extract($_POST);
$error=array();
$extension=array("jpeg","jpg","png","gif");
foreach($_FILES["files"]["tmp_name"] as $key=>$tmp_name) {
$file_name=$_FILES["files"]["name"][$key];
$file_tmp=$_FILES["files"]["tmp_name"][$key];
$ext=pathinfo($file_name,PATHINFO_EXTENSION);
move_uploaded_file($file_tmp,"".$_POST['property_builder']."/".$_POST['property_city'].""."/".$_POST['property_location'].""."/".$_POST['property_type']."/".'Images-'.$_POST['property_name']."/".$file_name);
$content_to_write .= '<img src="Images-'.$_POST['property_name'].'/'.$file_name.'" alt="'.$file_name.'" title="'.$file_name.'" height="400" width="600">';
}
In the above code, I am unable to rename the uploaded files.. Please help me out as how to rename all the uploaded files by user...
User, just uploads 5 files, I want 5 text boxes asking for 5 filenames.. and save them accordingly.
You supposed to change following code
move_uploaded_file($file_tmp,"".$_POST['property_builder']."/".$_POST['property_city'].""."/".$_POST['property_location'].""."/".$_POST['property_type']."/".'Images-'.$_POST['property_name']."/".$file_name);
with
$temp = explode(".", $_FILES["file"]["name"]);
$newfilename = $_POST['filename']."."end($temp); // this filename is the name of field you have given in your text fields. If you have not given extension name you have to include that too.
// Make sure your path is currect where you're saving your file
move_uploaded_file($file_tmp,"./pathtomainimagefolder".$_POST['property_builder']."/".$_POST['property_city']."/".$_POST['property_location']."/".$_POST['property_type']."/".'Images-'.$_POST['property_name']."/".$newfilename);
Just make sure the file path. I just wrote smaple based on your path.
Related
I have a hosted website and i want to upload my images to image directory and link the image to mysql database .
What i did:
Creating form as :
<form method=POST align=center enctype="multipart/form-data">
<input type=file name=image>
Php code :
$uploaddir = 'images/';
// echo $uploaddir;
$target = "$uploaddir".basename($_FILES['image']['name']);
echo $target;
$image = $_FILES['image']['name'];
$sql="insert into News2(image_News2)
values($image)";
$res=mysqli_query($con,$sql);
copy($_FILES['tmp_name']['name'],$target,true);
What this code actually do is only inserting the image into the database not copying the image into the images folder.
What i searched for and found :
You shouldn't specify a http:// URL as $uploaddir but a path relative to the path where the php script is running from.
So i what i really wanted to do is :
1- Copying the image into image folder directory on website.
2- Linking the copied image to the database.
you're missing the name ïmage"
not:
copy($_FILES['tmp_name']['name'],$target,true);
but:
move_uploaded_file($_FILES['image']['tmp_name'], $target);
And maybe you should try the move first, before inserting it in the database, should that action fail (or filesize = 0) etc.
do check on both the file actions and the db actions, should they fail: rollback
extra:
is only 1 column present in your database table?
is it wise to use the uploaded file's name? Duplicates can happen.
I would after checking the file insert the original name into the database. Get the autoincrement id of that record. rename the file to ./1234.jpg
through the database you can then later use the original name. But this numbering might go too var for a simple application
PHP Code :
if (isset($_FILES['image']['name']) && $_FILES['image']['error']
== 0) {
$uploads_dir = '/uploads';
$temp_file = $_FILES['image']['tmp_name'];
$name = basename($_FILES["image"]["name"]);
if(move_uploaded_file($temp_file, "$uploads_dir/$name")){
//Fire Insert Query For Insert image name in your database
}
else
{
echo "Error !! , Your image not uploaded.";
}
}
?>
as per your given data you must close Form tag then give form action ="" attribute to specify url . and if your oprating system is linux then check folder permission in set or not , also check your database table if field name is set unique or not ?
then write below code in given url file
am saving file after upload it as 19.jpg at folder called uploads
am trying to get the original file name only the name before save the file with different name
here is the code.
any help would be great.
