0

Hello i have a problem. Locally (xampp local server) the image uploads just fine but it doesn't when i try it on my webiste. The GD library is activated. So thats not the issue.

html

<video id="player" width="480px" height="240px" autoplay></video> <button id="takeSnap" class="startbutton messageButton" style="display:none;">Take Snap</button> <div id="webcam"> <input type="hidden" id="uploadvalues"> <input type="hidden" id="upload_uid" value="<?php echo $sessionUid;?>" name="update_uid"> <input type="hidden" id="upload_token" value="<?php echo $sessionToken;?>" name="update_token"> <input type="hidden" id="group_id" value="<?php echo $groupID; ?>" name="group_id"> <canvas id="snapshot"></canvas> <div id="webcam_preview" style="display:none"></div>Inline Code Example Here

Javascript

captureButton.addEventListener('click', function() {
            var context = snapshot.getContext('2d');
            // Draw the video frame to the canvas.
            context.drawImage(player, 0, 0, snapshotCanvas.width, 
            snapshotCanvas.height);
            //start webcam upload
            var webcamURL=apiBaseUrl+'api/webcamImageCreate';
            var canvas = document.getElementById('snapshot');
            $.post(webcamURL, {uid:uid, token:token,group_id:groupID, type: "data", image: canvas.toDataURL("image/png")},
            function(data)
            {
            if(data)
            {

             var values=$("#uploadvalues").val();
            $("#webcam_preview").prepend(data);
            var X=$('.webcam_preview').attr('id');
            if($.trim(values).length>0)
            {
            var Z= X+','+values;   
            }
            else
            {
            var Z= X;  
            }

            if(Z!='undefined,')
            {
            $("#uploadvalues").val(Z);
            }
            document.getElementById("noDisplayTakeSnap").style.display="block";
            var canvas = document.getElementById('snapshot');
            var context = canvas.getContext('2d');
            context.clear();
        }

PHP (webcamImageCreate)

function webcamImageCreate()
{
    $request = \Slim\Slim::getInstance()->request();
    $x = $request->post();
    $uid=$_POST['uid'];
    $token=$_POST['token'];
    $group_id=$_POST['group_id'];
    try
    {
        $key=md5(SITE_KEY.$uid);

    if($key==$token)
    {
    $invalid = "iVBORw0KGgoAAAANSUhEUgAAAUAAAADwCAYAAABxLb1rAAAG+UlEQVR4Xu3UgREAIAgDMdl/aPFc48MGTbnOfXccAQIEggJjAIOti0yAwBcwgB6BAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToCAAfQDBAhkBQxgtnrBCRAwgH6AAIGsgAHMVi84AQIG0A8QIJAVMIDZ6gUnQMAA+gECBLICBjBbveAECBhAP0CAQFbAAGarF5wAAQPoBwgQyAoYwGz1ghMgYAD9AAECWQEDmK1ecAIEDKAfIEAgK2AAs9ULToDAAoCVvV4Lh4uLAAAAAElFTkSuQmCC";

    **echo  $_POST['image']; exit;** i tried that to see if it returns the $_POST. IT DOES!!!
    if ($_POST['type'] == "pixel") 
    {
        $image = $_POST['image'];
        $filter_image = str_replace("data:image/png;base64,", "", $image);
        // input is in format 1,2,3...|1,2,3...|...
        if($filter_image == $invalid)
            {
                $im = "";
                echo "false";
            }
        else
        {
            $im = imagecreatetruecolor(320, 240);
            foreach (explode("|", $_POST['image']) as $y => $csv) {
                foreach (explode(";", $csv) as $x => $color) {
                    imagesetpixel($im, $x, $y, $color);
                }
            }
        }
    } 

    else {

        // input is in format: data:image/png;base64,...
        $image = $_POST['image'];
        $filter_image = str_replace("data:image/png;base64,", "", $image);

        if($filter_image == $invalid)
            {
                $im = "";
                echo "false";
            }
        else
            $im = imagecreatefromjpeg($_POST['image']);
    }

    if($im)
    {
        $filename=time().$uid.".jpg";
        if(empty($conversationImage))
        {
            $conversationImage='';
        }
        internalImageUpload($uid,$filename,$group_id,$conversationImage);
        //imagejpeg($im);

