Hi every one, ive been struggling with uploadify. on some pages it outputs 408 error message. The oncomplete is never called and checking the modsec_log i get this
modsec_debug.log:[09/Jul/2010:01:02:04 --0500] [www.veepiz.com/sid#118091f0][rid#1202cbe8][/pupload.php][1] Exec: Execution failed while reading output: /usr/bin/modsec-clamscan.pl (End of file found)
modsec_debug.log:[09/Jul/2010:01:02:04 --0500] [www.veepiz.com/sid#118091f0][rid#1202cbe8][/pupload.php][1] Rule processing failed.
here is my .htaccess
php_value post_max_size 300M
php_value upload_max_filesize 300M
php_value max_execution_time "360"
php_value memory_limit 512M
AddType image/x-icon .ico
# BEGIN Compress text files
<IfModule mod_deflate.c>
<FilesMatch "\.(css|js|x?html?|php)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
# END Compress text files
# BEGIN Expire headers
<IfModule mod_expires.c>
# turn on the module for this directory
ExpiresActive on
# set default
ExpiresDefault "access plus 24 hours"
# turn on the module for this directory
ExpiresActive on
# set default
ExpiresDefault "access plus 24 hours"
ExpiresByType image/jpg "access plus 1 months"
ExpiresByType image/gif "access plus 1 months"
ExpiresByType image/jpeg "access plus 1 months"
ExpiresByType image/png "access plus 1 months"
ExpiresByType text/javascript "access plus 1 months"
ExpiresByType application/javascript "access plus 1 months"
ExpiresByType application/x-shockwave-flash "access plus 1 months"
ExpiresByType text/css "access plus 10 weeks"
ExpiresByType application/x-javascript "access plus 1 weeks"
ExpiresByType text/html "access plus 1 weeks"
ExpiresByType text/php "access plus 1 weeks"
ExpiresByType application/xhtml+xml "access plus 1 weeks"
</IfModule>
# END Expire headers
# BEGIN Cache-Control Headers
<IfModule mod_headers.c>
<FilesMatch "\.(ico|jpe?g|png|gif|swf)$">
Header set Cache-Control "max-age=2419200, public"
</FilesMatch>
<FilesMatch "\.(css)$">
Header set Cache-Control "max-age=2419200, public"
</FilesMatch>
<FilesMatch "\.(js)$">
Header set Cache-Control "max-age=2419200, private"
</FilesMatch>
<FilesMatch "\.(x?html?|php)$">
Header set Cache-Control "max-age=6000, private, must-revalidate"
</FilesMatch>
</IfModule>
# END Cache-Control Headers
# BEGIN Turn ETags Off
<IfModule mod_headers.c>
Header unset ETag
</IfModule>
FileETag None
# END Turn ETags Off
# BEGIN Remove Last-Modified Header
<IfModule mod_headers.c>
Header unset Last-Modified
</IfModule>
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
and this is my uploadify start
function start_addurt()
{
$('#uploadfile').uploadify({
'uploader': 'scripts/uploadify.swf',
'script': 'pupload.php',
'fileDataName':'uploadfile',
'fileDesc':'Only Photos Allowed',
'auto':true,
'fileExt':'*.gif;*.jpg;*.png;*.jpeg',
'wmode':'transparent',
'sizeLimit':100*1024*1024,
'cancelImg': 'images/cancel.png',
onSelectOnce:function (e,q,f)
{
$('#submit').hide();
var pi=0;
c=' ';
if ($('#caption').val().length>0) c=$('#caption').val();
if ($('#profileimage').is(':checked')) pi=1;
$('#uploadfile').uploadifySettings('scriptData',{userid:<?php echo $_SESSION['userid']; ?>,selalbum:$('#selalbum :selected').val(),caption:c,submit:true,profileimage:pi});
return true;
},
onComplete:function (e,q,f,r,d){
$('#center_content_box').html(r);
system_heartbeat();
return true;
},
onError: function (a, b, c, d) {
if (d.info == 404)
alert('Could not find upload script. Use a path relative to: '+'<?= getcwd() ?>');
else
alert('error '+d.type+": "+d.info);
}
});
}
i dnt know what is causing this, can some one shed life on this for me. cannot get any errors in error.log
This is the form
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method='post' enctype='multipart/form-data'>
<table summary="none">
<tr>
<td>
Caption
</td>
<td><input id='caption' type='text' style='width:350px' name='caption'/> </td>
</tr>
<tr>
<td> Make Profile Image</td>
<td>
<input id='profileimage' <?php if (isset($_GET['profile_image'])) echo "checked=checked"; ?> type='checkbox' style="background:none" name='profileimage'/>
</td>
</tr>
<tr>
<td colspan='2'>
<small><em> * Acceptable image formats include: GIF, JPG/JPEG and PNG.