<?php
$file_path = "uploads/";
$file_path=$file_path.basename($_FILES['uploaded_file']['name']);
if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'],"uploads/19.jpg")){
echo "success";
}else{
echo "fail";
}
?>
I'm not sure if this is what you're looking for (since your question isn't very clear), but try this:
$original_file_name = $_FILES['uploaded_file']['name'];
If you want to save the file with the unique filename every time, you can do this:
move_uploaded_file($_FILES['uploaded_file']['tmp_name'],"uploads/$original_file_name")
Hope this helps!
Good morning guys. I have created two php files that successfully upload files to my server. One file is the visual part for my website called upload.php and the other is the upload file part called upload_file.php.
the code to upload my files is
move_uploaded_file($_FILES['file']['tmp_name'],"./medetrax_backup/{$_FILES['file']['name']}");
This works perfectly however it lets me upload any file type. So since I want to only allow zipped folders i tried this if statement.
if($type=="application/zip" ){
move_uploaded_file($_FILES['file']['tmp_name'],"./medetrax_backup/{$_FILES['file']['name']}");
echo "<div id='mes'> File upload complete</div>";}
else{
echo "<div id='mes'>This file type cannot be uploaded. Only zip folders with the naming convention INITIAL.DATE.TIME are accepted</div>";
}
where $type=$_FILES['file']['type'];
But now it doesnt let me upload any files not even zipped ones. So what do i need to put in my if statement to only allow zipped folders to be upload? And if your really good guys what do i need to put in my if statement to allow only zipped foleders with the naming convention of USERINITIAL.DATE.TIME or USERINITIAL/DATE/TIME or can this not be done?
You can use this solution
$fileName = strtolower($fileName);
$allowedExts = array('zip');
$extension = explode(".", $fileName);
$extension = end($extension);
if(in_array($extension, $allowedExts))
{
//move file to custom folder
}
IMPORTANT *
Never not use from mime time for identification file type,because it bypass with tamper data.
Best way:
Move your all uploaded file into out of public_html,and Always rename file name,when you want upload this.
And so,save uploaded file name into database,and read file from one php file,for example:
read.php?id=5
in your read.php file,you should get id number and search on database for it,then,return file name from db and download or read this file with read.php file.
Due to some discussion on this thread, heres a little bonus info.
Generally speaking, it's really, really hard to determine if a file is actually the kind of file we want. You can check the mime type, which can be modified by the client. You can check the file extension, which can also be modified by the client- Vice versa.
You can even check the first few lines of a file, which typically contains some sort of header, explaining what kind of file we'r handling. But still then, the file might be modified by some evil genius making the executing program buffer overflow or exploits some library used, to open/view/taste/throw the file.
Lets check both file extension and mime.
First, the extension.
$extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
$isZipExtension = ( $extension == "zip" ? true : false );
On your "$_FILES" array, you have a index called "Type".
Now, you would like to restrict the upload to only accept Zip files.
Theres a few types defining a potential zip file. So lets create an array.
$zipTypes = array('application/zip', 'application/x-zip-compressed',
'multipart/x-zip', 'application/x-compressed');
Now, lets check if the type uploaded, is part of the array.
$isZipFile = in_array( $_FILES['file']["type"], $zipTypes );
If, the file is in the array, do your upload process.
if( $isZipFile && $isZipExtension) {
move_uploaded_file($_FILES['file']['tmp_name'],"./medetrax_backup/{$_FILES['file']['name']}");
echo "<div id='mes'> File upload complete</div>";
} else {
echo "<div id='mes'>This file type cannot be uploaded. Only zip folders with the naming convention INITIAL.DATE.TIME are accepted</div>";
}
All together
$zipTypes = array('application/zip', 'application/x-zip-compressed',
'multipart/x-zip', 'application/x-compressed');
$extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
$isZipExtension = ( $extension == "zip" ? true : false );
$isZipFile = in_array( $_FILES['file']["type"], $zipTypes );
if( $isZipFile && $isZipExtension) {
move_uploaded_file($_FILES['file']['tmp_name'],"./medetrax_backup/{$_FILES['file']['name']}");
echo "<div id='mes'> File upload complete</div>";
} else {
echo "<div id='mes'>This file type cannot be uploaded. Only zip folders with the naming convention INITIAL.DATE.TIME are accepted</div>";
}
Hope it helps.
