Show image with PHP (error)?

Discussion in 'Programming/Scripts' started by edge, Jun 5, 2007.

  1. edge

    edge Active Member Moderator

    Someone here who might be able to tell me why this does not work.

    echo "<hr>\n";
    "<img src=\"images.php?fl=1.jpg\" />\n";
    "<img src=\"images.php?fl=2.gif\" />\n";
    "<img src=\"images.php?fl=3.gif\" />\n";
    "<img src=\"images.php?fl=4.jpg\" />\n";
    The strange thing is that image 1.jpg, 2.gif and 3.gif showup okay, but 4.jpg does not.

    Image 1 = 28 KB
    Image 2 = 128 KB
    Image 3 = 23 KB
    Image 4 = 725 KB

    When I try to load image 4 this way: http://domain.tld/images.php?fl=4.jpg I get an error: Parse error: syntax error, unexpected '%' in /var/www/web6/web/4.jpg on line 205

    Hmm line 205?? The script does not have than many lines!
    (http://domain.tld/4.jpg is working fine)

    When I call all the other (smaller) images with http://domain.tld/images.php?fl=... all is working fine!

    Anyone here who can enlighten me on this "error"?
  2. falko

    falko Super Moderator ISPConfig Developer

    I think PHP tries to interprete 4.jpg as a script. You could try to use file_get_contents() to read the file and then pass it to the browser instead of using include(). Maybe you also need to set headers so that it's clear for the browser that it's an image.
  3. sjau

    sjau Local Meanie Moderator

    You have to add a content header according to the image file in the image.php:


    header ("Content-type: image/png");
  4. edge

    edge Active Member Moderator

    Yes I found this info some days ago, but why does it work (without the "Content-type") for some images, and does it not work for others?
  5. Ben

    Ben ISPConfig Developer ISPConfig Developer

    Very bad code! Pls check where $_REQUEST["fl"] points to and restrict it to onyl one directory or the ones you need.... e.g. with the forgotten header you could easily export /etc/passwd or anything. Maybe safe-mode / open_basedir might help, but that's not reason for implementing such this way ;)

    Regarding the last question, maybe the browser interprets the files without header per default to any other imagetype or is able to recognize the appropriate mime-type in some cases.

    As falko mentioned I also would make use of file_get_contents e.g. instead of include.
  6. edge

    edge Active Member Moderator

    Hi Ben,

    The code shown, was only as demo. For simplicity I removed all the extra stuff.

    I did solve the problem with "Content-type", but I'll have a look at the "file_get_contents" too.

    Thank you for your reply.

Share This Page