Leaderboard

Yea, I usually just do something like this: $storageDir = '/wherever/you/want'; do { $name = bin2hex(random_bytes(16)); } while (file_exists($storageDir.'/'.$name)); The loop probably isn't really necessary, the chance of a collision is statistically insignificant I think, but I throw it in anyway just in case. I'll usually create a few sub-directories as well rather than literally have everything in one directory. Take the first few characters of the name and make a sub-directory based on that. For example, if the result were c6c1ce8c2bcf000daea561cbcca4a671 then I'd end up saving the file to: /wherever/you/want/c6/c1/c6c1ce8c2bcf000daea561cbcca4a671. Keeps the directory sizes more manageable just in case you need to manually browse to some file.

or you could just convert to the much simpler, better designed, and more modern pdo extension. in your previous thread, i posted an example showing what your SELECT query would look like using the pdo extension. here's what the UPDATE query in this thread would look like - $stmt = $pdo->prepare("UPDATE accounts SET userbalance = ?, totaldonationdc = ?, userlevel = ?, userexperience = ?, totaleventjoined = ? WHERE id = ?"); $stmt->execute([ $userbalance, $totaldonationdc, $userlevel, $userexperience, $totaleventjoined, $_SESSION['id'] ]); after you have made a connection using the pdo extension, converting existing msyqli based code to pdo mainly involves removing statements, copy/pasting the list of variables being bound into an array in the ->execute([...]) call, changing fetch statements (see pdo's fetch(), fetchAll() and sometimes fetchColumn()), and using differently spelled methods for things like last insert id and affected rows.

the most common cause is executing a query that returns a result set but not fetching all the data from that result set. this ties up the connection so you cannot run another query. therefore, if a query returns a result set, simply fetch all the data from the query in to an appropriately named php variable, freeing up the connection for use by other queries, then test/use that variable throughout the rest of the code.

PDO is more streamlined mysqli has result objects and statement objects depending on whether you used query() or prepare(). The methods for handling the results of these two objects are completely different. This mean two confusing sets of methods to learn. On the other hand, PDO produces objects with exactly the same methods to process the results of query() or prepare(), and usage of prepare() is itself much simpler. Some mysqli methods are only available depending on your implementation of MySql. PDO works with multiple varieties of DBMS (mysql, postgres etc). The SQL dialects may be different but your php code remains the same if you change. Having used the old mysql_* for years I originally changed to mysqli (how different could it be?) After a long while I decided I had to learn PDO in order to support others who were using it. I really wished I'd switched to it originally instead of mysqli.