I can't see a image on site after I upload it

Someone please tell me what’s going on here ( user: user@yahoo.com, pass: user ).
The server’s owner told me that he didn’t touch the server these days. After I upload a image I can’t see it on “my gallery” page. A few days ago everything was ok, but not today.
So, if someone sees a mistake please tell me where is.
Thank you.

I tried, but nothing. I didn’t touch any other file, but only “gallery.php”, before the system “crashed”.

Change…


if (!file_exists($location)) {

To…


if (!is_readable($location)) {

and re-test, preferably echo'ing out the $location var too. :slight_smile:

Post up files.php for me please. :wink:

Yes, we use re-write rules. I didn’t touch that file.

This is the gallery.php file:


<?php
require_once '../config.php';
require_login();

$conditions = array('d.paid = 1');
$title = 'Design Gallery';
if(has_role('designer')) {
        $title = 'My Design Gallery';
	$conditions[] = 'd.designer_id = '.$_SESSION['uid'];
} else if(has_role('client')) {    
    $conditions[] = 'd.designer_id = descom.userid';

    $conditions[] = 'descom.companyid = (SELECT companyid FROM user_company AS ucom WHERE ucom.userid = '.$_SESSION['uid'].')';
} else if(has_role('admin')) {
    $conditions[] = 'd.designer_id = des.id';
} else if(has_role('company_admin')) {
    $conditions[] = 'd.designer_id = '.$_SESSION['uid'];
}

if (isset($_POST['search'])) {
	$s_category = new submitted_data($_POST['cat']);
	$s_subcategory = new submitted_data($_POST['subcat']);
	$s_keywords = new submitted_data($_POST['keywords']);
        $s_sort = new submitted_data($_POST['sort']);
        $_POST['sort'] = stripslashes($_POST['sort']); // Make sure that the selected sort is re-selected, accounting for apostraphes.
	
	if ($s_category->has_data()) {
		$conditions[] = 'd.category = '.$s_category->escape_data();
		if($s_subcategory->has_data()) {
		    $conditions[] = 'd.subcategory = '.$s_subcategory->escape_data();
		}
	}
	if ($s_keywords->has_data()) {
		$words = explode(' ', $s_keywords->escape_data());
		$condition = '(';
		for ($i=0;$i<count($words);$i++){
			if ($i > 0){
				$condition .= ' OR ';
			}
			$condition .= 'd.description LIKE "&#37;{'.$words[$i].'}%"';
			
		}
		$condition .= ')';
		$conditions[] = $condition;
	}
	
}

$sql = 'SELECT d.* FROM design as d';
if (has_role('client')) {
    $sql = 'SELECT d.*, des.first_name AS firstname, des.last_name AS lastname FROM design as d, user as des, user_company as descom';
} else if (has_role('admin')) {
    $sql = 'SELECT d.*, des.first_name AS firstname, des.last_name AS lastname FROM design as d, user as des';
} else if (has_role('company_admin')) {
    $sql = 'SELECT d.* FROM design as d';
}


if (count($conditions) > 0){
	$sql .= ' WHERE ';
	for ($i=0;$i<count($conditions);$i++) {
		if ($i > 0){
			$sql .= ' AND ';
		}
		$sql .= $conditions[$i];
	}
}

if (isset($s_sort) && $s_sort->has_data()) {
	$sql .= ' ORDER BY ';

	switch ($s_sort->remove_escaping()) {
		case 'Number High-Low':
			$sql .= 'd.design_id DESC';
			break;
		case 'Number Low-High':
			$sql .= 'd.design_id ASC';
			break;
		case 'Date Registered New-Old':
			$sql .= 'd.reg_date DESC';
			break;
		case 'Date Registered Old-New':
			$sql .= 'd.reg_date ASC';
			break;
                case "Designer's Name A-Z":
			$sql .= 'lastname ASC, firstname ASC';
			break;
                case "Designer's Name Z-A":
			$sql .= 'lastname DESC, firstname DESC';
			break;
	}
}

$sql .= ";";

$q_designs = new query($sql);

$q_cats = new query('SELECT * FROM category'); // get an array of design categories for selection or validation
if($q_cats->execute()) {
    $cats = array();
    while ($cat = $q_cats->results_object()) {
        $cats[$cat->id] =  $cat->name;
    }
}
$subcats = array();
if(isset($s_category) && $s_category->has_data()) {
    $sql = 'SELECT * FROM subcategory WHERE parent='.$s_category->escape_data().';';
    $q_subcats = new query($sql);
    if($q_subcats->execute() && $q_subcats->found_record()) {        
        while($subcat = $q_subcats->results_object()) {
            $subcats[$subcat->id] = $subcat->name;
        }        
    } 
}
$category = new text_select_box('cat', 'Category: ', $cats, 200, NULL, NULL, false, 'load_subcats()');
$subcategory = new text_select_box('subcat', 'Subcategory: ', $subcats, 200, NULL, NULL, false);
$keywords = new text_box('keywords', 'Keywords:', 200, 50, NULL, '<small>Separate each keyword with a space</small>');
$sorts = array('Number High-Low', 'Number Low-High', 'Date Registered New-Old', 'Date Registered Old-New');
if(has_role('client') || has_role('admin')) {
    $sorts[] = "Designer's Name A-Z";
    $sorts[] = "Designer's Name Z-A";
}