        $upload_path='../'.UPLOAD_PATH;
        imagejpeg($im, $upload_path.$filename);
        $imageID=internalGetUploadImage($uid,$filename);
        $fullImagePath=BASE_URL.UPLOAD_PATH.$filename;
        //echo '{"webcam": [{"imageName":"'.$fullImagePath.'", "imageID":"'.$imageID[0]->id.'" }]}';
        imagedestroy($im);
        echo "<img src='".$fullImagePath."'  class='webcam_preview' id='".$imageID[0]->id."'/>";
    }

}

}
2
Contributors
12
Replies
96
Views
3 Weeks
Discussion Span
Last Post by cereal
Featured Replies
  • 3
    cereal 1,419   2 Weeks Ago

    Okay, I got it to work, the JS function will export the canvas contents to PNG: snapshot.toDataURL('image/png') so, what you get in`$_POST['image']` is a base64 encoded blob. All you need to do is to remove the `data:image/png;base64,` part, as you were doing, decode the remaining string and save it to … Read More

  • 1
    cereal 1,419   2 Weeks Ago

    However `internalImageUpload()` writes only to the database. Instead, it's in: imagejpeg($im, $upload_path.$filename); I overlooked that, and yes by defining a second parameter you would save the resource loaded into $im. However you cannot inject (as far as I know) the contents from $_POST['image'] to $im. Try something like this: <?php … Read More

0

I think that the problem is that it doesnt returns $im i put an echo after if($im) and it returns nothing. Any clue?

0

Hmm, what kind of input do you expect in $_POST['image']?

Because imagecreatefromjpeg() expects a string to be used like a file name. You are submitting $_POST['image'] instead, which it appears to be a base64 encoded string, and from the previous PHP code, it seems it should be a list of PNG image blobs.

At line 20 you have:

$filter_image = str_replace("data:image/png;base64,", "", $image);

But in the loop you refer again to $_POST['image'] so when you explode by the pipe and semi-colon chars, in practice you end up with:

$x[] = 'data:image/png';
$x[] = 'base64,HEX_STRING';

i.e. two strings that cannot be decoded by base64_decode() which, by the side, is not used in your code.

The imagesetpixel() function, instead expects an integer for the $color argument... and here I get lost because I don't understand anymore what should be the contents of $_POST['image'].

0

Yes @cereal that was my mistake. I changed imagecreatefrompng to imagecreatefromjpeg to see if am getting any errors

I dont know what input i expect when the camera takes a snap. It worked fine locally the problem is on the $im variable. What should ido

else {

            // input is in format: data:image/png;base64,...
            $image = $_POST['image'];
            $filter_image = str_replace("data:image/png;base64,", "", $image);

            if($filter_image == $invalid)
                {
                    $im = "";
                    echo "false";
                }
            else
                $im = imagecreatefrompng($_POST['image']);
        }

Edited by SimonIoa

3

Okay, I got it to work, the JS function will export the canvas contents to PNG:

snapshot.toDataURL('image/png')

so, what you get in$_POST['image'] is a base64 encoded blob. All you need to do is to remove the data:image/png;base64, part, as you were doing, decode the remaining string and save it to a file, at basic:

$needle      = $_POST['image'];
$haystack    = 'data:image/png;base64,';
$png_blob    = substr($needle, mb_stripos($needle, $haystack) + mb_strlen($haystack));
$destination = __DIR__ . '/image.png';

file_put_contents($destination, base64_decode($png_blob));

So if $needle is data:image/png;base64,AAA..., $png_blob will be AAA. You don't need the GD functions unless you want to test if the resulting file is really a PNG and not a script.

Full test:

<!DOCTYPE html>
<html>
<head>
    <title>Capture</title>
</head>
<body>

    <video id="player" width="480px" height="240px" autoplay="true"></video>
    <button id="takeSnap" class="startbutton messageButton">Take Snap</button>

    <div id="webcam">
        <input type="hidden" id="uploadvalues">
        <canvas id="snapshot"></canvas>
        <div id="webcam_preview"></div>
    </div>

    <h3>Reload to see latest snapshot</h3>
    <img src="image.png">

    <script type="text/javascript" src="https://unpkg.com/jquery@3.2.1"></script>
    <script type="text/javascript">

        var captureButton = document.getElementById('takeSnap');
        var snapshot      = document.getElementById('snapshot');
        var video         = document.getElementById('player');

