[PHP] My sort of gallery project.

The end result: cuteness.pie-designs.net

It's a really basic gallery, but I'm happy with the end result. I'll share all the scripts I used (Which are all coded by me, with a little help of the members at coders' paradise) When I finish with tweaking and cleaning them up.

Things what this project features:
- Automatic table generation.
- Upload script (SQL injection protected, abuse protected)
- Reply system (SQL injection protected, a little abuse protected.)
- Image display through lightbox.

What I would like the project to have in the future:
- Admin panel (90% done)
- A harder to abuse reply system (100% done, thanks to Daevius)
- A less memory hogging table system (60% done)

Nice, I like the layout, as I replied on your site ;)

But the text in Home/About/News doesn't really fit with the design...as well as the replies...it just needs some styling like font and colour ;).

Suggestion: make a script that will generate a thumbnail when you upload a new comic, and display that thumbnail in the table...will be much faster to load and not as pixel as it is now.

PHP Code:

---

function resize($path)
{
    list($width, $height, $type) = getimagesize($path);
        $new_width = 100;
        $new_height = 100;

    $im = imagecreatetruecolor($new_width, $new_height);
        
        $filename = "name-this-whatever-you-want";
    switch ($type)
    {
        case 1:
        {
            $image = imagecreatefromgif($path);
            imagecopyresampled($im, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
            imagegif($im, $filename);
            break;
        }
        case 2:
        {
            $image = imagecreatefromjpeg($path);
            imagecopyresampled($im, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
            imagejpeg($im, $filename, 100);
            break;
        }
        case 3:
        {
            $image = imagecreatefrompng($path);
            imagecopyresampled($im, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
            imagepng($im, $filename);
            break;
        }
        default:
        { return false; }
    }
} 


---

Might not be fully correct, but I just copy-pasted it and modified it here...

For the captcha, I use this:

PHP Code:

---

mysql_connect('localhost', [username], [password]) or exit('Error!');
mysql_select_db([database]) or exit('Error!');

$width = 160;
$height = 40;
$characters = 4;
$font_size = 12;

$im = imagecreate($width, $height);
$bg = imagecolorallocate($im, 0, 0, 0);

$character_array = array("A", "B", "C", "D", "E", "F", "G", "H", "J", "K", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z");
$i = 0;
while ($i<3)
{
    imageline($im, rand(0, 8), rand(0, $height), ($width-rand(0, 8)), rand(0, $height), imagecolorallocate($im, rand(95, 159), rand(95, 159), rand(95, 159)));
    $i++;
}

$total_string = "";
$i=0;
while ($i<$characters)
{    
    $string = $character_array[rand(0, (count($character_array)-1))];
    $total_string .= $string;
    $textcolor = imagecolorallocate($im, rand(127, 255), rand(127, 255), rand(127, 255));
    imagestring($im, 5, rand((((($width)/$characters)*$i)+3), ((($width/$characters)*($i+1))-16)), rand(0, ($height-20)), $string, $textcolor);
    $i++;
}

$insert = mysql_query("INSERT INTO verification VALUES ('', '".md5($total_string)."', '".$_SERVER['REMOTE_ADDR']."', '".time()."')") or exit('Error!');

header("Content-type: image/png");
imagepng($im);
imagedestroy($im); 


---

Verification table looks like this:

Code:

---

CREATE TABLE `verification` (
  `verify_id` INT UNSIGNED NOT NULL AUTO_INCREMENT,
  `code` CHAR(32) NOT NULL,
  `ip_address` CHAR(32) NOT NULL,
  `time` INT UNSIGNED NOT NULL,
  PRIMARY KEY (`verify_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ;

---

Than for checking I use this:

PHP Code:

