//
you're reading...
Hacking / Counter Intelligence, Predictive Analytics, Source Code, Tips

Tracking Website Visitors Pt4: Uploading Image to MySql

/tracker/upload_image.php

<?php
include("db.inc");

if (isset($_FILES['image']) && $_FILES['image']['size'] > 0) { 

	// Temporary file name stored on the server
	$tmpName  = $_FILES['image']['tmp_name'];  
	
	// Read the file 
	$fp      = fopen($tmpName, 'r');
	$data = fread($fp, filesize($tmpName));
	$data = addslashes($data);
	fclose($fp);
	
	$characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
	$random_string_length = 6;
	$string = '';
	for ($i = 0; $i < $random_string_length; $i++) 
	{
		$string .= $characters[rand(0, strlen($characters) - 1)];
	}
	
	// Create the query and insert
	// into our database.
	$sql = "INSERT INTO tracker_images ";
	$sql .= "(image_key, image) VALUES ('$string', '$data')";
	$results = mysql_query($sql, $con);
	
	// Print results
	print "Thank you, your file has been uploaded. image path:<br/>http://" .$_SERVER['HTTP_HOST']. "/" . $string . ".png<br/>";
	print "<a href=\"http://" .$_SERVER['HTTP_HOST']. "/tracker/status.php?id=" . $string ."\" >" .$_SERVER['HTTP_HOST']. "/tracker/status.php?id=" . $string ."</a><br/>";
    print "<img src=\"http://" .$_SERVER['HTTP_HOST']. "/" . $string . ".png\" />";
}
else {
   print "No image selected/uploaded";
}

// Close our MySQL Link
mysql_close($con);
?>

<form enctype="multipart/form-data" action="upload_image.php" method="post" name="changer">
<input name="MAX_FILE_SIZE" value="102400" type="hidden">
<input name="image" accept="image/jpeg" type="file">
<input value="Submit" type="submit">
</form>
  1. Tracking Website Visitors Pt1: Masking Image Requests
  2. Tracking Website Visitors Pt2: Returning Image From Database
  3. Tracking Website Visitors Pt3: Returning Tracking Information
  4. Tracking Website Visitors Pt4: Uploading Image to MySql
  5. Tracking Website Visitors Pt5: Installation Script
Advertisements

About Pythorian

Exploration and Production oriented security consultant for securing IT infrastructures relating to natural resources.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: