Jump to content

HTTP 400 Bad Request / webpage cannot be found


Scotty13
 Share

Recommended Posts

Building a photo album / upload image page in my website. I have a page that’s giving me trouble… action.php Error when I test in browser: HTTP 400 Bad Request / webpage cannot be found (highlighted below) <?phpdefine('PHPWG_ROOT_PATH','./');include_once(PHPWG_ROOT_PATH.'include/common.inc.php');// Check Access and exit when user status is not okcheck_status(ACCESS_GUEST);function guess_mime_type($ext){switch ( strtolower($ext) ){case "jpe": case "jpeg":case "jpg": $ctype="image/jpeg"; break;case "png": $ctype="image/png"; break;case "gif": $ctype="image/gif"; break;case "tiff":case "tif": $ctype="image/tiff"; break;case "txt": $ctype="text/plain"; break;case "html":case "htm": $ctype="text/html"; break;case "xml": $ctype="text/xml"; break;case "pdf": $ctype="application/pdf"; break;case "zip": $ctype="application/zip"; break;case "ogg": $ctype="application/ogg"; break;default: $ctype="application/octet-stream";}return $ctype;}function do_error( $code, $str ){set_status_header( $code );echo $str ;exit();} if (!isset($_GET['id'])or !is_numeric($_GET['id'])or !isset($_GET['part'])or !in_array($_GET['part'], array('t','e','i','h') ) ){do_error(400, 'Invalid request - id/part');}$query = 'SELECT * FROM '. IMAGES_TABLE.'WHERE id='.$_GET['id'].';';$result = pwg_query($query);$element_info = pwg_db_fetch_assoc($result);if ( empty($element_info) ){do_error(404, 'Requested id not found');}// $filter['visible_categories'] and $filter['visible_images']// are not used because it's not necessary (filter <> restriction)$query='SELECT idFROM '.CATEGORIES_TABLE.'INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON category_id = idWHERE image_id = '.$_GET['id'].''.get_sql_condition_FandF(array('forbidden_categories' => 'category_id','forbidden_images' => 'image_id',),' AND').'LIMIT 1;';if ( pwg_db_num_rows(pwg_query($query))<1 ){do_error(401, 'Access denied');}include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');$file='';switch ($_GET['part']){case 't':$file = get_thumbnail_path($element_info);break;case 'e':$file = get_element_path($element_info);break;case 'i':$file = get_image_path($element_info);break;case 'h':if ( $user['enabled_high']!='true' ){do_error(401, 'Access denied h');}$file = get_high_path($element_info);break;}if ( empty($file) ){do_error(404, 'Requested file not found');}if ($_GET['part'] == 'h') {pwg_log($_GET['id'], 'high');}else if ($_GET['part'] == 'e'){pwg_log($_GET['id'], 'other');}$http_headers = array();$ctype = null;if (!url_is_remote($file)){if ( !@is_readable($file) ){do_error(404, "Requested file not found - $file");}$http_headers[] = 'Content-Length: '.@filesize($file);if ( function_exists('mime_content_type') ){$ctype = mime_content_type($file);}$gmt_mtime = gmdate('D, d M Y H:i:s', filemtime($file)).' GMT';$http_headers[] = 'Last-Modified: '.$gmt_mtime;// following lines would indicate how the client should handle the cache/* $max_age=300;$http_headers[] = 'Expires: '.gmdate('D, d M Y H:i:s', time()+$max_age).' GMT';// HTTP/1.1 only$http_headers[] = 'Cache-Control: private, must-revalidate, max-age='.$max_age;*/if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ){set_status_header(304);foreach ($http_headers as $header){header( $header );}exit();}}if (!isset($ctype)){ // give it a guess$ctype = guess_mime_type( get_extension($file) );}$http_headers[] = 'Content-Type: '.$ctype;if (!isset($_GET['view'])){$http_headers[] = 'Content-Disposition: attachment; filename="'.$element_info['file'].'";';$http_headers[] = 'Content-Transfer-Encoding: binary';}else{$http_headers[] = 'Content-Disposition: inline; filename="'.basename($file).'";';}foreach ($http_headers as $header){header( $header );}// Looking at the safe_mode configuration for execution timeif (ini_get('safe_mode') == 0){@set_time_limit(0);}@readfile($file);?>

Link to comment
Share on other sites

well, it's in a conditional doing a couple of checks on $_GET['id'] and $_GET'part']. Have you done any debugging to determine which of those checks are failing?

Edited by thescientist
Link to comment
Share on other sites

It doesn't matter where you got the code from, you still can debug it. You have a condition there, you have to see why the condition is evaluating to true and the way to do that is to look at the values that the involved variables have.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...