---

$code = false;
                $_POST['code'] = strtoupper($_POST['code']);        
        if (empty($_POST['code']))
        {
            $error[] = 'You must fill in the <b>security code</b>.';
        }
        elseif (!ereg("^[A-Z]{5}$", $_POST['code']))
        {
            $error[] = 'The <b>security code</b> does not match the code shown in the image.';
        }
        else
        {
                        mysql_query("DELETE FROM verification WHERE ip_address = '".$_SERVER['REMOTE_ADDR']."' OR time <= '".(time()-(60*60))."'");
            $select = mysql_query("SELECT code FROM verification WHERE code = '".md5($_POST['code'])."' AND ip_address = '".$_SERVER['REMOTE_ADDR']."' AND time > '".(time()-(60*60))."' LIMIT 1", 'code');                    
            if (!mysql_num_rows($select))
            {
                $error[] = 'The <b>security code</b> does not match the code shown in the image.';
            }
            else { $code = true; }
        }

if ($code)
{
    echo 'code was alright';
}
else
{
    echo 'oops';
    foreach($error as $single_error)
    {
        echo $single_error.'<br>';
    }
} 


---

Hope this helps a bit ;)

I get a weird ass error using your image generating code: cuteness.pie-designs.net

line 46: header("Content-type: image/png");

Captcha should be used like this:

Save the script as captcha.php
In your reply script add <img src="captcha.php">

Be sure there is not HTML at all in captcha.php, just the script with <?php in front and ?> at the end...no more.

cuteness.pie-designs.net
When I press submit I get these errors:

Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /customers/pie-designs.net/pie-designs.net/httpd.www/cuteness/reply.php on line 61

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /customers/pie-designs.net/pie-designs.net/httpd.www/cuteness/reply.php on line 62

The security code does not match the code shown in the image.

Which is weird, because I did put in the correct code. :eh:

line 61 and 62

PHP Code:

---

            $select = mysql_query("SELECT code FROM verification WHERE code = '".md5($_POST['code'])."' AND ip_address = '".$_SERVER['REMOTE_ADDR']."' AND time > '".(time()-(60*60))."' LIMIT 1", 'code');                    
            if (!mysql_num_rows($select)) 


---

Sorry, I use a class for this but changed it into non-class-using script, and I forgot to delete 'code' at the end of the sql query.

Should be:
$select = mysql_query("SELECT code FROM verification WHERE code = '".md5($_POST['code'])."' AND ip_address = '".$_SERVER['REMOTE_ADDR']."' AND time > '".(time()-(60*60))."' LIMIT 1");

Ah That fixed those two errors. Still, even if I put in the good security code, it still echoes "wrong security code". As you can see here: cuteness.pie-designs.net I stripped out all of my own code. But it still doesn't work properly. :sad:

Omg, I was really too lazy to validate if the script would work lol.

$select = mysql_query("SELECT code FROM verification WHERE code = '".md5($_POST['code'])."' AND ip_address = '".$_SERVER['REMOTE_ADDR']."' AND time > '".(time()-(60*60))."' LIMIT 1");
mysql_query("DELETE FROM verification WHERE ip_address = '".$_SERVER['REMOTE_ADDR']."' OR time <= '".(time()-(60*60))."'");

Just switch the sequence of those queries.

Sorry, I though switching them would make it a better script (for the time thingy) but the time is already checking in the select query...I must've been drunk lol.

http://imgs.xkcd.com/comics/ballmer_peak.png

Keep drinking you'll get there. :tongue:

EDIT: Did images just get turned off?!

Lol, nice picture ^^,

What images?

Those O.o [*img][*/img]

Btw, I put it this way:

PHP Code:

---

        $select = mysql_query("SELECT code FROM verification WHERE code = '".md5($_POST['code'])."' AND ip_address = '".$_SERVER['REMOTE_ADDR']."' AND time > '".(time()-(60*60))."' LIMIT 1");
                        mysql_query("DELETE FROM verification WHERE ip_address = '".$_SERVER['REMOTE_ADDR']."' OR time <= '".(time()-(60*60))."'"); 


---

And it still doesn't work, cuteness.pie-designs.net