        // @see https://www.kirupa.com/html5/accessing_your_webcam_in_html5.htm

        navigator.getUserMedia  = navigator.getUserMedia
                               || navigator.webkitGetUserMedia
                               || navigator.mozGetUserMedia
                               || navigator.msGetUserMedia
                               || navigator.oGetUserMedia;

        if (navigator.getUserMedia)       
            navigator.getUserMedia({video: true}, handleVideo, videoError);

        function handleVideo(stream) {
            video.src = window.URL.createObjectURL(stream);
        }

        function videoError(e) {
            // do something
        }

        captureButton.addEventListener('click', function(e)
        {
            var context = snapshot.getContext('2d');

            // Draw the video frame to the canvas.
            context.drawImage(player, 0, 0, snapshot.width, snapshot.height);

            //start webcam upload
            var webcamURL = 'post.php';

            $.post(webcamURL, {type: 'data', image: snapshot.toDataURL('image/png')}, function(data) {
                    if(data)
                    {
                        var values = $('#uploadvalues').val();

                        $('#webcam_preview').prepend(data);

                        var X = $('.webcam_preview').attr('id');

                        if ($.trim(values).length > 0)
                            var Z = X + ',' + values;

                        else
                            var Z = X;

                        if (Z != 'undefined,')
                            $('#uploadvalues').val(Z);

                        document.getElementById("noDisplayTakeSnap").style.display = 'block'; // ??
                        context.clear();
                    }});
        });
    </script>

</body>
</html>

post.php contents:

<?php

$needle   = $_POST['image'];
$haystack = 'data:image/png;base64,';
$png_blob = substr($needle, mb_stripos($needle, $haystack) + mb_strlen($haystack));

file_put_contents(__DIR__ . '/image.png', base64_decode($png_blob));

My test does not work on Firefox, you have probably already fixed this on your own, it returns a blank snapshot but this is not important at this stage.

Votes + Comments
Nice work.
Going the extra mile, again :) +1
0

Thanks cereal It works but i want to find out whats wrong with my script.

The problem is here

else $im = imagecreatefrompng($_POST['image']);

0

The point is that you cannot use $_POST['image'] that way. See the definition of imagecreatefrompng():

resource imagecreatefrompng ( string $filename )

It means it expects a string to define the filename, not the contents. Something that would work would be:

$im = imagecreatefrompng('file.png');

And from here you create a resource that will be saved into file.png, you cannot import the value of $_POST['image'] into this resource. The value in $_POST['image'] is a base64 encoded string, which once decoded is a binary blob.

Hence, you don't need that code to save the input.

For more details, take this part:

$image = $_POST['image'];
$filter_image = str_replace("data:image/png;base64,", "", $image);
// input is in format 1,2,3...|1,2,3...|...
if($filter_image == $invalid)
{
    $im = "";
    echo "false";
}
else
{
    $im = imagecreatetruecolor(320, 240);
    foreach (explode("|", $_POST['image']) as $y => $csv) {
        foreach (explode(";", $csv) as $x => $color) {
            imagesetpixel($im, $x, $y, $color);
        }
    }
}

the comment says the expected format is: 1,2,3...|1,2,3...|... but it is not like this, it is something like:

data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKAQMAAAC3/F3+AAAABGdBTUEAAYagMeiWXwAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABlBMVEUA///+/v7eZjVAAAAAAWJLR0QB/wIt3gAAAAd0SU1FB+EIAQ0VMIC0C8gAAAALSURBVAjXY2DABwAAHgABboVHMgAAAABJRU5ErkJggg==

Which, decoded with my post.php script, produces a 10x10 cyan PNG image. Call it a.png.

The IF statement: if($filter_image == $invalid) is trying to compare an hardcoded blank blob to what is received by $_POST, to make sure it's not an empty snapshot. This can easily fail because the PNG specification allows to set a tIME value everytime the file is modified (or created), in practice some softwares as Gimp and in some cases ImageMagick, will add it and even if you produce the same image the hash digest will differ.

