Jump to content

multiple image upload, easy and short code

rafal

By rafal
in PHP Coding Help

Recommended Posts

rafal Member

rafal

Posted
Posted

Hello everybody,

i have an easy short code to upload multiple photos to "images" directory.

after upload each file, i give it unique name.

 

the problem i have is:

i want see the name of uploaded files and print this using echo as in line 21.

the line 21 gives me names but not the same names of uploaded files!

 

thank you very much for your help.

Rafal

<?php
foreach ($_FILES['file']['name'] as $i => $name)
{
$types = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $name);
$extension = end($temp);
if ($_FILES["file"]["size"][$i] < 10240000 && in_array($extension, $types))
{
if ($_FILES["file"]["error"][$i] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"][$i] . "<br>";
}
else
{
if (file_exists("images/" . $name))
{
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"][$i], "images/" . uniqid() . "." . $extension);
echo "uploaded " . $_FILES["file"] , uniqid() . "." . $extension ;
echo "<br>";
}
}
}
else
{
$error =  "Invalid file";
}
}
?>
<html>
<head>
<title></title>
</head>
<body>
<form enctype="multipart/form-data" action="photo.php" method="POST">
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="submit" value="upload">
</form>
</body>
</html>
Frank_b Newbie

Frank_b

Posted
Posted

Take a look to this example:

<?php
// be sure that dir/filename.ext will be a valid path and that you have write permissions
$uploads_dir = 'uploads/';

// if we got something posted
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
	// Let's see what the hack is into the $_FILES array for learning purposes
	echo '<pre>';
	print_r($_FILES);
	echo '</pre>';
	
	// walk through the error codes for each separate file
	foreach ($_FILES['file']['error'] as $key => $error) {
		if ($error == UPLOAD_ERR_OK)
		{
			// now move the uploaded file to uploads/<filename>
			$tmp_name = $_FILES['file']['tmp_name'][$key];
			$name = $_FILES['file']['name'][$key];
			move_uploaded_file($tmp_name, $uploads_dir.$name);
		}
	}
}
?>
<html>
<head>
<title></title>
</head>
<body>
<form enctype="multipart/form-data" action="" method="POST">
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="submit" value="upload">
</form>
</body>
</html>
Frank_b Newbie

Frank_b

Posted
Posted

Mention that move_uploaded_file() will overwrite files without any warning. Lot of developers give uploaded files unique names with help of current timestamp. The generated name AND the original name will be stored into the database. This solution protects you from files being overwrited.

rafal Member

rafal

Posted
  • Author
Posted

Dear Frank_B,

thank you very much for your answer.

i miss 2 functions in my an your code.

first i need to add timestamp to each file, i dont know how.

second i need to echo or print the name of uploaded files.

i miss this 2 functions in your solution.

 

thanks again

Rafal

Frank_b Newbie

Frank_b

Posted
Posted

add a timestamp to each file is a bit strange to hear. Do you mean that you want to add a timestamp to the filename?

 

the php time() function gives you the current timestamp which is the number of second passed since January 1 1970 00:00:00 GMT.

 

The original filename can be found under the $_FILES['file']['name'][$key] 

<?php
// be sure that dir/filename.ext will be a valid path and that you have write permissions
$uploads_dir = 'uploads/';
 
// if we got something posted
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
	// walk through the error codes for each separate file
	foreach ($_FILES['file']['error'] as $key => $error) {
		if ($error == UPLOAD_ERR_OK)
		{
			// now move the uploaded file to uploads/<filename>
			$tmp_name = $_FILES['file']['tmp_name'][$key];
			$name = $_FILES['file']['name'][$key];
			move_uploaded_file($tmp_name, $uploads_dir.$name);
			
			echo time() . '-' . $name . '<br>';
		}
	}
}
?>
<html>
<head>
<title></title>
</head>
<body>
<form enctype="multipart/form-data" action="" method="POST">
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="file" name="file[]" id="file" ><br>
<input type="submit" value="upload">
</form>
</body>
</html>
jcbones Newbie

jcbones

Posted
Posted

Mention that move_uploaded_file() will overwrite files without any warning. Lot of developers give uploaded files unique names with help of current timestamp. The generated name AND the original name will be stored into the database. This solution protects you from files being overwrited.

The reason to generate a unique filename isn't so that the images will not be overwritten.  It is instead a security measure, so that you control what the image is, and that it is saved as an image.  Some go so far as to create a new image, so that someone can't upload an image that has code in a comment tag (inside  the image). You must think of security when accepting uploads of any kind.  Like making sure the upload is coming from a client, and not a script.  Or, that the $_FILES superglobal hasn't been hijacked (the manual tells you that it can), which is why you shouldn't trust it.

 

For instance, I could upload a php file to your server through your script, even if you are checking $_FILES['file']['type'] to make sure it is an image.

rafal Member

rafal

Posted
  • Author
Posted

dear JCbones, dear Frank_b,

thank you very much.

i solved the problem.

and added login code to protect the page.

the working version is attached

<?php
session_start();
$_logindaten = ARRAY("name"=>"[email protected]", "password"=>"5485457454444d");
if (isset($_POST["inp_name"]) && isset($_POST["inp_pwd"]))
{
if ($_logindaten["name"] == $_POST["inp_name"] &&
$_logindaten["password"] == md5($_POST["inp_pwd"]))
{
# Userdaten korrekt - User ist eingeloggt
# Login merken !
$_SESSION["login"] = 1;
}
}
if ($_SESSION["login"] != 1)
{
header ( 'Location:login.php' );
exit;
}
# User ist eingeloggt
?> 


<?php
echo '<font face="Arial"><a href="login.php">Abmelden</a><br>';
echo '<H4>Fotos hochladen</H4>';
echo "Grösse der Fotos ist 500x282px<br><br>";
foreach ($_FILES['file']['name'] as $i => $name)
{
$types = array("gif", "jpeg", "jpg", "png", "pdf", "doc", "xls", "bmp");
$temp = explode(".", $name);
$extension = end($temp);
if ($_FILES["file"]["size"][$i] < 1024000000 && in_array($extension, $types))
{
if ($_FILES["file"]["error"][$i] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"][$i] . "<br>";
}
else
{
if (file_exists("cloud/" . $name))
{
}
else
{

move_uploaded_file($_FILES["file"]["tmp_name"][$i], "cloud/" . time() . "-" . $name);
echo time() . '-' . $name . '<br>';
}
}
}
else
{
$error =  "Invalid file";
}
}
echo "</font>";
?>
<!DOCTYPE html>
<html">
<head>
<title>cloud</title>

</head>
<body>

<br>
<br>
<form enctype="multipart/form-data" action="cloud.php" method="POST">
<input type="file" name="file[]" id="file"><br>
<input type="file" name="file[]" id="file"><br>
<input type="file" name="file[]" id="file"><br>
<input type="file" name="file[]" id="file"><br>
<input type="submit" value="Hochladen" style="width:100%; padding: 4px;">
</form>
</body>
</html>

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.