Rename image before upload - php

I've made a plug-in for WordPress.
With this plug-in the admin can upload an image.
The problem is when i upload an image with space in it's name it don't show in the GUI.
I think the best way to fix this is to change the name from the image before uploading it.
This is the code in the admin page:
if (isset($post_array['add'])) {
// Save images
$tmp = explode(".", $afbeelding["name"]);
$time = time();
$name = $time . '.' . end($tmp);
$_FILES['afbeelding']['name'] = $name;
$check = getimagesize($_FILES["afbeelding"]["tmp_name"]);
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "Dit is geen afbeelding.";
$uploadOk = 0;
}
// Upload afbeelding
$projecten->upload($_FILES['afbeelding']);
// Save project
$result = $projecten->save($post_array);
if ($result) {
// Save was succesfull
$add = TRUE;
} else {
// Indicate error
$error = TRUE;
}
And this is the function for the image upload:
public function upload($afbeelding) {
$target_dir = IVS_CANVAS_PLUGIN_INCLUDES_UPLOAD_IMGS_DIR;
// $target_file = $target_dir . basename($afbeelding["name"]);
$target_file = $target_dir . $name;
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, deze afbeelding bestaat al.";
$uploadOk = null;
}
// Check file size
if ($afbeelding["fileToUpload"]["size"] > 500000) {
echo "Sorry, je afbeelding is te groot.";
$uploadOk = null;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
echo "Sorry, alleen JPG, JPEG, PNG & GIF files zijn toegestaan.";
$uploadOk = null;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == null) {
echo "Sorry, je afbeelding is niet geüpload.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($afbeelding["tmp_name"], $target_file)) {
echo "De afbeelding " . basename($afbeelding["name"]) . " is geüpload.";
} else {
echo "Sorry, er ging iets fout tijdens het uploaden.";
}
}
return $uploadOk;
}
this is the save function:
public function save($input_array) {
global $wpdb;
// Insert query
$wpdb->query($wpdb->prepare("INSERT INTO `" . $wpdb->prefix . "ivs_canvas_tabel`
( `naam`, `level`, `beschrijving`, `afbeelding`, `status`)" .
" VALUES ( '%s', '%s', '%s', '%s', '%s');", $input_array['naam'], $input_array['level'], $input_array['beschrijving'], $_FILES['afbeelding']['name'], $input_array['status']));
// Error ? It's in there:
if (!empty($wpdb->last_error)) {
$this->last_error = $wpdb->last_error;
return FALSE;
}
return TRUE;
}
I have been messing with this for a few days now but can't figure it out.
I hope someone can help me!

The solution is in this line of code:
if (move_uploaded_file($afbeelding["tmp_name"], $target_file)) {
The Variable $target_file is the destination where your file should be uplaoded to. As you can see, its defined by the folowing line in your code:
$target_file = $target_dir . basename($afbeelding["name"]);
All you have to do is to adapt this line. What I like to do is using the timestamp for the image name.
$tmp = explode(".", $afbeelding["name"]);
$time = time();
$name = $time . '.' . end($tmp);
$target_file = $target_dir . $name;

