pixeltrace Posted February 25, 2007 Share Posted February 25, 2007 guys, i need help, i was able to fix my problem on uploading picture and resume using my applcation form. now hope you could help me, get a code where the uploaded file will be renamed equivalent to the applicants username. ex. resume.doc change to username.doc pic.jpg change to username.jpg also, is there a way, that i can only limit files to be uploaded to gif, jpg, doc & pdf only? i just need this for security below is my current code for the process page <? session_start(); if (session_is_registered("username")){ }else{ echo "<font face=\"Arial\">You are not authorized to access this page ... Please <a href='../index.php'>Login</a></font>"; } include '../db_connect.php'; $email1 = $_POST['email1']; $email2 = $_POST['email2']; $password1 = $_POST['password1']; $password2 = $_POST['password2']; $fname = $_POST['fname']; $lname = $_POST['lname']; $daybirth = $_POST['daybirth']; $monthbirth = $_POST['monthbirth']; $yearbirth = $_POST['yearbirth']; $gender = $_POST['gender']; $country = $_POST['country']; $state = $_POST['state']; $specialization = implode("\n", $_POST['specialization']); $level = $_POST['level']; //$photofile = $_POST['photofile']; //$resume = $_POST['resume']; $learned = $_POST['learned']; $dateregistered = date('Y-m-d'); // 0000-00-00 $datebirth = $yearbirth.'-'.$monthbirth.'-'.$daybirth; //email verification 1 if ($email1 == $email2){ $email = $email1; $username = $email1; }else { echo '<script language=javascript>alert("Email Address does not match!");top.location = "../resumemngr.php?id=1";</script>'; } //email verification 2 $sql_username_check = mysql_query("SELECT username FROM applicant WHERE email='$email'"); $username_check = mysql_num_rows($sql_username_check); if($username_check > 0){ echo '<script language=javascript> alert("Email is already used!");top.location = "../resumemngr.php?id=1";</script>'; unset($username); exit(); } //password verification if ($password1 == $password2){ $password = ($password1); }else { echo '<script language=javascript>alert("Password does not match!");top.location = "../resumemngr.php?id=1";</script>'; } //set this to the directory where resume files will be uploaed $target_path = 'uploads/'; $target_path = $target_path . basename($_FILES['resume']['name']); if(move_uploaded_file($_FILES['resume']['tmp_name'], $target_path)) { echo "The file ". basename( $_FILES['resume']['name']). " has been uploaded"; } else{ echo "There was an error uploading the file, please try again!"; } //set this to the directory where photo files will be uploaded $target_path = 'uploads/'; $target_path = $target_path . basename($_FILES['photofile']['name']); if(move_uploaded_file($_FILES['photofile']['tmp_name'], $target_path)) { echo "The file ". basename( $_FILES['photofile']['name']). " has been uploaded"; } else{ echo "There was an error uploading the file, please try again!"; } $email = stripslashes($email); $username = stripslashes($username); $password = stripslashes($password); $fname = stripslashes($fname); $lname = stripslashes($lname); $datebirth = stripslashes($datebirth); $gender = stripslashes($gender); $country = stripslashes($country); $state = stripslashes($state); $specialization = stripslashes($specialization); $level = stripslashes($level); //$photofile = stripslashes($photofile); //$resume = stripslashes($resume); $learned = stripslashes($learned); $dateregistered = stripslashes($dateregistered); $db_password = md5($password); $sql = mysql_query("INSERT INTO applicant (email, username, password, fname, lname, datebirth, gender, country, state, specialization, level, learned, dateregistered ) VALUES('$email', '$username', '$db_password', '$fname', '$lname', '$datebirth', '$gender', '$country', '$state', '$specialization', '$level', '$learned', '$dateregistered')") or die (mysql_error()); if(!$sql){ echo '<script language=javascript> alert("Error adding applicant");top.location = "../resumemngr.php?id=1";</script>'; exit(); } else { $appid = mysql_insert_id(); echo '<script language=javascript> alert("New Applicant has been added by!");top.location = "../resumemngr.php?id=1";</script>'; } ?> hope you could help me with this. thanks! Quote Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/ Share on other sites More sharing options...
pixeltrace Posted February 25, 2007 Author Share Posted February 25, 2007 any update on this? thanks a lot! Quote Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/#findComment-193668 Share on other sites More sharing options...
itsmeArry Posted February 27, 2007 Share Posted February 27, 2007 what you need to do is get the User name into a var say "$strUserName" and also get the extension for the file $arrExtensions = array(".doc", ".jpg", ".jpeg", ".gif", ".png"); if( !in_array(strtolower($fileExtension), $arrExtensions)) { echo "Invalid file type"; die(); } $strFileName = $strUserName . "." . $strFileExt; // Make the destination Path $strDestFile = $strpDestPath . "/" . $strFileName; if ( move_uploaded_file ($_FILES['resume']['tmp_name'] , $strDestFile ) ) { chmod($strDestFile,0755); } else { echo "$strDestFile : Failed to open stream : Permission denied."; die(); } hope this will help you..... Quote Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/#findComment-195252 Share on other sites More sharing options...
jorgep Posted February 27, 2007 Share Posted February 27, 2007 You can get the file extention with something like this... <? $file = 'asdasdaksdasdasd.jpg'; $fileExt = substr($file, strpos($file,".")+1); echo $fileExt; ?> Hope to be helpfull Quote Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/#findComment-195258 Share on other sites More sharing options...
itsmeArry Posted February 27, 2007 Share Posted February 27, 2007 You can get the file extention with something like this... <? $file = 'asdasdaksdasdasd.jpg'; $fileExt = substr($file, strpos($file,".")+1); echo $fileExt; ?> Hope to be helpfull or you can use this which is more safer if a user has two dots in file name.... $arrFileExt = explode(".", $fileName); $total = count($arrFileExt); $strFileExt = $arrFileExt[$arrFileExt[$total - 1]; Quote Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/#findComment-195295 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.