Jump to content

[SOLVED] create a user specific folder for images to be uploaded into

dachshund

By dachshund
in PHP Coding Help

Recommended Posts

dachshund Regular Member

dachshund

Posted
Posted

i have an upload form where users can upload their profile/account images.

 

to keep all these ordered i'd like the upload directory to be /phptesting/images/upload/.$rows['username']/.$newfilename

 

but in order to do this the folder called 'username' needs to be created if it does not already exist.

 

is there a way to do this?

 

 



<?php

//Сheck that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  //Check if the file is JPEG image and it's size is less than 350Kb
  $filename = basename($_FILES['uploaded_file']['name']);
  $ext = substr($filename, strrpos($filename, '.') + 1);
  if (($ext == "jpg") && ($_FILES["uploaded_file"]["type"] == "image/jpeg") && 
    ($_FILES["uploaded_file"]["size"] < 350000)) {

// random 4 digit to add to our file name 
// some people use date and time in stead of random digit 
$random_digit=rand(0000,9999);

//user

$userid = $_SESSION['uid'];
  $query = "SELECT * FROM users WHERE id = '$userid'";
  $result = mysql_query($query);
  $row = mysql_fetch_assoc($result);

//combine random digit to you file name to create new file name
//use dot (.) to combile these two variables

$newfilename=$random_digit.$filename;
    //Determine the path to which we want to save this file
      $newname = dirname(__FILE__).'/phptesting/images/upload/'.$newfilename;
      //Check if the file with the same name is already exists on the server
      if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
           echo "It's done! The file has been saved as: ".$newfilename;
        } else {
           echo "Error: A problem occurred during file upload!";
        }
      } else {
         echo "Error: File ".$_FILES["uploaded_file"]["name"]." already exists";
      }
  } else {
     echo "Error: Only .jpg images under 350Kb are accepted for upload";
  }
} else {
echo "Error: No file uploaded";
}
}
?>

dachshund Regular Member

dachshund

Posted
  • Author
Posted

ah ok.

 

where abouts should i put

 

mkdir("/phptesting/images/upload/".$username , 0700);

 

in this (register form)?

 

 


<?php
  if(!$_POST['submit'] == 'register'){
      echo "<div id=\"blanket\" style=\"display:none;\"></div>\n";
  echo "<div id=\"popUpDiv2\" style=\"display:none;\">\n";
  echo "<div id=\"close\">\n";
  echo "<a href=\"#\" onclick=\"popup('popUpDiv2')\">\n";
  echo "<img src=\"/phptesting/images/login/close.png\">\n";
  echo "</a>\n";
  echo "</div>\n";
  echo "<div id=\"loginform\">\n";
  echo "<form name=\"register\" method=\"post\" action=\"/phptesting/registered.php\">\n";
  echo "<span class=\"nameformtext\">Firt Name</span>\n";
  echo "<input name=\"firstname\" type=\"text\" class=\"formtext\" id=\"firstname\" size=\"25\">\n";
  echo "<br>\n";
  echo "<span class=\"lastnameformtext\">Last Name</span>\n";
  echo "<input name=\"lastname\" type=\"text\" class=\"formtext\" id=\"lastname\" size=\"25\">\n";
  echo "<br>\n";
  echo "<span class=\"emailformtext\">Email</span>\n";
  echo "<input name=\"email\" type=\"text\" class=\"formtext\" id=\"email\" size=\"25\">\n";
  echo "<br>\n";
  echo "<span class=\"usernameformtext\">Username</span>\n";
  echo "<input name=\"username\" type=\"text\" class=\"formtext\" id=\"username\" size=\"25\">\n";
  echo "<span class=\"password2formtext\">Password</span>\n";
  echo "<input name=\"password\" type=\"password\" class=\"formtext\" id=\"password\" size=\"19\">\n";
  echo "<br>\n";
  echo "<span class=\"confirmpasswordformtext\">Confirm Password</span>\n";
  echo "<input name=\"passconf\" type=\"password\" class=\"formtext\" id=\"passconf\" size=\"19\">\n";
  echo "<br><br>\n";
  echo "<div align=\"left\"\n";
  echo "<input type=\"submit\" name=\"submit\" class=\"loginformtext\" value=\"Submit\">\n";
  echo "</div>\n";
  echo "</div>\n";
  echo "</form>\n";
  echo "</div>\n";
  echo "<span class=\"login_text\"><a href=\"#\" onclick=\"popup('popUpDiv2')\">REGISTER</a></span>\n";
  
  }else {
  	$firstname = $_POST['firstname'];
	$lastname = $_POST['lastname'];
	$email = $_POST['email'];
	$username = $_POST['username'];
	$password = $_POST['password'];
	$passconf = $_POST['passconf'];

		if($firstname && $lastname && $email && $username && $password && $passconf){
			if(strlen($username) <= 32){
				if(strlen($username) >= 3){
					if(strlen($password) >=3){
						if($password == $passconf){
							$sql = "SELECT * FROM `users` WHERE `username`='$username'";
							$res = mysql_query($sql) or die(mysql_error());
							if (mysql_num_rows($res) ==0){
								$pass = md5($password);
								$sql2 = "INSERT INTO `users` (`firstname`, `lastname`, `email`, `username`,`password`) VALUES('$firstname', '$lastname', '$email','$username','$pass');";
								$res2 = mysql_query($sql2) or die(mysql_error());
								echo "<span class=\"login_text\">HELLO <b>$username</b>. YOU CAN NOW LOG IN.</span>\n";
							}else {
							echo "<span class=\"login_text\">SORRY. THAT USERNAME ALREADY EXISTS.</span>\n";
							}
						}else {
						echo "<span class=\"login_text\">YOUR TWO PASSWORDS DID NOT MATCH.</span>\n";
						}
					}else {
					echo "<span class=\"login_text\">YOUR PASSWORD IS TOO SHORT.</span>\n";
					}
				}else {
				echo "<span class=\"login_text\">YOUR USERNAME IS TOO SHORT.</span>\n";
				}
			}else {
			echo "<span class=\"login_text\">YOUR USERNAME IS TOO LONG.</span>\n";
			}