Related

Updating Mysqli database with all file names from the upload form

I found this code and it all works file uploads to the correct folder that is fine.
image - is main image that works it inserts one image name into the database field.
but when i try to insert all the names of the files uploaded in images field it only inserts the last file name.
$imageDirectory = "img/cars/" . $resultget->id . "";
$newDirName = generateRandomString(10);
$targetDir = $imageDirectory."/";
if (!file_exists($targetDir)) {
mkdir($targetDir, 0777, true);
} else {
$targetDir = $imageDirectory."/";
}
// Count total files
$fileCount = count($_FILES['the_file']['name']);
// Iterate through the files
for($i = 0; $i < $fileCount; $i++){
$target_dir = $imageDirectory."/";
$target_file = $target_dir . basename($_FILES["the_file"]["name"][$i]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
$check = getimagesize($_FILES["the_file"]["tmp_name"][$i]);
if($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
$errorTxt = "File is not an image.";
$uploadOk = 0;
}
// Check if file already exists
if (file_exists($target_file)) {
$errorTxt = "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
// if ($_FILES["new_young"]["size"] > 500000) {
// $errorTxt = "Sorry, your file is too large.";
// $uploadOk = 0;
// }
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
$errorTxt = "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
$temp = explode(".", $_FILES["the_file"]["name"][$i]);
$newfilename = str_replace( '.', '', strval( microtime( true ) ) ) . '.' . end( $temp );
$target_file = $target_dir . $newfilename;
if (file_exists($target_file)) {
$errorTxt = "Sorry, file already exists.";
$uploadOk = 0;
}
if ($uploadOk == 0) {
// if everything is ok, try to upload file
echo $errorTxt;
} else {
if (move_uploaded_file($_FILES["the_file"]["tmp_name"][$i], $target_file )) {
$checking = $resultget->images;
$checkimage = $resultget->image;
if(empty($checkimage)) {
$sqlimage = "UPDATE individual_cars SET image = '$newfilename' WHERE id = '$image_id'";
mysqli_query($mysqli, $sqlimage) or die(mysqli_error($mysqli));
}
foreach (array($newfilename) as $filename) {
if(empty($checking)) {
echo implode(',', $filename);
$sqlimage = "UPDATE individual_cars SET images = '" . implode(',', $filename) . "' WHERE id = '" . $resultget->id . "'";
mysqli_query($mysqli, $sqlimage) or die(mysqli_error($mysqli));
} else {
echo implode(',', $filename);
$sqlimage = "UPDATE individual_cars SET images = '," . implode(',', $filename) . "' WHERE id = '" . $resultget->id . "'";
mysqli_query($mysqli, $sqlimage) or die(mysqli_error($mysqli));
}
}
} else {
$errorTxt = "Sorry, there was an error uploading your file.";
}
}
}
Im checking images if empty because if a file name is already in that field i want it to continue so like this
example: 12345.png is already in there so if its not empty i want 12345.png, 54321.png and so on.
but its only inserting the last image name
sorry this is my first time posting.

My admin panel table can't find my image and upload it from the "uploads" folder

if (isset($_POST['save'])){ //pārbauda vai ir nospiesta save poga
$bilde = $_POST['bilde'];
$valsts = $_POST['valsts'];
$teksts = $_POST['teksts'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
$_SESSION['message'] = "File is not an image!"; //iestata sesijas ziņojumu, ja dati tiek saglabāti
$_SESSION['danger'] = "danger";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
$_SESSION['message'] = "Bilde ar tādu nosaukumu jau pastāv!"; //iestata sesijas ziņojumu, ja dati tiek saglabāti
$_SESSION['msg_type'] = "warning";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) {
$_SESSION['message'] = "Tikai JPG, JPEG, PNG un GIF faili ir atļauti!"; //iestata sesijas ziņojumu, ja dati tiek saglabāti
$_SESSION['msg_type'] = "danger";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$_SESSION['msg_type'] = "danger";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
$mysqli->query("INSERT INTO carteri (bilde, valsts, teksts) VALUES('$bilde', '$valsts', '$teksts')") or //ievada datus datubāzē
die($mysqli->error);
$_SESSION['message'] = "Ieraksts tikas saglabāts!"; //iestata sesijas ziņojumu, ja dati tiek saglabāti
$_SESSION['msg_type'] = "success";
} else {
$_SESSION['message'] = "Diemžēl, augšuplādējot failu, radās kļūda.";
$_SESSION['msg_type'] = "danger";
}
}
this is what I'm using to display the image on my admin panel -
<td><?php echo '<img src="uploads/'.$row['bilde'].'" width="100" height="100">'; ?></td> And it can't find and display my image which is a bummer, so my question is how do I display Images from my "uploads" folder, its such an odd error
Thanks for the help!

