Photo Upload getimagesize() warning - filename cannot be empty

user2079024 picture user2079024 · Jul 13, 2013 · Viewed 7.8k times · Source

I've run into a conundrum and was wondering if anyone might be able to give me a straight answer. So I built a photo upload script using PHP/MySQL. Within the script photos are re-sized and given a temporary name while being uploaded. I tested it using several pictures (file size 220 KB | 960 x 720) and everything was working just fine. Then I attempted to upload several pictures from my digital camera (file size 2.47 MB | 3000 x 4000) and all of a sudden I got this error:

Warning: getimagesize() [function.getimagesize]: Filename cannot be empty in /php_parsers/photo_system.php on line 94

Warning: Cannot modify header information - headers already sent by (output started at /php_parsers/photo_system.php:94) in /php_parsers/photo_system.php on line 96

I checked stackoverflow for a post with a similar issue and came upon one however it didn't seem to apply to the scenario I'm experiencing.

Here is the applicable code for "photo_system.php". I have commented the offending lines 94 and 96. Any help/ideas you could give would be greatly appreciated!

     <?php 
     if (isset($_FILES["photo"]["name"]) && isset($_POST["gallery"])){
         $sql = "SELECT COUNT(id) FROM photos WHERE user='$log_username'";
         $query = mysqli_query($db_conx, $sql);
         $row = mysqli_fetch_row($query);
         if($row[0] > 79){
             header("location: ../message.php?msg=The system allows only 80 pictures total");
             exit();    
    }
    $gallery = preg_replace('#[^a-z 0-9,]#i', '', $_POST["gallery"]);
    $fileName = $_FILES["photo"]["name"];
    $fileTmpLoc = $_FILES["photo"]["tmp_name"];
    $fileType = $_FILES["photo"]["type"];
    $fileSize = $_FILES["photo"]["size"];
    $fileErrorMsg = $_FILES["photo"]["error"];
    $kaboom = explode(".", $fileName);
    $fileExt = end($kaboom);
    $db_file_name = date("DMjGisY")."".rand(1000,9999).".".$fileExt; // WedFeb272120452013RAND.jpg
    list($width, $height) = getimagesize($fileTmpLoc); //Offending Line 94
    if($width < 10 || $height < 10){
        header("location: ../message.php?msg=ERROR: That image has no dimensions"); //Offending Line 96
        exit(); 
    }
    if($fileSize > 4194304) {
        header("location: ../message.php?msg=ERROR: Your image file was larger than 4mb");
        exit(); 
    } else if (!preg_match("/\.(gif|jpg|png)$/i", $fileName) ) {
        header("location: ../message.php?msg=ERROR: Your image file was not jpg, gif or png type");
        exit();
    } else if ($fileErrorMsg == 1) {
        header("location: ../message.php?msg=ERROR: An unknown error occurred");
        exit();
    }
    $moveResult = move_uploaded_file($fileTmpLoc, "../user/$log_username/$db_file_name");
    if ($moveResult != true) {
        header("location: ../message.php?msg=ERROR: File upload failed");
        exit();
    }
    include_once("../php_includes/image_resize.php");
    $wmax = 800;
    $hmax = 600;
    if($width > $wmax || $height > $hmax){
        $target_file = "../user/$log_username/$db_file_name";
        $resized_file = "../user/$log_username/$db_file_name";
        img_resize($target_file, $resized_file, $wmax, $hmax, $fileExt);
    }
    $sql = "INSERT INTO photos(user, gallery, filename, uploaddate) VALUES ('$log_username','$gallery','$db_file_name',now())";
    $query = mysqli_query($db_conx, $sql);
    mysqli_close($db_conx);
    header("location: ../photos.php?u=$log_username");
    exit();
}
?><?php 
if (isset($_POST["delete"]) && $_POST["id"] != ""){
    $id = preg_replace('#[^0-9]#', '', $_POST["id"]);
    $query = mysqli_query($db_conx, "SELECT user, filename FROM photos WHERE id='$id' LIMIT 1");
    $row = mysqli_fetch_row($query);
    $user = $row[0];
    $filename = $row[1];
    if($user == $log_username){
        $picurl = "../user/$log_username/$filename"; 
        if (file_exists($picurl)) {
            unlink($picurl);
            $sql = "DELETE FROM photos WHERE id='$id' LIMIT 1";
            $query = mysqli_query($db_conx, $sql);
        }
    }
    mysqli_close($db_conx);
    echo "deleted_ok";
    exit();
}
?>

Answer

user2079024 picture user2079024 · Jul 14, 2013

OK everyone. I figured out what the issue was. Hopefully this will help someone in the future. So I checked my phpinfo() and found that upload_max_filesize was only set to 2M. I added php.ini to the directory of the offending file and included:

upload_max_filesize = 250M
post_max_size = 250M
max_execution_time = 300

date.timezone = "America/Los_Angeles"

I had to add the date.timezone because my system didn't like the fact that I didn't have it defined. Anyway this has resolved the issue.