</em></small><br/>
</td>
</tr>
<tr>
<td>Media Album </td>
<td>
<select id='selalbum' name="selalbum" style='width:350px'>
<?php
$q="SELECT * FROM album WHERE ownerid=".$_SESSION['userid'];
$r=mysql_query($q);
if ($r)
{
if (mysql_num_rows($r)>0)
{
while ($ao=mysql_fetch_object($r))
{
if ($ao->id==$album)
{
echo "<option selected='selected' value='".$ao->id."'>".$ao->name."</option>";
} else
{
echo "<option value='".$ao->id."'>".$ao->name."</option>";
}
}
}
}
?>
</select>
</td>
</tr>
<tr>
<td> Upload Image/Video* </td>
<td>
<input id='uploadfile' type='file' style='width:350px' maxlength="100000000" name='uploadfile'/>
<input type='hidden' name='MAX_FILE_SIZE' value='10000000'/>
</td>
</tr>
<tr>
<td colspan='2' style='text-align: center'>
<input type='submit' id='submit' name='submit' value='Upload' />
</td>
</tr>
</table>
</form>
and below is pupload.php. which processes the image
<?php
set_time_limit(60);
require_once('config.php');
require_once('albumfuncs.php');
$userid=0;
$album=0;
if (isset($_POST['userid'])) $userid=$_POST['userid'];
if (isset($_POST['selalbum'])) $album=$_POST['selalbum'];
?>
<h2 class='posttitle-page'>Upload Photo</h2>
<?php
if (isset($_POST['submit']))
{
//make sure the uploaded file transfer was successful
if ($_FILES['uploadfile']['error'] != UPLOAD_ERR_OK)
{
switch ($_FILES['uploadfile']['error'])
{
case UPLOAD_ERR_INI_SIZE:
echo "<div style='color:red'>The uploaded file exceeds the upload_max_filesize directive 'in php.ini.'</div>";
break;
case UPLOAD_ERR_FORM_SIZE:
echo "<div style='color:red'>The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form</div>";
break;
case UPLOAD_ERR_PARTIAL:
echo "<div style='color:red'>The uploaded file was only partially uploaded.</div>";
break;
case UPLOAD_ERR_NO_FILE:
echo "<div style='color:red'>No file was uploaded.</div>";
break;
case UPLOAD_ERR_NO_TMP_DIR:
echo "<div style='color:red'>The server is missing a temporary folder.</div>";
break;
case UPLOAD_ERR_CANT_WRITE:
echo "<div style='color:red'>The server failed to write the uploaded file to disk.</div>";
break;
case UPLOAD_ERR_EXTENSION:
echo "<div style='color:red'>File upload stopped by extension.</div>";
break;
}
}
if ($_FILES['uploadfile']['error'] == UPLOAD_ERR_OK)
{
$image_caption = $_POST['caption'];
list($width, $height, $type, $attr) = getimagesize($_FILES['uploadfile']['tmp_name']);
// make sure the uploaded file is really a supported image
switch ($type)
{
case IMAGETYPE_GIF:
$image = @imagecreatefromgif($_FILES['uploadfile']['tmp_name']);
if (!$image)
{
echo "<div style='color:red'>The file you uploaded was not a supported filetype.</div>";
}
$ext = '.gif';
break;
case IMAGETYPE_JPEG:
$image = @imagecreatefromjpeg($_FILES['uploadfile']['tmp_name']);
if (!$image)
{
echo "<div style='color:red'>The file you uploaded was not a supported filetype.</div>";
}
$ext = '.jpg';
break;
case IMAGETYPE_PNG:
$image = @imagecreatefrompng($_FILES['uploadfile']['tmp_name']);
if (!$image)
{
echo "<div style='color:red'>The file you uploaded was not a supported filetype.</div>";
}
$ext = '.png';
break;
default:
echo "<div style='color:red'>The file you uploaded was not a supported filetype.</div>";
}
if ($image)
{
$profileimage=0;
if (isset($_POST['profileimage']))
{
$profileimage=$_POST['profileimage'];
if ($profileimage==1)
{
$q="UPDATE media SET profileimage=0 WHERE ownerid=".$userid;
mysql_query($q);
}
}
$q=sprintf("INSERT INTO `media` (`albumid` , `caption` , `extension` , `date`, `ownerid`,`profileimage`) ".
