Jump to content

help on renaming files to be uploaded

pixeltrace

By pixeltrace
in PHP Coding Help

Recommended Posts

pixeltrace Advanced Member

pixeltrace

Posted
Posted

guys,

 

i need help, i was able to fix my problem on uploading picture and resume using my

applcation form.

now hope you could help me, get a code where the uploaded file

will be renamed equivalent to the applicants username.

ex.

resume.doc change to username.doc

pic.jpg change to username.jpg

 

also, is there a way, that i can only limit files to be

uploaded to gif, jpg, doc & pdf only?

i just need this for security

 

below is my current code for the process page

 

<?
session_start();

if (session_is_registered("username")){
}else{
echo "<font face=\"Arial\">You are not authorized to access this page ... Please <a href='../index.php'>Login</a></font>";
}

include '../db_connect.php';

$email1 = $_POST['email1'];
$email2 = $_POST['email2'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$daybirth = $_POST['daybirth'];
$monthbirth = $_POST['monthbirth'];
$yearbirth = $_POST['yearbirth'];
$gender = $_POST['gender'];
$country = $_POST['country'];
$state = $_POST['state'];
$specialization = implode("\n", $_POST['specialization']);
$level = $_POST['level'];
//$photofile = $_POST['photofile'];
//$resume = $_POST['resume'];
$learned = $_POST['learned'];
$dateregistered = date('Y-m-d');
// 0000-00-00
$datebirth = $yearbirth.'-'.$monthbirth.'-'.$daybirth;

//email verification 1
if ($email1 == $email2){
	$email = $email1;
	$username = $email1;
	}else { 
		echo '<script language=javascript>alert("Email Address does not match!");top.location = "../resumemngr.php?id=1";</script>';
}
//email verification 2
$sql_username_check = mysql_query("SELECT username FROM applicant WHERE email='$email'");
  $username_check = mysql_num_rows($sql_username_check);
	if($username_check > 0){
		echo '<script language=javascript> alert("Email is already used!");top.location = "../resumemngr.php?id=1";</script>';
		unset($username);
		exit();
	} 	 
//password verification
if ($password1 == $password2){
	$password = ($password1);
	}else { 
		echo '<script language=javascript>alert("Password does not match!");top.location = "../resumemngr.php?id=1";</script>';
}

//set this to the directory where resume files will be uploaed
$target_path = 'uploads/';
$target_path = $target_path . basename($_FILES['resume']['name']);

if(move_uploaded_file($_FILES['resume']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['resume']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}

//set this to the directory where photo files will be uploaded
$target_path = 'uploads/';
$target_path = $target_path . basename($_FILES['photofile']['name']);

if(move_uploaded_file($_FILES['photofile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['photofile']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}



$email = stripslashes($email);
$username = stripslashes($username);
$password = stripslashes($password);
$fname = stripslashes($fname);
$lname = stripslashes($lname);
$datebirth = stripslashes($datebirth);
$gender = stripslashes($gender);
$country = stripslashes($country);
$state = stripslashes($state);
$specialization = stripslashes($specialization);
$level = stripslashes($level);
//$photofile = stripslashes($photofile);
//$resume = stripslashes($resume);
$learned = stripslashes($learned);
$dateregistered = stripslashes($dateregistered);

$db_password = md5($password);

$sql = mysql_query("INSERT INTO applicant (email, username, password, fname, lname, datebirth, gender, country, state, specialization, level, learned, dateregistered )
      VALUES('$email', '$username', '$db_password', '$fname', '$lname', '$datebirth', '$gender', '$country', '$state', '$specialization', '$level', '$learned', '$dateregistered')") or die (mysql_error());

     if(!$sql){
    echo '<script language=javascript> alert("Error adding applicant");top.location = "../resumemngr.php?id=1";</script>';
	exit();
     } else {
   $appid = mysql_insert_id();	   
   echo '<script language=javascript> alert("New Applicant has been added by!");top.location = "../resumemngr.php?id=1";</script>';
     }
?>

 

 

hope you could help me with this.

 

thanks!

 

Link to comment
https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/
Share on other sites
itsmeArry Newbie

itsmeArry

Posted
Posted

what you need to do is get the User name into a var say "$strUserName"

and also get the extension for the file

$arrExtensions = array(".doc", ".jpg", ".jpeg", ".gif", ".png");

 

if( !in_array(strtolower($fileExtension), $arrExtensions))

{

      echo "Invalid file type";

      die();

}

 

$strFileName = $strUserName . "." . $strFileExt;

 

// Make the destination Path

$strDestFile = $strpDestPath . "/" . $strFileName;

 

if ( move_uploaded_file ($_FILES['resume']['tmp_name'] , $strDestFile ) )

{

      chmod($strDestFile,0755);       

}

else

{

          echo "$strDestFile : Failed to open stream : Permission denied.";

          die();

}

 

 

hope this will help you.....  ;)

itsmeArry Newbie

itsmeArry

Posted
Posted

You can get the file extention with something like this...

 

<?

$file = 'asdasdaksdasdasd.jpg';

$fileExt = substr($file, strpos($file,".")+1);

echo $fileExt;

?>

 

Hope to be helpfull

 

or you can use this which is more safer if a user has two dots in file name....

 

$arrFileExt = explode(".", $fileName);

$total = count($arrFileExt);

$strFileExt = $arrFileExt[$arrFileExt[$total - 1];

 

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.