Jump to content

[SOLVED] create a user specific folder for images to be uploaded into

dachshund

By dachshund
in PHP Coding Help

 Share

Recommended Posts

dachshund Regular Member

dachshund

Posted
Posted

i have an upload form where users can upload their profile/account images.

 

to keep all these ordered i'd like the upload directory to be /phptesting/images/upload/.$rows['username']/.$newfilename

 

but in order to do this the folder called 'username' needs to be created if it does not already exist.

 

is there a way to do this?

 

 



<?php

//Сheck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  //Check if the file is JPEG image and it's size is less than 350Kb
  $filename = basename($_FILES['uploaded_file']['name']);
  $ext = substr($filename, strrpos($filename, '.') + 1);
  if (($ext == "jpg") && ($_FILES["uploaded_file"]["type"] == "image/jpeg") && 
    ($_FILES["uploaded_file"]["size"] < 350000)) {

// random 4 digit to add to our file name 
// some people use date and time in stead of random digit 
$random_digit=rand(0000,9999);

//user

$userid = $_SESSION['uid'];
  $query = "SELECT * FROM users WHERE id = '$userid'";
  $result = mysql_query($query);
  $row = mysql_fetch_assoc($result);

//combine random digit to you file name to create new file name
//use dot (.) to combile these two variables

$newfilename=$random_digit.$filename;
    //Determine the path to which we want to save this file
      $newname = dirname(__FILE__).'/phptesting/images/upload/'.$newfilename;
      //Check if the file with the same name is already exists on the server
      if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
           echo "It's done! The file has been saved as: ".$newfilename;
        } else {
           echo "Error: A problem occurred during file upload!";
        }
      } else {
         echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
      }
  } else {
     echo "Error: Only .jpg images under 350Kb are accepted for upload";
  }
} else {
echo "Error: No file uploaded";
}
}
?>

dachshund Regular Member

dachshund

Posted
  • Author
Posted

ah ok.

 

where abouts should i put

 

mkdir("/phptesting/images/upload/".$username , 0700);

 

in this (register form)?

 

 


<?php
  if(!$_POST['submit'] == 'register'){
      echo "<div id=\"blanket\" style=\"display:none;\"></div>\n";
  echo "<div id=\"popUpDiv2\" style=\"display:none;\">\n";
  echo "<div id=\"close\">\n";
  echo "<a href=\"#\" onclick=\"popup('popUpDiv2')\">\n";
  echo "<img src=\"/phptesting/images/login/close.png\">\n";
  echo "</a>\n";
  echo "</div>\n";
  echo "<div id=\"loginform\">\n";
  echo "<form name=\"register\" method=\"post\" action=\"/phptesting/registered.php\">\n";
  echo "<span class=\"nameformtext\">Firt Name</span>\n";
  echo "<input name=\"firstname\" type=\"text\" class=\"formtext\" id=\"firstname\" size=\"25\">\n";
  echo "<br>\n";
  echo "<span class=\"lastnameformtext\">Last Name</span>\n";
  echo "<input name=\"lastname\" type=\"text\" class=\"formtext\" id=\"lastname\" size=\"25\">\n";
  echo "<br>\n";
  echo "<span class=\"emailformtext\">Email</span>\n";
  echo "<input name=\"email\" type=\"text\" class=\"formtext\" id=\"email\" size=\"25\">\n";
  echo "<br>\n";
  echo "<span class=\"usernameformtext\">Username</span>\n";
  echo "<input name=\"username\" type=\"text\" class=\"formtext\" id=\"username\" size=\"25\">\n";
  echo "<span class=\"password2formtext\">Password</span>\n";
  echo "<input name=\"password\" type=\"password\" class=\"formtext\" id=\"password\" size=\"19\">\n";
  echo "<br>\n";
  echo "<span class=\"confirmpasswordformtext\">Confirm Password</span>\n";
  echo "<input name=\"passconf\" type=\"password\" class=\"formtext\" id=\"passconf\" size=\"19\">\n";
  echo "<br><br>\n";
  echo "<div align=\"left\"\n";
  echo "<input type=\"submit\" name=\"submit\" class=\"loginformtext\" value=\"Submit\">\n";
  echo "</div>\n";
  echo "</div>\n";
  echo "</form>\n";
  echo "</div>\n";
  echo "<span class=\"login_text\"><a href=\"#\" onclick=\"popup('popUpDiv2')\">REGISTER</a></span>\n";
  
  }else {
  	$firstname = $_POST['firstname'];
	$lastname = $_POST['lastname'];
	$email = $_POST['email'];
	$username = $_POST['username'];
	$password = $_POST['password'];
	$passconf = $_POST['passconf'];

		if($firstname && $lastname && $email && $username && $password && $passconf){
			if(strlen($username) <= 32){
				if(strlen($username) >= 3){
					if(strlen($password) >=3){
						if($password == $passconf){
							$sql = "SELECT * FROM `users` WHERE `username`='$username'";
							$res = mysql_query($sql) or die(mysql_error());
							if (mysql_num_rows($res) ==0){
								$pass = md5($password);
								$sql2 = "INSERT INTO `users` (`firstname`, `lastname`, `email`, `username`,`password`) VALUES('$firstname', '$lastname', '$email','$username','$pass');";
								$res2 = mysql_query($sql2) or die(mysql_error());
								echo "<span class=\"login_text\">HELLO <b>$username</b>. YOU CAN NOW LOG IN.</span>\n";
							}else {
							echo "<span class=\"login_text\">SORRY. THAT USERNAME ALREADY EXISTS.</span>\n";
							}
						}else {
						echo "<span class=\"login_text\">YOUR TWO PASSWORDS DID NOT MATCH.</span>\n";
						}
					}else {
					echo "<span class=\"login_text\">YOUR PASSWORD IS TOO SHORT.</span>\n";
					}
				}else {
				echo "<span class=\"login_text\">YOUR USERNAME IS TOO SHORT.</span>\n";
				}
			}else {
			echo "<span class=\"login_text\">YOUR USERNAME IS TOO LONG.</span>\n";
			}