		}else {
		echo "<span class=\"login_text\">PLEASE SUPPLY ALL VALID FIELDS.</span>\n";
		}	
	}

?>

 

waynew Advanced Member

waynew

Posted
Posted

One note: you're not using the function is_uploaded_file(). It's a security risk to exclude that function from upload scripts.

 

Also:

 


<?php
     if(!$_POST['submit'] == 'register'){
      echo "<div id=\"blanket\" style=\"display:none;\"></div>\n";
     echo "<div id=\"popUpDiv2\" style=\"display:none;\">\n";
     echo "<div id=\"close\">\n";
     echo "<a href=\"#\" onclick=\"popup('popUpDiv2')\">\n";
     echo "<img src=\"/phptesting/images/login/close.png\">\n";
     echo "</a>\n";
     echo "</div>\n";
     echo "<div id=\"loginform\">\n";
     echo "<form name=\"register\" method=\"post\" action=\"/phptesting/registered.php\">\n";
     echo "<span class=\"nameformtext\">Firt Name</span>\n";
     echo "<input name=\"firstname\" type=\"text\" class=\"formtext\" id=\"firstname\" size=\"25\">\n";
     echo "<br>\n";
     echo "<span class=\"lastnameformtext\">Last Name</span>\n";
     echo "<input name=\"lastname\" type=\"text\" class=\"formtext\" id=\"lastname\" size=\"25\">\n";
     echo "<br>\n";
     echo "<span class=\"emailformtext\">Email</span>\n";
     echo "<input name=\"email\" type=\"text\" class=\"formtext\" id=\"email\" size=\"25\">\n";
     echo "<br>\n";
     echo "<span class=\"usernameformtext\">Username</span>\n";
     echo "<input name=\"username\" type=\"text\" class=\"formtext\" id=\"username\" size=\"25\">\n";
     echo "<span class=\"password2formtext\">Password</span>\n";
     echo "<input name=\"password\" type=\"password\" class=\"formtext\" id=\"password\" size=\"19\">\n";
     echo "<br>\n";
     echo "<span class=\"confirmpasswordformtext\">Confirm Password</span>\n";
     echo "<input name=\"passconf\" type=\"password\" class=\"formtext\" id=\"passconf\" size=\"19\">\n";
     echo "<br><br>\n";
     echo "<div align=\"left\"\n";
     echo "<input type=\"submit\" name=\"submit\" class=\"loginformtext\" value=\"Submit\">\n";
     echo "</div>\n";
     echo "</div>\n";
     echo "</form>\n";
     echo "</div>\n";
     echo "<span class=\"login_text\"><a href=\"#\" onclick=\"popup('popUpDiv2')\">REGISTER</a></span>\n";
     
     }else {
        $firstname = $_POST['firstname'];
      $lastname = $_POST['lastname'];
      $email = $_POST['email'];
      $username = $_POST['username'];
      $password = $_POST['password'];
      $passconf = $_POST['passconf'];
      
         if($firstname && $lastname && $email && $username && $password && $passconf){
            if(strlen($username) <= 32){
               if(strlen($username) >= 3){
                  if(strlen($password) >=3){
                     if($password == $passconf){
                        $sql = "SELECT * FROM `users` WHERE `username`='$username'";
                        $res = mysql_query($sql) or die(mysql_error());
                        if (mysql_num_rows($res) ==0){
                           $pass = md5($password);
                           
					   $sql2 = "INSERT INTO `users` (`firstname`, `lastname`, `email`, `username`,`password`) 
					   VALUES('$firstname', '$lastname', '$email','$username','$pass');";
                           
					   $res2 = mysql_query($sql2) or die(mysql_error());
					   
					   //IF one row was inserted
					   if($res2 == 1){
					   		//get last inserted id
							$user_id = mysql_insert_id();
							$make_directory = mkdir("/phptesting/images/upload/".$user_id , 0700);
                         		echo "<span class=\"login_text\">HELLO <b>$username</b>. YOU CAN NOW LOG IN.</span>\n";
						}
                        }


					else {
                        echo "<span class=\"login_text\">SORRY. THAT USERNAME ALREADY EXISTS.</span>\n";
                        }
                     }else {
                     echo "<span class=\"login_text\">YOUR TWO PASSWORDS DID NOT MATCH.</span>\n";
                     }
                  }else {
                  echo "<span class=\"login_text\">YOUR PASSWORD IS TOO SHORT.</span>\n";
                  }
               }else {
               echo "<span class=\"login_text\">YOUR USERNAME IS TOO SHORT.</span>\n";
               }
            }else {
            echo "<span class=\"login_text\">YOUR USERNAME IS TOO LONG.</span>\n";
            }
         
         }else {
         echo "<span class=\"login_text\">PLEASE SUPPLY ALL VALID FIELDS.</span>\n";
         }   
      }
      
?>

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.