Image Uploading and Signup Code

Here is my code for image upload and inserting data into a Database, but it is not working properly, and also not showing any errors.
<?php
if(isset($_Post['submitbtn']))
{
$target_dir = "Resources/images/users/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
if (file_exists($target_file))
{
echo "Sorry, file already exists.";
$uploadOk = 0;
}
if (file_exists($target_file))
{
echo "Sorry, file already exists.";
$uploadOk = 0;
}
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" )
{
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
if ($uploadOk == 0)
{
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
}
else
{
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file))
{
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
}
else
{
echo "Sorry, there was an error uploading your file.";
}
}
$qur = "insert into users values ('"+$_Post['Id']+"','"+$_Post['firstname']+"','"+$_Post['lastname']+"','"+$_Post['email']+"','"+$_Post['Password']+"','"+'shopkeeper'+"','"+$target_file+"')";
if(mysqli_query($con,$qur))
{
echo "Data Saved";
}
else
{
die("Connection failed: " . mysqli_error());
}
}
?>

Multiple rows inserted when using INSERT statement in PHP

I need to upload 3 details which are: Description, Number, and Image
The query does succeed, however I am having 2 different rows instead of a single row.
Please refer to the image:
For some reason the first row is skipping the ../uploads/ path, and applied on the bottom row as shown above.
Kindly find my PHP code, maybe there's something which I'm missing out.
<?php
$prov = json_decode(file_get_contents("php://input"));
require_once("connection.php");
$connection = connectToMySQL();
$proverbDescription = $prov->proverbDescription;
$proverbNumber = $prov->proverbNumber;
$imgPath = $prov->imgPath;
$target_dir = "../uploads/";
$target_file = $target_dir . basename($_FILES["imgPath"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["imgPath"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["imgPath"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["imgPath"]["tmp_name"], $target_file)) {
echo "The file ". basename( $_FILES["imgPath"]["name"]). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
echo($proverbDescription);
echo($proverbNumber);
echo($imgPath);
$query = "INSERT INTO tbl_proverb (proverbDescription, proverbNumber, imgPath) VALUES ('$proverbDescription', '$proverbNumber', '$target_file')";
$result = mysqli_query($connection, $query)
or die("Error in query: ". mysqli_error($connection));
if(mysqli_affected_rows($connection) > 0){
$success = true;
}else{
$success = false;
}
?>
Thanks and Regards,
Hurka

How to allow certain extension types in PHP?