" VALUES (%d, '%s', '%s',%d, %d, %d)",$_POST['selalbum'],es_($_POST['caption']),$ext
,time(),$userid,$profileimage);
mysql_query($q);
$last_id=mysql_insert_id();
$imagename=getDirName($userid)."/media/".$last_id.$ext;
$q=sprintf("UPDATE media SET location='%s' WHERE id=$last_id",$imagename);
mysql_query($q);
//save notification
$q="SELECT * FROM album WHERE id=".$_POST['selalbum']." LIMIT 1";
$r=mysql_query($q);
if ($r)
{
if (mysql_num_rows($r)>0)
{
$ao=mysql_fetch_object($r);
$n_ids=$ao->n_id;
if (strlen($n_ids)==0)
{
$n_ids=array();
} else
{
$n_ids=json_decode($n_ids);
}
if (count($n_ids)>0)
{
$last_n=$n_ids[count($n_ids)-1];
$q="SELECT * FROM notifications WHERE id=$last_n LIMIT 1";
$r=mysql_query($q);
if ($r)
{
if (mysql_num_rows($r)>0)
{
$no=mysql_fetch_object($r);
if ((time()-$no->date)>3600*24)
{
$menote=" <table cellspacing='0' cellpadding='0' summary='notification'><tr><td valign='top'>updated album </td><td> <a style='margin-top:-20px' href='viewalbum.php?albumid="
. $_POST['selalbum'] . "&picid=".$last_id."' onclick=\"return viewPhoto(".$_POST['selalbum'].",".$last_id.");\">" ."<img width=45' height='45' alt='' src='".$imagename."'/>". "</a></td></tr></table>";
$q =sprintf(
"INSERT INTO `notifications` (`ownerid` , `note` , `date` ,`verb`) "
. " VALUES (%d, '%s', %d,'%s')",
$userid,
addslashes($menote),
time(),
'have');
mysql_query ($q);
$n_id =mysql_insert_id();
$n_ids[]=$n_id;
$q=sprintf("UPDATE album SET n_id='%s',date=%d WHERE id=%d",json_encode($n_ids),time(),$_POST['selalbum']);
mysql_query($q);
} else
{
$menote=" <table cellspacing='0' cellpadding='0' summary='notification'><tr><td valign='top'>updated album </td><td> <a style='margin:0px;padding:0px;border:none;margin-top:-20px' onclick=\"return viewPhoto(".$_POST['selalbum'].",".$last_id.");\" href='viewalbum.php?albumid="
. $_POST['selalbum'] . "&picid=".$last_id."'>" ."<img alt='' src='".$imagename."' width=45' height='45'/>". "</a></td></tr></table>";
$q=sprintf("UPDATE notifications SET note='%s',date=%d WHERE id=%d",addslashes($menote),time(),$last_n);
$r=mysql_query($q);
}
}
}
} else
{
$menote=" <table cellspacing='0' cellpadding='0' summary='notification'><tr><td valign='top'>updated album </td><td> <a style='margin:0px;padding:0px;border:none;margin-top:-20px' href='viewalbum.php?albumid="
. $album . "&picid=".$last_id."' onclick=\"return viewPhoto(".$album.",".$last_id.");\">" ."<img alt='' src='".$imagename."' width=45' height='45'/>". "</a></td></tr></table>";
$q =sprintf(
"INSERT INTO `notifications` (`ownerid` , `note` , `date` ,`verb`) "
. " VALUES (%d, '%s', %d,'%s')",
$userid,
addslashes($menote),
time(),
'have');
mysql_query ($q);
$n_id =mysql_insert_id();
$n_ids[]=$n_id;
$q=sprintf("UPDATE album SET n_id='%s',date=%d WHERE id=%d",json_encode($n_ids),time(),$album);
mysql_query($q);
}
}
}
$ni=new SimpleImage;
$ni->image=$image;
$ni->image_type = $type;
$ni->resizeToWidth(500);
$ni->save($imagename);
imagedestroy($image);
?>
<table style='width:510px;margin-left:auto;margin-right:auto;' cellpadding="5" cellspacing="5">
<tr>
<td style='width:180px'><b>Upload Another Photo?</b></td>
<td align="left" style=''>
<a onclick="return getPage('get_upload.php',{album:<?php echo $album;?>});" href="upload.php?album=<?php echo $album;?>" style='padding-left:18px;background: url(images/veepiz.gif) no-repeat;background-position: 0 0; width: 17px; height: 17px;border:none;'>
<b>Add Photo</b>
</a>
</td>
</tr>
<tr>
<td colspan="2">
<img alt='' style='padding:1px; border: 1px solid #CFB791;' src="<?php echo getPic($last_id,0); ?>"/>
</td>
</tr>
</table>
<?php
}
}
}
?>