Ironically, you should never use the type key to check the type of file being uploaded. That's because the value of that key is set by the client and can be trivially spoofed.
What you should be doing instead is checking the file extension (which at least makes sure that no well-configured program on your server will treat the upload in an unexpected manner):
$ext = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
$allowed = ['zip'];
if (in_array($ext, $allowed)) {
// process the file
}
I am uploading a file using PHP to a folder in my directory and am unable to rename it using the following code
$da = date("dmY");
$ja = $uid.$da;
$mukesh = $app.$ja;
// If no errors, upload the image, else, output the errors
if($err == '') {
if(move_uploaded_file($_FILES['userfile'][$mukesh], $uploadpath));
Here's PHP's official document about how to handle uploads: http://www.php.net/manual/en/features.file-upload.post-method.php
The method move_uploaded_file() requires two parameters, a filename of the temp file, and a new location.
$tmp = $_FILES['userfile']['tmp_name']; // temp path
move_uploaded_file($tmp, $uploadpath . '/' . $mukesh);
You will need to name your input element userfile.
<input type="file" name="userfile" />
Based on code snippet provided, you can do following
move_uploaded_file ($_FILES["userfile"]["tmp_name"], $uploadpath);
When you upload a file, files will be store in upload location specified in php.ini using a temporary name. This file location with name can be accessed by $_FILES["userfile"]["tmp_name"]
Lets say you upload an image.if no error then
$uploads_dir = 'as per you defined';
$tmp_name = $_FILES["userfile"]["tmp_name"];
$name = 'custom_file_name.png';//$_FILES["userfile"]["name"];
move_uploaded_file($tmp_name, $uploads_dir."/".$name);
You are renaming the temp name of file ...
When you want to rename the change the name with which you want to store the file
$filename = time().$_FILES['userfile']['name'];
$upload_path = 'path_to_ur_upload_folder'.$filename;
move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path );
first param in move_upload_file is temporary name that will be used by stream while copying an d uploading .. the second parameter is path where your file will be saved (along with file name).. it is the second parameter which will help you in renaming of file which is being uploaded
I have a problem with saving PDF files to folders on my server. The code worked at one time and now it doesn't. What I want it to do is to check if someone is trying to upload a PDF when a form is submitted, and if there is a PDF in the file field it uploads it and then saves the path to the mysql database. Code is below:
if (!empty($_FILES['pdf'])){
$idir = "../files/PDF/"; //my directory file is supposed to be saved in
$randomd=rand(0000000,9999999); //creates a random number as filename
$domain = "http://".$_SERVER['HTTP_HOST'];
$file_ext = strrchr($_FILES['pdf']['name'], '.'); grabs file extension. my code checked if the file was a pdf a different way and neither seems to work.
$destination=$randomd.$file_ext; //new filename
if ($file_ext=='pdf') {
move_uploaded_file($_FILES['pdf']['tmp_name'], "$idir" . $destination);
$pdf= $domain."/files/PDF/".$destination; } else { echo("File type not supported.");
mysql_query("UPDATE tbl_listings SET pdf='$pdf' WHERE listing_id='$lid'");
}
The if not empty does not work and it always tries to upload a file, but when I check the folder nothing is in there and it doesnt update the mysql.
$_FILES['pdf'] will never be empty(when the form has been submitted), no matter if a file has been selected or not, it will always return an array.
Check $_FILES['pdf']['error'] , it will be 4 when no file has been uploaded.