I have 3 file inputs that I've been trying to secure, but I haven't had success.
I need these file inputs to only take jpeg, jpg, png, and gif. I know the mime type is not reliable to use, therefore, I would like to no longer use it. And if there is a cleaner or faster way to do this in PHP procedure way than IF statements, would be better.
HTML code
<input type="file" name="index_desl_Cfile1" class="upload-image" />
<input type="file" name="index_desl_Cfile2" class="upload-image" />
<input type="file" name="index_desl_Cfile3" class="upload-image" />
PHP code
$target_dir = "../site_images/";
$index_deslC1 = $target_dir . basename($_FILES["index_desl_Cfile1"]["name"]);
$index_deslC2 = $target_dir . basename($_FILES["index_desl_Cfile2"]["name"]);
$index_deslC3 = $target_dir . basename($_FILES["index_desl_Cfile3"]["name"]);
// Check if file already exists
$src1 = 'http://localhost//397/admin/site_images/'.$index_deslC1;
$src2 = 'http://localhost/397/admin/site_images/'.$index_deslC2;
$src3 = 'http://localhost/397/admin/site_images/'.$index_deslC3;
if (#getimagesize($src1)) {
echo "Sorry, file already exists 1. ";
$uploadOk = 0;
}
else if (#getimagesize($src2)) {
echo "Sorry, file already exists 2. ";
$uploadOk = 0;
}
else if (#getimagesize($src3)) {
echo "Sorry, file already exists 3. ";
$uploadOk = 0;
}
$imageFileTypeC1 = $_FILES["index_desl_Cfile1"]["type"];
$imageFileTypeC2 = $_FILES["index_desl_Cfile2"]["type"];
$imageFileTypeC3 = $_FILES["index_desl_Cfile3"]["type"];
$allowed_types = array('image/jpg','image/png','image/jpeg','image/gif');
if (!in_array($imageFileTypeC1, $allowed_types)) {
echo "ILLEGAL FILE TYPE 1";
$uploadOk = 0;
}
else if (!in_array($imageFileTypeC2, $allowed_types)) {
echo "ILLEGAL FILE TYPE 2";
$uploadOk = 0;
}
else if (!in_array($imageFileTypeC3, $allowed_types)) {
echo "ILLEGAL FILE TYPE 3";
$uploadOk = 0;
}
else {
$uploadOk = 1;
}
if ($uploadOk == 0) {
echo " Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["index_desl_Cfile1"]["tmp_name"], $index_deslC1)) {
echo "The file ". basename( $_FILES["index_desl_Cfile1"]["name"]). " has been uploaded.";
}
else if (move_uploaded_file($_FILES["index_desl_Cfile2"]["tmp_name"], $index_deslC2)) {
echo "The file ". basename( $_FILES["index_desl_Cfile2"]["name"]). " has been uploaded.";
}
else if (move_uploaded_file($_FILES["index_desl_Cfile3"]["tmp_name"], $index_deslC3)) {
echo "The file ". basename( $_FILES["index_desl_Cfile3"]["name"]). " has been uploaded.";
}
It will have more than 3 file inputs.
I finally figured it out. Instead of using the if statements where I check the file types, I used the switch statement and it worked like a charm!
Here is all the code...
$target_dir = "../site_images/";
$index_deslC1 = $target_dir . basename($_FILES["index_desl_Cfile1"]["name"]);
$index_deslC2 = $target_dir . basename($_FILES["index_desl_Cfile2"]["name"]);
$index_deslC3 = $target_dir . basename($_FILES["index_desl_Cfile3"]["name"]);
// Check if file already exists
$src1 = 'http://localhost//397/admin/site_images/'.$index_deslC1;
$src2 = 'http://localhost/397/admin/site_images/'.$index_deslC2;
$src3 = 'http://localhost/397/admin/site_images/'.$index_deslC3;
if (#getimagesize($src1)) {
echo "Sorry, file already exists 1. ";
$uploadOk = 0;
}
else if (#getimagesize($src2)) {
echo "Sorry, file already exists 2. ";
$uploadOk = 0;
}
else if (#getimagesize($src3)) {
echo "Sorry, file already exists 3. ";
$uploadOk = 0;
}
$imageFileTypeC1 = $_FILES["index_desl_Cfile1"]["type"];
$imageFileTypeC2 = $_FILES["index_desl_Cfile2"]["type"];
$imageFileTypeC3 = $_FILES["index_desl_Cfile3"]["type"];
$allowed_types = array('image/jpg','image/png','image/jpeg','image/gif');
switch ($allowed_types) {
case in_array($imageFileTypeC1, $allowed_types):
echo "GOOD 1!";
$uploadOk = 1;
break;
case in_array($imageFileTypeC2, $allowed_types):
echo "GOOD 2!";
$uploadOk = 1;
break;
default:
echo "ILLEGAL FILE TYPE";
$uploadOk = 0;
}
if ($uploadOk == 0) {
echo " Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["index_desl_Cfile1"]["tmp_name"], $index_deslC1)) {
echo "The file ". basename( $_FILES["index_desl_Cfile1"]["name"]). " has been uploaded.";
}
else if (move_uploaded_file($_FILES["index_desl_Cfile2"]["tmp_name"], $index_deslC2)) {
echo "The file ". basename( $_FILES["index_desl_Cfile2"]["name"]). " has been uploaded.";
}
else if (move_uploaded_file($_FILES["index_desl_Cfile3"]["tmp_name"], $index_deslC3)) {
echo "The file ". basename( $_FILES["index_desl_Cfile3"]["name"]). " has been uploaded.";
}

Categories