As example, this is the digest for a second identical image (b.png):

data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKAQMAAAC3/F3+AAAABGdBTUEAAYagMeiWXwAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABlBMVEUA///+/v7eZjVAAAAAAWJLR0QB/wIt3gAAAAd0SU1FB+EIAQ0VNIfZz9EAAAALSURBVAjXY2DABwAAHgABboVHMgAAAABJRU5ErkJggg==

Here is the hexdump of both files and a comparison:

» hexdump -C a.png
00000000  89 50 4e 47 0d 0a 1a 0a  00 00 00 0d 49 48 44 52  |.PNG........IHDR|
00000010  00 00 00 0a 00 00 00 0a  01 03 00 00 00 b7 fc 5d  |...............]|
00000020  fe 00 00 00 04 67 41 4d  41 00 01 86 a0 31 e8 96  |.....gAMA....1..|
00000030  5f 00 00 00 20 63 48 52  4d 00 00 7a 26 00 00 80  |_... cHRM..z&...|
00000040  84 00 00 fa 00 00 00 80  e8 00 00 75 30 00 00 ea  |...........u0...|
00000050  60 00 00 3a 98 00 00 17  70 9c ba 51 3c 00 00 00  |`..:....p..Q<...|
00000060  06 50 4c 54 45 00 ff ff  fe fe fe de 66 35 40 00  |.PLTE.......f5@.|
00000070  00 00 01 62 4b 47 44 01  ff 02 2d de 00 00 00 07  |...bKGD...-.....|
00000080  74 49 4d 45 07 e1 08 01  0d 15 30 80 b4 0b c8 00  |tIME......0.....|  <-- differs
00000090  00 00 0b 49 44 41 54 08  d7 63 60 c0 07 00 00 1e  |...IDAT..c`.....|
000000a0  00 01 6e 85 47 32 00 00  00 00 49 45 4e 44 ae 42  |..n.G2....IEND.B|
000000b0  60 82                                             |`.|
000000b2

» hexdump -C b.png
00000000  89 50 4e 47 0d 0a 1a 0a  00 00 00 0d 49 48 44 52  |.PNG........IHDR|
00000010  00 00 00 0a 00 00 00 0a  01 03 00 00 00 b7 fc 5d  |...............]|
00000020  fe 00 00 00 04 67 41 4d  41 00 01 86 a0 31 e8 96  |.....gAMA....1..|
00000030  5f 00 00 00 20 63 48 52  4d 00 00 7a 26 00 00 80  |_... cHRM..z&...|
00000040  84 00 00 fa 00 00 00 80  e8 00 00 75 30 00 00 ea  |...........u0...|
00000050  60 00 00 3a 98 00 00 17  70 9c ba 51 3c 00 00 00  |`..:....p..Q<...|
00000060  06 50 4c 54 45 00 ff ff  fe fe fe de 66 35 40 00  |.PLTE.......f5@.|
00000070  00 00 01 62 4b 47 44 01  ff 02 2d de 00 00 00 07  |...bKGD...-.....|
00000080  74 49 4d 45 07 e1 08 01  0d 15 34 87 d9 cf d1 00  |tIME......4.....|  <-- differs
00000090  00 00 0b 49 44 41 54 08  d7 63 60 c0 07 00 00 1e  |...IDAT..c`.....|
000000a0  00 01 6e 85 47 32 00 00  00 00 49 45 4e 44 ae 42  |..n.G2....IEND.B|
000000b0  60 82                                             |`.|
000000b2

» cmp -l a.png b.png | awk '{printf "%08X %02X %02X\n", $1, strtonum(0$2), strtonum(0$3)}'
0000008B 30 34
0000008C 80 87
0000008D B4 D9
0000008E 0B CF
0000008F C8 D1

When you take a snapshot, a browser can set that value as well, so the comparison made by your IF statement can fail. And consider you can also receive a forged request that will pass the check.

The ELSE statement it seems to expect another type of input (due to $_POST['type']) so I do not comment it, but in the IF you were comparing base64 encoded strings and here instead it seems to expect a CSV. It will fail.

