pixeltrace Posted February 25, 2007 Share Posted February 25, 2007 guys, i need help, i was able to fix my problem on uploading picture and resume using my applcation form. now hope you could help me, get a code where the uploaded file will be renamed equivalent to the applicants username. ex. resume.doc change to username.doc pic.jpg change to username.jpg also, is there a way, that i can only limit files to be uploaded to gif, jpg, doc & pdf only? i just need this for security below is my current code for the process page <? session_start(); if (session_is_registered("username")){ }else{ echo "<font face=\"Arial\">You are not authorized to access this page ... Please <a href='../index.php'>Login</a></font>"; } include '../db_connect.php'; $email1 = $_POST['email1']; $email2 = $_POST['email2']; $password1 = $_POST['password1']; $password2 = $_POST['password2']; $fname = $_POST['fname']; $lname = $_POST['lname']; $daybirth = $_POST['daybirth']; $monthbirth = $_POST['monthbirth']; $yearbirth = $_POST['yearbirth']; $gender = $_POST['gender']; $country = $_POST['country']; $state = $_POST['state']; $specialization = implode("\n", $_POST['specialization']); $level = $_POST['level']; //$photofile = $_POST['photofile']; //$resume = $_POST['resume']; $learned = $_POST['learned']; $dateregistered = date('Y-m-d'); // 0000-00-00 $datebirth = $yearbirth.'-'.$monthbirth.'-'.$daybirth; //email verification 1 if ($email1 == $email2){ $email = $email1; $username = $email1; }else { echo '<script language=javascript>alert("Email Address does not match!");top.location = "../resumemngr.php?id=1";</script>'; } //email verification 2 $sql_username_check = mysql_query("SELECT username FROM applicant WHERE email='$email'"); $username_check = mysql_num_rows($sql_username_check); if($username_check > 0){ echo '<script language=javascript> alert("Email is already used!");top.location = "../resumemngr.php?id=1";</script>'; unset($username); exit(); } //password verification if ($password1 == $password2){ $password = ($password1); }else { echo '<script language=javascript>alert("Password does not match!");top.location = "../resumemngr.php?id=1";</script>'; } //set this to the directory where resume files will be uploaed $target_path = 'uploads/'; $target_path = $target_path . basename($_FILES['resume']['name']); if(move_uploaded_file($_FILES['resume']['tmp_name'], $target_path)) { echo "The file ". basename( $_FILES['resume']['name']). " has been uploaded"; } else{ echo "There was an error uploading the file, please try again!"; } //set this to the directory where photo files will be uploaded $target_path = 'uploads/'; $target_path = $target_path . basename($_FILES['photofile']['name']); if(move_uploaded_file($_FILES['photofile']['tmp_name'], $target_path)) { echo "The file ". basename( $_FILES['photofile']['name']). " has been uploaded"; } else{ echo "There was an error uploading the file, please try again!"; } $email = stripslashes($email); $username = stripslashes($username); $password = stripslashes($password); $fname = stripslashes($fname); $lname = stripslashes($lname); $datebirth = stripslashes($datebirth); $gender = stripslashes($gender); $country = stripslashes($country); $state = stripslashes($state); $specialization = stripslashes($specialization); $level = stripslashes($level); //$photofile = stripslashes($photofile); //$resume = stripslashes($resume); $learned = stripslashes($learned); $dateregistered = stripslashes($dateregistered); $db_password = md5($password); $sql = mysql_query("INSERT INTO applicant (email, username, password, fname, lname, datebirth, gender, country, state, specialization, level, learned, dateregistered ) VALUES('$email', '$username', '$db_password', '$fname', '$lname', '$datebirth', '$gender', '$country', '$state', '$specialization', '$level', '$learned', '$dateregistered')") or die (mysql_error()); if(!$sql){ echo '<script language=javascript> alert("Error adding applicant");top.location = "../resumemngr.php?id=1";</script>'; exit(); } else { $appid = mysql_insert_id(); echo '<script language=javascript> alert("New Applicant has been added by!");top.location = "../resumemngr.php?id=1";</script>'; } ?> hope you could help me with this. thanks! Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/ Share on other sites More sharing options...
pixeltrace Posted February 25, 2007 Author Share Posted February 25, 2007 any update on this? thanks a lot! Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/#findComment-193668 Share on other sites More sharing options...
itsmeArry Posted February 27, 2007 Share Posted February 27, 2007 what you need to do is get the User name into a var say "$strUserName" and also get the extension for the file $arrExtensions = array(".doc", ".jpg", ".jpeg", ".gif", ".png"); if( !in_array(strtolower($fileExtension), $arrExtensions)) { echo "Invalid file type"; die(); } $strFileName = $strUserName . "." . $strFileExt; // Make the destination Path $strDestFile = $strpDestPath . "/" . $strFileName; if ( move_uploaded_file ($_FILES['resume']['tmp_name'] , $strDestFile ) ) { chmod($strDestFile,0755); } else { echo "$strDestFile : Failed to open stream : Permission denied."; die(); } hope this will help you..... Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/#findComment-195252 Share on other sites More sharing options...
jorgep Posted February 27, 2007 Share Posted February 27, 2007 You can get the file extention with something like this... <? $file = 'asdasdaksdasdasd.jpg'; $fileExt = substr($file, strpos($file,".")+1); echo $fileExt; ?> Hope to be helpfull Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/#findComment-195258 Share on other sites More sharing options...
itsmeArry Posted February 27, 2007 Share Posted February 27, 2007 You can get the file extention with something like this... <? $file = 'asdasdaksdasdasd.jpg'; $fileExt = substr($file, strpos($file,".")+1); echo $fileExt; ?> Hope to be helpfull or you can use this which is more safer if a user has two dots in file name.... $arrFileExt = explode(".", $fileName); $total = count($arrFileExt); $strFileExt = $arrFileExt[$arrFileExt[$total - 1]; Link to comment https://forums.phpfreaks.com/topic/40038-help-on-renaming-files-to-be-uploaded/#findComment-195295 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.