I've been trying to solve this problem for days without success.
I am using blueimp Jquery File Upload and everything works fine but I need to save my pictures in different folders depending on a parameter send by url like /index.php?customer=160
<input type="hidden" name="customer" value="<?php print $_GET["id_cliente"];?>">
I created the hidden field in the form and got it in the uploadhanndler.php.
/files/'.$_POST['customer'].'
, here everything goes ok, the file is saved on the folder I wanted, but the next time I open the window /index.php?customer=160, the files listed are the files/ folder not the files/160/ folder or the number I want to list.
I realized I could use the PHP user directories, and the files are beeing saved in a folder like this 6afa0f7338b14aeed39eb7656f364b4e that comes from the session_id(), I tried then to change the session_id() with the number of the folder I want this way at the begining of the /index.php?customer=160
session_start();
session_id($_GET['customer']);
but the files are still beeing saved in folder 6afa0f7338b14aeed39eb7656f364b4e, and when I print the session_id() is 160.
PHP user directories is a good method to achieve what I want? what I am doing wrong?
Thanks in advance and excuse my poor english.
The code below will show you how to save a session ID called customer_id and then use it as a folder name. Please let me know if you need any more help.
// start (or restart) the session
session_start();
// set the customer id session var
$_SESSION['customer_id'] = // set this variable something that you've retrieved from the DB
// create a folder if it doesn't already exist
$dir = '/httpdocs/mySite/customers/' . $_SESSION['customer_id'];
if (!file_exists($dir)) {
mkdir($dir, 0777, true);
}
even it has been a while since a last answer has been given to this question, I'd like to give a small update on that issue. Since version 5.17 of the jquery-file-upload library ther is a support for user-directories.
Within the UploadHandler.php you will find the option 'user_dirs' => false. Just set it to 'true' and you will have user-directories based on session-id.
If you want to have your own user-directories not based on session-ids, but e.g. based on user-id (your own defined Session key) you can proceed in the following way:
within the index.php file (as stated in the Demo of the jquery-file-upload library) you place following
right after "require('UploadHandler.php');"
class CustomUploadHandler extends UploadHandler {
protected function get_user_id() {
#session_start();
return $_SESSION[*<your own user id session key>*];
}
}
followed by:
$upload_handler = new CustomUploadHandler(array(
'user_dirs' => true
));
...and thats it...now you have your own user-directories for your uploaded files
Related
I am using RsForm pro on Joomla 3.5. I am working on a form where I submit the data to an API.
RsForm has it's own syntax for posting data. For example:
If I have a text field called requester, I post data using following syntax:
$_POST['form']['requester']
For a drop-down with time values, its:
$_POST['form']['time']['0']
Similarly, I need to post an attachment. But I do not find the syntax to do so on RsForm documentation nor am I able to post a question there since my colleague who owns the credentials to login to RsForm site is on holiday. Hence I post the question here.
Also, it looks like after upload the file is renamed. I would like to add a piece of PHP code which can rename the file and I can store the file name in a variable which I can use in the call to the API.
Any help here would be appreciated, since I need to finish the form as soon as possible.
Thanks,
Pooja
After doing a complete research on this I came up with the following
While creating an attachment you will get an Attributes Tab. To generate a prefix dynamically you can specify the code in between the //<code> and //</code>
For example
//<code>
return $_POST['form']['name_field'];
//</code>
Check this snapshot
If you want to keep the same file name without any prefix than simply do this
//<code>
return '';
//</code>
These files can than be easily linked the way you have said in the comments. For more details you can check this link https://www.rsjoomla.com/support/documentation/rsform-pro/form-fields/file-upload.html
EDIT:
To get the absolute path to your attachments you can use this
$path = JPATH_BASE .'/components/com_rsform/uploads/';
$uploadfile = $path . $_POST['form']['attachment'] ;
I would like to create a function that will create a directory to store photos in the file system. Suppose there is a directory called "albums" in the root directory. There is a form on the page that allows the user to create a new album, which will create a subdirectory under "albums".
Also I want the ability to have nested photo albums. When creating a new album, the admin can provide the album name with the forward slash (/) separators to recursively create this folder structure.
I am using directories because I want the ability to manage the photo albums via direct FTP access to the server for dealing with massive photo albums. Each photo directory can have an optional album.properties file to have any meta data associated with the album itself (such as a thumbnail to use for the album).
if (!is_admin()) die();
$album_name = $_GET['album_name'];
if ($album_name) {
$directory = "/albums/" . $album_name;
// TODO: How can I validate $album_name?
if (file_exists($directory)) {
echo "Album already exists, please choose a different name.";
} else if (mkdir($album_name), 0777, true) { // Recursive is true
echo "Album successfully created.";
} else {
// TODO: Is there a way to output a more detailed explanation?
echo "The album could not be created.";
}
}
See the TODO markers in the PHP code. Also if you have any advice regarding my approach so far, that would be useful.
Note that it was only recently that I decided to use directories and property files instead of database tables to store meta data associated with the albums/photos because I only recently found out that the client wished to use FTP.
I will still need to have database tables, though, to allow the admin to assign privileges to already existing albums. For example, the admin can share a particular album with the public or other non-admin users. The /albums directory will not be directly accessible, instead another .php will allow download of photos or read meta data, but only to permissioned users.