The remaining part of the script is based on the contents of $im:

internalImageUpload($uid,$filename,$group_id,$conversationImage);

$upload_path='../'.UPLOAD_PATH;
imagejpeg($im, $upload_path.$filename);
$imageID=internalGetUploadImage($uid,$filename);
$fullImagePath=BASE_URL.UPLOAD_PATH.$filename;
//echo '{"webcam": [{"imageName":"'.$fullImagePath.'", "imageID":"'.$imageID[0]->id.'" }]}';
imagedestroy($im);
echo "<img src='".$fullImagePath."'  class='webcam_preview' id='".$imageID[0]->id."'/>";

You use imagejpeg() to output directly to the browser and you also send a echo with the image tag. You can remove imagejpeg() and send just the image tag, or whatever you need to receive, but do not set both, as the browser will receive a blob and a string. Do something like this (not tested):

internalImageUpload($uid,$filename,$group_id,$conversationImage);

$imageID=internalGetUploadImage($uid,$filename);
$fullImagePath=BASE_URL.UPLOAD_PATH.$filename;
echo "<img src='".$fullImagePath."'  class='webcam_preview' id='".$imageID[0]->id."'/>";

In practice, once you decode and save the result to a file as shown in post.php, you just need to update the db and send back some data. Hope it helps you to understand :)

0

When i put a randon echo for $im e.g. else $im = 'some text'; it returns the $im so the problem is on the else $im = imagecreatefrompng($_POST['image']);

I changed else $im = imagecreatefrompng($_POST['image']); to else $im = $_POST['image']; it saves on database the value it returns a response on XKR console but it doesnt stores any image on the images folder

0

YES

function internalImageUpload($uid, $image,$group_id,$conversationImage)
{
    $ids = 0;
    if(empty($group_id))
    {
    $group_id='0';
    }

    $image_type=0;
    if($conversationImage)
    {
    $image_type=1;
    }

    try {

        if($uid > 0)
        {
        $db = getDB();

        if($group_id < 1 && $image_type<1)
        {
        $sql1 = "UPDATE users SET photos_count=photos_count+1 WHERE uid=:uid";
        $stmt1 = $db->prepare($sql1);
        $stmt1->bindParam("uid", $uid, PDO::PARAM_INT);
        $stmt1->execute();
        }

        $sql = "INSERT INTO user_uploads (image_path,uid_fk,group_id_fk,image_type)VALUES(:image ,:uid,:group_id,:image_type)";
        $stmt = $db->prepare($sql);
        $stmt->bindParam("image", $image, PDO::PARAM_STR);
        $stmt->bindParam("uid", $uid, PDO::PARAM_INT);
        $stmt->bindParam("image_type", $image_type,PDO::PARAM_STR);
        $stmt->bindParam("group_id", $group_id,PDO::PARAM_INT);
        $stmt->execute();
        $db = null;
        return $ids;
    }

    } catch(PDOException $e) {
        echo '{"error":{"text64":'. $e->getMessage() .'}}'; 
    }   

}
1

However internalImageUpload() writes only to the database.

Instead, it's in:

imagejpeg($im, $upload_path.$filename);

I overlooked that, and yes by defining a second parameter you would save the resource loaded into $im. However you cannot inject (as far as I know) the contents from $_POST['image'] to $im.

Try something like this:

<?php

$uid      = $_POST['uid'];
$token    = $_POST['token'];
$group_id = $_POST['group_id'];
$needle   = $_POST['image'];
$haystack = 'data:image/png;base64,';
$png_blob = substr($needle, mb_stripos($needle, $haystack) + mb_strlen($haystack));

$upload_path = '../' . UPLOAD_PATH;
$filename    = time() . $uid . '.jpg';

// save to image folder
file_put_contents($upload_path . $filename, base64_decode($png_blob));

// save to database
internalImageUpload($uid, $filename, $group_id, FALSE);

$imageID       = internalGetUploadImage($uid, $filename);
$fullImagePath = BASE_URL . UPLOAD_PATH . $filename;

echo "<img src='".$fullImagePath."'  class='webcam_preview' id='".$imageID[0]->id."'/>";

Just make sure the path is correct, that ../ in $upload_path makes me nervous :D as it would always be relative to the link in the frontend side and to the system path in the backend side.

0

Yes i fixed it. Thanks @cereal. But why $im worked loccally and it didn't worked online? Probably a server thing?

0

I honestly do not know. I don't doubt what you say, but I don't see how the original script could work with a base64 string, regardless if it was hosted locally or remote. Maybe the input was sent via the pixel $_POST['type']? In that case $im could be populated correctly.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.