Updating an uploaded image

[Mutley]

I have a form that uploads images and renames them to an auto increasing ID. So it starts at 1.jpg, 2.jpg etc...

 

If I wanted to edit the images using the form, I guess I would have to simply add the image again with the ID but how do I delete the image off the server before uploading the new one in it's place?

[Lumio]

unlink($filename);

But you don't need to remove it because when you're uploading it again, it gets overwritten.

[Mutley]

$uploadid = $id;
$uploaddir = 'images/products/';
$uploadfile = $uploaddir . $uploadid.".jpg";

echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
   echo "File is valid, and was successfully uploaded.\n";
} else {
   echo "Possible file upload attack!\n";
}
echo $id;

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";

'

	<!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="100000" />
    <!-- Name of input element determines name in $_FILES array -->
    <input name="userfile" type="file" />	</td>

That's what I use but I get my "Possible upload attack" message, I guess because the file exists?

[Mutley]

Anyone?  ???

[heckenschutze]

How can a failed move_uploaded_file() be a file attack? If it exists then you shouldn't be 'overwritting' it - perhaps rename your new file to Filename(1).ext or something...

[Mutley]

I want to over write the original image because when I load the page that is 'ID 7' for example, it will look on the server for '7.jpg' and I need to overwrite the file to that or it won't find it.

 

An alternative would be to delete the current image THEN upload the new one but I don't know how to do that.

[Mutley]

I tried:

$uploadid = $id;
$uploaddir = 'images/products/';
$uploadfile = $uploaddir . $uploadid.".jpg";

$previous_img = "images/products/$id.jpg";
unlink($previous_img);

echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
   echo "File is valid, and was successfully uploaded.\n";
} else {
   echo "Possible file upload attack!\n";
}
echo $id;

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";

 

But no luck? It deletes the image but doesn't upload a new one.

[Mutley]

???

[_MP]

I run a script on a website that allows admins to upload files. In order to avoid one person uploading a file with the same name as someone elses file i have to rename each file on upload.

 

Here is the code i used, maybe it will help.

$idnum = $cookie[0];
$target_path = "modules/$leaguedir/adminfiles/";
$thefile = $target_path . basename($_FILES['matchzip']['name']);
$thefilename = basename($_FILES['matchzip']['name']);
$thefiletype = substr("$thefile", -4);
$thefilesize = filesize($thefile);
$newname = gmdate("m-d-y-Hi");
$thenewfile = "modules/$leaguedir/adminfiles/$idnum-$newname-$thefilename";
$target_path = $target_path . basename($_FILES['matchzip']['name']);
$_FILES['matchzip']['tmp_name'];
if(move_uploaded_file($_FILES['matchzip']['tmp_name'], $target_path)){
$fileuploadok = "<FONT COLOR=green><B>Yes</B></FONT>";
//----------------------------------Heres where the file is renamed.
rename("$thefile", "$thenewfile");}
//----------------------------------Heres where the file is renamed.
else{$fileuploadok = "<FONT COLOR=red><B>No</B></FONT>";}

[jitesh]

If there is a same name then image will overwrite

 

other wise delete previous image using unlink();

[Lumio]

try

<?php
   preg_match('{(.+?)(\.[\w\d]+$)}', $filename, $match); //get name and type of file
   $name = $match[1];
   $type = $match[2];
   $i = 0;
   while (file_exists($filename)) { //add a number to name
      $i++;
      $filename = $name.'_'.$i.$type;
   }
   //result: 1_1.jpg (for example)
   move_uploaded_file(...);
?>

$filename is the name of $_FILE[uploaded file input]['file']

after that code use move_uploaded_file