Jump to content

file upload question - whats the best way


pouncer

Recommended Posts

[code=php:0]
<?php
$file_dir = "c:/domains/site.com/wwwroot/myftpname";

foreach($_FILES as $file_name => $file_array) {
echo "path: " . $file_array['tmp_name'] . "<br>\n";
echo "name: " . $file_array['name'] . "<br>\n";
echo "size: " . $file_array['type'] . "<br>\n";
echo "type: " . $file_array['size'] . "<br>\n";

if (is_uploaded_file($file_array['tmp_name'])) {
move_uploaded_file($file_array['tmp_name'], "$file_dir/$file_array[name]") or die("Couldnt copy");

echo "file was moved<br><br>";
}
}
?>
[/code]

It works ok. But how can i upload the file to a folder named by $_SESSION['Username']
and if that folder doesnt exist, would it auto-create the folder?

and when the file is uploaded successfully, i should also add entries to a sql table right? to store the filename,link etc etc. this would be easier to loop through the usernames folder and display all their images right?
Link to comment
Share on other sites

[i]But how can i upload the file to a folder named by $_SESSION['Username'][/i]
Append $_SESSION['Username'] to $file_dir

[i]if that folder doesnt exist, would it auto-create the folder?[/i]
Not sure if it would.  But you should check if the folder exists yourself with file_exists() and is_dir().  If it doesn't exist, you can create it yourself with mkdir().

[i]when the file is uploaded successfully, i should also add entries to a sql table right?[/i]
Probably, it makes life easier in the long run to have a record of what was uploaded, by who, and when.

[i]to store the filename,link etc etc. this would be easier to loop through the usernames folder and display all their images right?[/i]
Not necessarily.  It's just about as easy to open a directory and grab a list of it's contents as it is to write a MySQL query.  But having a matching table is almost always a good idea.
Link to comment
Share on other sites

easier than you might think.  I'll just copy some of my code for ya to look at:

to make the directory
[code]function set_dir($user)
{
$path="users/";
$newdir="$path$user";
mkdir($newdir, 0777);
}
[/code]


the upload code: (this will also check for duplicate filenames and change the uploaded files name until it unique)
[code]$uploaddir = "users/".$_SESSION['username']."/";
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

if (file_exists($uploadfile))
{
$tmpVar = 1;
while(file_exists(basename($uploaddir . $tmpVar . '-' . $_FILES['userfile']['name'])))
{
  $tmpVar++;
  }
$uploadfile= $uploaddir . $tmpVar . '-' . $_FILES['userfile']['name'];
  }

if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
{
$uid=$_SESSION['userid'];
$put="insert into filehost_files (uid, name, link, size, date) values ('$uid', '$name', '$uploadfile', '$size', NOW())";
$result=@mysql_query($put);
header("Location: $_SESSION[url] ?loc=upload");
}

else
{
"Possible file upload attack!\n\n";
echo "More info:";
print_r($_FILES);
}[/code]

mkdir() will make the directory if it doesn't exist, if it does already exist then it won't do anything.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.