Uploader Down ?

[waynet1]

It says "r57.biz" when opened.

[Jeremy]

It appears to be working for me.

[Jeremy]

Try this link instead of the one you're using: http://e28-535i.com/upload/ubr_file_upload.php

If I use http://e28-535i.com/upload/ I get the same results as you.

[waynet1]

Yup. link you just supplied works. Link in the FAQ topic doesn't.

[mooseheadm5]

Thanks, fixed the links in the FAQ.

[waynet1]

Thanks for the speedy repair.
As always, a big thanks to KillerPM for hosting such a great tool for the site.

[Jeremy]

I forgot to update this, but both the old link and newer link are operational now. All is fixed.

[waynet1]

Since the introduction of the new forum software, I have been having intermittent issues with the uploader. Even though the file format is exactly as it needs to be, it still tells me "error" with the name format. Nothing in the name that I se is wrong. Try changing it, even though it is fine, and still wont download. Never had this issue before. Extremely frustrating.

[Jeremy]

Since the introduction of the new forum software, I have been having intermittent issues with the uploader. Even though the file format is exactly as it needs to be, it still tells me "error" with the name format. Nothing in the name that I se is wrong. Try changing it, even though it is fine, and still wont download. Never had this issue before. Extremely frustrating.

For the record, the uploader has precisely zero relationship to the new forum software. Just because you might not like the new forum doesn't mean it's to blame.

What's the exact file name that's giving you issues?

[waynet1]

Since the introduction of the new forum software, I have been having intermittent issues with the uploader. Even though the file format is exactly as it needs to be, it still tells me "error" with the name format. Nothing in the name that I se is wrong. Try changing it, even though it is fine, and still wont download. Never had this issue before. Extremely frustrating.

For the record, the uploader exactly relationship to the new forum software. Just because you might not like it doesn't mean it's to blame.

Only thing I don't like is the fact I'm having issues with uploading pics. I'm not using or doing anything different that I can possibly figure out. I have checked, changed, renamed, reformatted, nothing seems to matter.
PM me your email address and I will gladly send you the file(s) I am attempting to upload so you might find something I must be missing.

[Jeremy]

Is there some reason you won't post the file name you're trying to use?

[waynet1]

Is there some reason you won't post the file name you're trying to use?

t.jepeg
t.jpeg

[Jeremy]

It's basic troubleshooting. You've got to tell us what triggered the result you're getting. If it can't be replicated it's referred to as a PEBKAC error and we'd know exactly where the problem was.

I'm basically trying to drag information out of you so Pete knows what to look for when he checks in. Blaming the forum software and rolling your eyes at me like you're a petulant 4 year old as I try to help in what capacity I can doesn't exactly make me want to go out of my way to assist.

[waynet1]

First, I happen to be in an extremely bad mood, having a really bad day in general. I apologize for being snappy.
I'm well aware of what it takes to be able to troubleshoot crap like this, which is why I asked for your email address, so I could send you exactly what I am attempting to upload. It's nothing different then what I have been doing all along.
I'm also well aware that the problem may be in the chair, however there is nothing that I can see in the file name after selecting it for upload that should or should not be in it.

T-Copy.jpeg

^There it is, copied and pasted directly from the uploader as it was displayed in the upload list area.

I made a typo when I typed the 'jepeg' in the last response. There was never an "e" after the "j".

[tig]

Rename the file to t.jpg.

I bet Pete doesn't like .jpeg.

[waynet1]

Rename the file to t.jpg.

I bet Pete doesn't like .jpeg.

BINGO !

Something changed somewhere though. All my stuff is "JPEG' and has always been. I can't find a way to change it to just "JPG". I had to change it to a "GIF".

[KillerPM]

Checking in.

I will see if I can tweak the regex to allow four letter extensions.

Here is the regex condition I am using server side and client side to protect the uploader:

^[a-zA-Z0-9\-\_][^php]+[a-zA-Z0-9\-\_\.][^php]+[a-zA-Z0-9\-\_][^php]$

The goal of this regex statement is to protect the uploader from files that are named like this "somefile.php.jpg". I had to put a few layers in place to make the server not process stuff like that.

I kind of suck at regex expressions so it might take a bit.

[KillerPM]

Checking in.

I will see if I can tweak the regex to allow four letter extensions.

Here is the regex condition I am using server side and client side to protect the uploader:

^[a-zA-Z0-9\-\_][^php]+[a-zA-Z0-9\-\_\.][^php]+[a-zA-Z0-9\-\_][^php]$

The goal of this regex statement is to protect the uploader from files that are named like this "somefile.php.jpg". I had to put a few layers in place to make the server not process stuff like that.

I kind of suck at regex expressions so it might take a bit.

Gah.. Its not because of 4 letter extensions, its because it has a p in it... my exception isn't matching on php exactly, its matching on the letter p or h.. I will fix it.. I just have to figure out how....

[waynet1]

^^^ That's, shall we say, a bit over my head.

Thank's very much for looking into it, and posting what you are up to. I use only your uploader to post pictures here. Great to have it. Thanks again.

[KillerPM]

I am having a bit of a hard time figuring this one out.

My knowledge of Regex is pretty slim. I think I am trying to make it do something that it shouldn't be doing.

Here is the best I could come up with but then it doesn't check for file structure properly:

^((?!php)(?=[a-zA-Z0-9\-\_]+[a-zA-Z0-9\-\_\.]+[a-zA-Z0-9\-\_])*[\s\S])*$

Anyone here know regex and can help me validate a file name that doesn't have php anywhere in it?

[jodystevens]

Yes that works as long as the file name doesn't have PHP in it anywhere including filename, extensions etc.

[demetk]

Can't you just use ".php." as your search string?

[jodystevens]

Eh, doesn't quite work like that.

You could do something like;

^.+\.(([pP][hH][pP]))$

This makes it really simple because you are basically filtering out 'anyname.php'. of course this does not work for 'anyname.php.jpeg'. A better way would be to specify which files ARE allowed by checking the file signatures for allowed file types. Reular Expressions aren't a good line of defense for validating file types.

Neither of these methods are a secure or good method. There needs to be something setup to scan the files for actual content. You could name a php file, or any file for that matter, mypicture.jpeg but really the file is malicous code and not a picture at all. I'm sure there must be something like that in place already, but still doesnt hurt to say it.

[demetk]

Eh, doesn't quite work like that.

haha. I soon as I read your first word, I had to check your location.

I was wondering what language the uploader was written in and if you can run a file scan through a function call in the uploader's code.

[jodystevens]

Hahaha, I guess it gave me away...

Uploader is PHP so yes you can check the first/last bytes to verify file type or using MIME types(mime_content_type). Both of these can be faked but it is much harder than changing an extension name. getimagesize() would also be an option and probably the safest because it will return all image details in an array including the real extension(regardless of what someone changed it to).