$sort = new select_box('sort', 'Sort By:', $sorts, 200, 50);
$search = new submit_button('search', 'Search');

print_header($title);
print_navigation();
?>
<form action="<?= $CFG->webroot ?>/gallery" method="post" class="search">
<h2>Search by</h2>
<fieldset>
<div class="form_row" id="category_select"><?= $category->display() ?></div>
<div class="form_row" id="category_select"><?= $subcategory->display() ?></div>
<div class="form_row" id="keyword_input"><?= $keywords->display() ?></div>
<div class="form_row" id="sort_select"><?= $sort->display() ?></div>
<div class="form_submit"><?= $search->display() ?></div>
</fieldset>
</form>

<div class="right">
<?php 
if($q_designs->execute()) {
	echo '<h1>Found '.$q_designs->num_records().' designs</h1>';
	while($design = $q_designs->results_object()) {
		?>
		<div class="design">
			<a href="<?= $CFG->webroot ?>/design/<?= $design->design_id ?>"><img src="<?= $CFG->webroot ?>/file/<?= $design->design_id ?>.jpg" width="140" /></a>
			<p><strong>Design Number <?= $design->design_id ?></strong>
			<?= htmlspecialchars($design->description) ?></p>
			<?php
                        if(has_role('client') || has_role('admin')) {
                            echo '<p>By '.$design->firstname.' '.$design->lastname.'</p>';
                        }
				if (isset($_SESSION['uid']) || isset($_SESSION['aid'])) {
					echo '<div><a href="#" onclick="delconf('.$design->design_id.')" class="delete">Remove this design</a></div>';
				}
			?>
		</div>
		<?php
	}
	?></div><?php
} else {
	echo mysql_error();
}
print_footer();
?>

and here are the rules:

RewriteEngine On
  RewriteLog    /var/log/httpd/rewrite.log
  RewriteLogLevel 0
  RewriteCond %{HTTP_HOST} ^www\\.(.+)$ [NC]
  RewriteRule ^(.*)$ http://%1$1 [R=301,L] 
  RewriteRule ^/file/([\\d]+\\.[\\w]+)/?$ /files.php?a=$1 [L]
 RewriteRule ^(http|https|ftp)\\://[a-zA-Z0-9\\-\\.]+\\.[a-zA-Z]{2,3}/(([\\w\\d]+)/?(([\\w\\d]+)/?(([\\w\\d]+)/?(([\\w\\d]+)/?)?)?)?)?$ /pages/$1.php?a=$3&b=$5&c=$7&d=$9 [L] 

The problem lies server-side, we cannot check without seeing your code.

However, it does appear you’re using PHP to read and display the gallery image, this is failing.

Do you have a re-write rule in place for http://staging.pyd.mobileimpossible.com/file/107.jpg ?

Check the permissions on the uploaded images, maybe the script which proxies this request cannot read the image.


<?php
require_once 'config.php';
// Check they are logged in. If they aren't, stop right there.
if (!isset($_SESSION['uid'])) {
	die('You are not logged in!');
}

$file = $_GET['a'];
$id = new submitted_data(substr($file, 0, strpos($file, '.')+1));
$q_design = new query('SELECT * FROM design WHERE design_id = '.$id->escape_data().';');
if($q_design->execute()) {
	$design = $q_design->results_object();
	if(has_role('designer')) {
        if($design->designer_id != $_SESSION['uid']) {
    	    $_SESSION['msg'] = 'You don\\'t have permission to access this file';
    		header('Location: '.$CFG->webroot.'/pages/designer.php');
    		exit();
    	}
	} else if (has_role('client')) {
	    $q_company = new query('SELECT * from user_company WHERE userid = '.$_SESSION['uid'].';');	    
	    if($q_company->execute() && $q_company->found_record()) {
	        $company = $q_company->results_object();
	        if(!with_company($company->companyid, $design->designer_id)) {
	            $_SESSION['msg'] = 'You don\\'t have permission to access this file';
        		header('Location: '.$CFG->webroot.'/pages/client.php');
        		exit();
	        } 
	    }
	}
}

// Get the file they have requested.
$ext = substr($file, strpos($file, '.')+1);
if ($ext == 'jpg') {
	$type = 'image/jpeg';
} else if (in_array($ext, $CFG->types)) {
	foreach($CFG->types as $mime => $extension) {
      if ($ext == $extension) {
        $type = $mime;
      }
    }
} else {
	die('The file you requested doesn\\'t exist!');
}

$location = $CFG->filepath.'/'.$file;

// Check the file exists. If it doesn't, exit.
if (!file_exists($location)) {
	die('The file you requested could not be found.');
}

// Set headers so the browser believes it's downloading a PDF file
header('Content-type: '.$type);
if ($ext == 'jpg') {
	header('Content-Disposition: inline; filename='.$file);
} else {
	header('Content-Disposition: attachment; filename='.$file);
}
$filesize = filesize($location);
header('Content-Length: '.$filesize);

// Read the file and output it to the browser
readfile($location);

?>

Encounter problems, directly to service providers to you to solve, because they must serve you