I have a file with 2 input fields one for file name (user will type) and the second one for choosing file what I want to upload the file to a directory with the name user typed.
down is the code I'm using guys please help me how to change the file name into what user typed.
<?php
$filename = $_POST["file"]
$upload = $_FILES['userfile'];
$target_path = "upload/";
$target_path .= $upload["name"];
$newname = "anything";
if(move_uploaded_file($upload["tmp_name"], $target_path))
{
echo "uploaded successfully";
}
?>
Change $target_path .= $upload["name"]; to something like $target_path .= $filename;.
edit: For the record, I have to say that letting people upload files (and choose the extension) to your web server raises some serious security concerns. I would suggest at least disabling the ability to execute scripts in your target folder.
Related
I am using move_uploaded_file function to save my file into two folders, the folders name are uploads_meeting_document and uploads_filing_file. It just can let me upload my file to this folder name uploads_meeting_document, it can't save to uploads_filing_filefolder. Anyone can guide me which part I have problem in below the coding:
<?php
require_once("../conf/db_conn.php");
// Getting uploaded file
$file = $_FILES["file"];
// Uploading in "uplaods" folder
$pname = date("ymdhi")."-".$_FILES["file"]["name"];
//$title_name = $_FILES["file"]["name"];
$tname = $_FILES["file"]["tmp_name"];
$uploads_dir = 'uploads_meeting_document';
move_uploaded_file($tname, $uploads_dir.'/'.$pname);
$uploads_dir2 = 'uploads_filing_file';
move_uploaded_file($tname, $uploads_dir2.'/'.$pname);
?>
Below is my file path need to save to these folders(red arrow there)
In your example, the second move_uploaded_file does not work, because the file was already moved to /upload_meeting_document
You will need to copy your file from there:
...
$uploads_dir2 = 'uploads_filing_file';
copy($uploads_dir.'/'.$pname, $uploads_dir2.'/'.$pname);
In case this does not work, you may have insufficient permissions for the /uploads_filing_file directory. Chech its owner and permissions.
So I have a form that allows a user to upload files. When they submit the file, I can get the file information such as name and tmp_name, yet the actually upload doesn't work. I don't get any PHP errors either. Below is my code, I think I just need another pair of eyes on it, as it was working a few days ago.
//Get the file name
$target_Dir = "temp/";
$tempName = $_FILES['file']['tmp_name'];
$target_file = $target_Dir . basename($_FILES["file"]["name"]);
$filename = pathinfo($target_file, PATHINFO_FILENAME);
//Get the password
$password = $_POST['password'];
//Store if the user wants the certificate to remain password protected
$passProtect = $_POST['passProtect'];
//upload the file to the server
move_uploaded_file($tempName, $target_file);
I need the file name without the extension for a later point in my code, in case you're wondering why I'm storing the file name without the extension.
I think you just did this mistake
$fileExtension = pathinfo($target_file, PATHINFO_FILENAME);
Try using this insted of that Code then only you will get the file name not the extention.
I had an unlink() further down in my script for some reason that I can't remember. It deleted the file that the user would upload right away.
Thanks for the extra set of eyes guys.
I am working with adding a file upload system to my website and I cannot seem to get the file links to match up with the file name that is generated. I am adding a time function onto the front of the file name to make it unique (it generates a number based on the time). It does do this, but for some reason, that unique name is not saved in the database. Could someone help me figure this out?
//This is the directory where images will be saved
$target = "files/";
$target = $target. time(). basename( $_FILES['photo']['name']);
echo $target;
//postThis gets all the other information from the form
$tfid=$_POST['tfid'];
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$hca=$_POST['hca'];
$file=($_FILES['photo']['name']);
//Writes the information to the pic table
mysql_query("INSERT INTO pic
(tfid, file)
VALUES ('$tfid', '$file')")
or die(mysql_error());
ECHO "<strong>pic table has been saved.<br></strong>";
//Writes the photo to the server
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target))
{
//Tells you if its all ok
echo "<strong>The file has been uploaded</strong>";
}
else {
//Gives an error if its not
echo "<strong>Sorry, there was a problem uploading your file.</strong>";
}
echo '<br>';
require 'insertbuttons.php';
I see what was going on now. Sorry about the comments. You'll want to save the $target variable in your database. The posted variables won't match the target. So, where you have $file in your SQL statement, you'll probably want $target instead. That should give you the name of the file, but without the extension it looks like.
I have a destination variable where when I upload a file then it goes to this destination:
<?php
// Edit upload location here
$destination_path = getcwd().DIRECTORY_SEPARATOR;
$result = 0;
$target_path = $destination_path . basename( $_FILES['fileImage']['name']);
if(#move_uploaded_file($_FILES['fileImage']['tmp_name'], $target_path)) {
$result = 1;
}
sleep(1);
?>
What I want to know is how do I edit the upload destination? Lets say I want the files to upload to the destination to go to portal.hud.ac.uk/Upload_App/Files/ then how do I change this?
Just change $destination_path to whatever you want. The way it is now (getcwd().DIRECTORY_SEPARATOR), it will save to the current working folder (which unless changed is the folder containing the script). This is very unsafe because I could just upload a file called index.php and anyone visiting your site would run whatever malicious code I would choose to insert.
Much safer would be to save it outside the webroot, where it can't be accessed directly via HTTP. Example:
$destination_path = $_SERVER['DOCUMENT_ROOT']."/../uploads/";
This will save to a folder called uploads found in the folder that contains the web root (probably public_html).
I need to resize an uploaded image.
The class that resizes needs to get the location of the image to be worked with.
It returns the image in a variable.
However, when I try to get the path to the image, I get from $_FILES['profile_upload']['tmp_name'] the following: C:\xampp\tmp\php1C5.tmp
I don't get the actual file, even though the tmp folder contains it!
How can I get the actual filename? Another question - for how long are the files stored in tmp, and when do they get deleted?
By the way, does the Zend Framework have a good image manipulation interface?
You should complete the whole file upload setup with something similar and then the variable $_FILES['uploadedfile']['name'] will also contain the original file name:
$target_path = "uploads/";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
To address your second point: Files are stored until the script they were uploaded to finishes.