		}else {
		echo "<span class=\"login_text\">PLEASE SUPPLY ALL VALID FIELDS.</span>\n";
		}	
	}

?>

 

waynew Advanced Member

waynew

Posted
Posted

One note: you're not using the function is_uploaded_file(). It's a security risk to exclude that function from upload scripts.

 

Also:

 


<?php
     if(!$_POST['submit'] == 'register'){
      echo "<div id=\"blanket\" style=\"display:none;\"></div>\n";
     echo "<div id=\"popUpDiv2\" style=\"display:none;\">\n";
     echo "<div id=\"close\">\n";
     echo "<a href=\"#\" onclick=\"popup('popUpDiv2')\">\n";
     echo "<img src=\"/phptesting/images/login/close.png\">\n";
     echo "</a>\n";
     echo "</div>\n";
     echo "<div id=\"loginform\">\n";
     echo "<form name=\"register\" method=\"post\" action=\"/phptesting/registered.php\">\n";
     echo "<span class=\"nameformtext\">Firt Name</span>\n";
     echo "<input name=\"firstname\" type=\"text\" class=\"formtext\" id=\"firstname\" size=\"25\">\n";
     echo "<br>\n";
     echo "<span class=\"lastnameformtext\">Last Name</span>\n";
     echo "<input name=\"lastname\" type=\"text\" class=\"formtext\" id=\"lastname\" size=\"25\">\n";
     echo "<br>\n";
     echo "<span class=\"emailformtext\">Email</span>\n";
     echo "<input name=\"email\" type=\"text\" class=\"formtext\" id=\"email\" size=\"25\">\n";
     echo "<br>\n";
     echo "<span class=\"usernameformtext\">Username</span>\n";
     echo "<input name=\"username\" type=\"text\" class=\"formtext\" id=\"username\" size=\"25\">\n";
     echo "<span class=\"password2formtext\">Password</span>\n";
     echo "<input name=\"password\" type=\"password\" class=\"formtext\" id=\"password\" size=\"19\">\n";
     echo "<br>\n";
     echo "<span class=\"confirmpasswordformtext\">Confirm Password</span>\n";
     echo "<input name=\"passconf\" type=\"password\" class=\"formtext\" id=\"passconf\" size=\"19\">\n";
     echo "<br><br>\n";
     echo "<div align=\"left\"\n";
     echo "<input type=\"submit\" name=\"submit\" class=\"loginformtext\" value=\"Submit\">\n";
     echo "</div>\n";
     echo "</div>\n";
     echo "</form>\n";
     echo "</div>\n";
     echo "<span class=\"login_text\"><a href=\"#\" onclick=\"popup('popUpDiv2')\">REGISTER</a></span>\n";
     
     }else {
        $firstname = $_POST['firstname'];
      $lastname = $_POST['lastname'];
      $email = $_POST['email'];
      $username = $_POST['username'];
      $password = $_POST['password'];
      $passconf = $_POST['passconf'];
      
         if($firstname && $lastname && $email && $username && $password && $passconf){
            if(strlen($username) <= 32){
               if(strlen($username) >= 3){
                  if(strlen($password) >=3){
                     if($password == $passconf){
                        $sql = "SELECT * FROM `users` WHERE `username`='$username'";
                        $res = mysql_query($sql) or die(mysql_error());
                        if (mysql_num_rows($res) ==0){
                           $pass = md5($password);
                           
					   $sql2 = "INSERT INTO `users` (`firstname`, `lastname`, `email`, `username`,`password`) 
					   VALUES('$firstname', '$lastname', '$email','$username','$pass');";
                           
					   $res2 = mysql_query($sql2) or die(mysql_error());
					   
					   //IF one row was inserted
					   if($res2 == 1){
					   		//get last inserted id
							$user_id = mysql_insert_id();
							$make_directory = mkdir("/phptesting/images/upload/".$user_id , 0700);
                         		echo "<span class=\"login_text\">HELLO <b>$username</b>. YOU CAN NOW LOG IN.</span>\n";
						}
                        }


					else {
                        echo "<span class=\"login_text\">SORRY. THAT USERNAME ALREADY EXISTS.</span>\n";
                        }
                     }else {
                     echo "<span class=\"login_text\">YOUR TWO PASSWORDS DID NOT MATCH.</span>\n";
                     }
                  }else {
                  echo "<span class=\"login_text\">YOUR PASSWORD IS TOO SHORT.</span>\n";
                  }
               }else {
               echo "<span class=\"login_text\">YOUR USERNAME IS TOO SHORT.</span>\n";
               }
            }else {
            echo "<span class=\"login_text\">YOUR USERNAME IS TOO LONG.</span>\n";
            }
         
         }else {
         echo "<span class=\"login_text\">PLEASE SUPPLY ALL VALID FIELDS.</span>\n";
         }   
      }
      
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.