Edit:
Adding more clarification on what I want:
To validate that the $album_name is a valid directory name, if it is not valid I want to output an error message. Also I would like to explain to the user how to choose a valid directory name.
I want to output a more detailed message if mkdir fails, to tell the user what he/she can do to correct the problem.
You can use a regex or just check to see if the mkdir was successful.
See the answers on this questions for reference:
Check a string for a valid directory name
Edit 1:
To check if the mkdir function will succeed you can first use php functions such as is_writable to check if you have permission to write in that location. If not you can let your user know (but if thats the case you should probably be considering why they are trying to write somewhere they dont have permission). Otherwise if the mk_dir function fails you will be able to log the failure and check the issue later. Other than that you probably shouldnt tell the user much without first investigating the problem
I'm a bit confused by how to get the region name and cannot find any documentation on it.
I have the database installed wich it 'GeoIP.dat' and 'geoip.inc' in this directory '...IP GeoLite\GeoLite' and i also have a php page for the test \IP GeoLite\find.php
the code inside the 'find.php' page is it didn't work :
<?php
/* Instead of having to determine the country of the client every time they visit the site we are going to set
a cookie so that any other script in PHP or Javascript can use the region information.
The user is also given a menu option to change the region and reset the cookie to a new value.
Likewise, if it already exists we don't want to change it.
We start off by checking that the cookie called Region exists.
If it does, the job is nearly done and we simply set the $Region variable so that we can refresh
the cookie at the end of the program by recreating it. */
if(isset($_COOKIE['Region']))
{
$Region = $_COOKIE['Region'];
}
else
/* Only if the cookie isn't set do we do the actions in the else part of the if,
so this makes the whole thing efficient.
To make use of the GeoLite code we have to load the include file: */
{
$GeoPath= 'GeoLite/';
include($GeoPath.'geoip.inc');
}
$countrydata = GeoIP_region_name_by_code(gir->country_code, gir->region) ;
echo $countrydata ;
?>
You must open the Geo IP binary data file first
// Open Geo IP binary data file
$geoIp = geoip_open($GeoPath.'GeoIP.dat',GEOIP_STANDARD);
Look at this documentation http://www.maxmind.com/download/geoip/api/php.old/README
Introduction :
I have this path in my CakePHP : app/webroot/storage/5/C/_demo/omar.txt , this one will be redirected to http://localhost/storage/5/C/_demo/omar.txt
My problem :
I want this path http://localhost/storage/5/C/_demo/omar.txt to be something like this http://localhost/storage/uehKDj44/C/_demo/omar.txt , where uehKDj44 is number 5 , the reason why I'm doing like that is I don't want anyone to change number 5 to any number so they can't access otherwise they login first , let's say if 5 belongs to a user will be open , but if not won't be open , is there any better way to secure it better than that ?
Thanks
Storing restricted data as plain files inside of the htdocs folder (or webroot for CakePHP), where they can be requested without further authorization is always a risky business and should be avoided.
I cannot determine what kind of data you store in the .txt file, but I assume it is not fetched from the database and then saved. My understanding is that the link to the file is displayed to a logged in (authorized) user.
Proposal of a more secure solution:
Move the files outside of the webroot folder and create a constant with the absolute path to that folder (USERDATA_PATH). Remember to set read permission for web server user (www-data for Apache)
Create a model, e.g. UserData with an underlying database table storing a relation between a user and a magic hash (e.g. 1 => 'uehKDj44', 2 => 'ds83skf' etc.). You can also store file names to make it a bit less complicated.
Create a controller UserDataController with an action serveFile which will take the secret key as a parameter, match it with the file and output the file to the user.
public function serveFile($hash= null) {
try
{
$data = $this->UserData->findByHash($hash);
if (!$data) {
throw new Exception('No match found');
}
// Load the data from file
$this->set('output', file_get_contents(USERDATA_PATH.DS.$data['UserData']['filename']));
}
catch (Exception $ex)
{
// No match found - display error message / log
}
}
Then in view:
header('Content-type: text/plain');
echo $output;
This should do the trick.
So how can I pass a variable into a script that is not connected with symfony?
For example, I have variable $a, which I render in template a.html.php
How can I use this $a in some example.php script?
More close: I wanna make image uploading with TinyMCE image manager; but each user should have their own directory (which corresponds to user id). So I should pass variable user_id to config.php file of image manager.
So this directory depends on the user's session! How can I make different dirs to upload images for each user? Or can you advise me how to deal with this problem?
Maybe to use another text editor? Which one can I connect with symfony or to use different directories for different users?
You can store information in the session if you want to share it with other scripts. Make a var_dump($_SESSION) in example.php to see what you already have.
$formPath = 'nameBundle:name:name.html.twig';
$session = $controler->getRequest()->getSession();
$session->set('formPath', $formPath);
$session->set('neededVariables', $neededVariables);
return $controler->redirect($controler->generateUrl('show_result'));
I used this to handle data and read data function
public function showResultAction() {
$session = $this->getRequest()->getSession();
$formPath = $session->get('formPath');
$neededVariables = $session->get('neededVariables');
if ($formPath or $neededVariables)
return $this->render($formPath,$neededVariables); else
throw $this->createNotFoundException('The product does not exist');
}