(':fname', $fname, PDO::PARAM_STR);
$q->bindParam(':lname', $lname, PDO::PARAM_STR);
$q->bindParam(':imagename', $imagename, PDO::PARAM_STR);
$q->bindParam(':conditional', $conditional, PDO::PARAM_STR);
$q->execute();
$sql1 = "UPDATE people SET firstname = (SELECT firstname FROM user WHERE username=:user_id1) WHERE username=:user_id2";
$q = $conn->prepare($sql1) or die("failed!");
$q->bindParam(':user_id1', $user_id, PDO::PARAM_STR);
$q->bindParam(':user_id2', $user_id, PDO::PARAM_STR);
$q->execute();
$sql2 = "UPDATE people SET surname = (SELECT surname FROM user WHERE username=:user_id1) WHERE username=:user_id2";
$q = $conn->prepare($sql2) or die("failed!");
$q->bindParam(':user_id1', $user_id, PDO::PARAM_STR);
$q->bindParam(':user_id2', $user_id, PDO::PARAM_STR);
$q->execute();
header("Location: success.php");
exit;
}
else
{
// A common cause of file moving failures is because of bad permissions on the directory attempting to be written to
// Make sure you chmod the directory to be writeable
$_SESSION['error'] = "Could not upload file. Check read/write permissions on the directory";
header("Location: securedpage1.php");
exit;
}
?>
Este código no es seguro. No asuma que el tipo pasado del cliente es en realidad el tipo del archivo cargado. Además, no está del todo claro lo que quieres hacer. – Brad
@Brad gracias por su respuesta, ¿cómo lo mejoraría para hacerlo más seguro? Además, este es un script de carga de imágenes, me gustaría cambiar el tamaño de la imagen si la resolución es demasiado grande. – neeko
use ['imagecopyresized'] (http://www.php.net/manual/en/function.imagecopyresized.php) para cambiar el tamaño de la imagen. – air4x