0

I am using the following code to deliver and embed a flash file, i am using getimagesize to get the width and height of the swf but it doesn't seem to like the list part... anyone know where I'm going wrong?

<?php include($_SERVER['DOCUMENT_ROOT']."/header.php"); ?>
<h1><?php print($_GET['tag']); ?> <a href="#rl">(Related files)</a></h1>
<hr />
<div align="center">
<?php 
$project = $_GET['project'];
$file = $_GET['file'];
$tag = $_GET['tag']
list($width, $height, $type, $attr) = getimagesize("files/".$project."/".$file.".swf");  
print('<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="'.$width.'" height="'.$height.'" id="FlashID" title="'.$tag.'">');
print('<param name="movie" value="files/'.$project.'/'.$file.'.swf" />');
print('<param name="quality" value="high" />');
print('<param name="wmode" value="opaque" />');
print('<param name="swfversion" value="6.0.65.0" />');
print('<param name="expressinstall" value="/Scripts/expressInstall.swf" />');
?>
<!--[if !IE]>-->
<?php print('<object type="application/x-shockwave-flash" data="files/'.$project.'/'.$file.'.swf" width="'.$width.'" height="'.$height.'">') ?>
<!--<![endif]-->
      <param name="quality" value="high" />
      <param name="wmode" value="opaque" />
      <param name="swfversion" value="6.0.65.0" />
      <param name="expressinstall" value="/Scripts/expressInstall.swf" />
      <!-- The browser displays the following alternative content for users with Flash Player 6.0 and older. -->
      <div>
        <h4>Content on this page requires a newer version of Adobe Flash Player.</h4>
        <p><a href="http://www.adobe.com/go/getflashplayer"><img src="http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash player" /></a></p>
      </div>
<?php include($_SERVER['DOCUMENT_ROOT']."/footer.php"); ?>
      <!--[if !IE]>-->
    </object>
    <!--<![endif]-->
  </object>
<script type="text/javascript">
<!--
swfobject.registerObject("FlashID");
//-->

Improve this question
4
  • First of all I find it somewhat troubling that you're inserting GET parameters directly into a file path. That's is risky business. Commented May 27, 2011 at 8:23
  • they have already been prepared for the url on another page. Commented May 27, 2011 at 8:25
  • And yet you have no control over which parameters are used to call this page. Never trust any input that can, in any way, be modified by the user. Commented May 27, 2011 at 8:26
  • A valid point, but this project is only accessible to a select few who I can trust and need to be able to bookmark the page Commented May 27, 2011 at 8:35

1 Answer 1

Reset to default
4

$tag = $_GET['tag'] needs an ;.

It's actually pretty easy to find, as you only have one list. Check the line above: boom you nailed It!

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I can relate, happens to the best :D

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.