Asked  7 Months ago    Answers:  5   Viewed   51 times

Below is the code I used in order to upload files into a directory. It works fine. My main question is:

move_uploaded_file() is the one that saves the uploaded file into the directory, and it is also my guess that move_uploaded_file() is the one that sets the name for it.

How could I change the name of my file to a random number?

I have tried to do so below:

$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);
if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/jpg") || ($_FILES["file"]["type"] == "image/pjpeg") || ($_FILES["file"]["type"] == "image/x-png") || ($_FILES["file"]["type"] == "image/png")) && ($_FILES["file"]["size"] < 100000) && in_array($extension, $allowedExts)) {
    if ($_FILES["file"]["error"] > 0) {
        echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
    } else {

        $fileName = $temp[0] . "." . $temp[1];
        $temp[0] = rand(0, 3000); //Set to random number
        $fileName;

        if (file_exists("../img/imageDirectory/" . $_FILES["file"]["name"])) {
            echo $_FILES["file"]["name"] . " already exists. ";
        } else {
            move_uploaded_file($_FILES["file"]["tmp_name"], "../img/imageDirectory/" . $_FILES["file"]["name"]);
            echo "Stored in: " . "../img/imageDirectory/" . $_FILES["file"]["name"];
        }
    }
} else {
    echo "Invalid file";
}

I tried changing variables such as the $_FILES["file"]["name"] and replacing it with the $fileName; variable so that the new name can be stored.

 Answers

41

You can simply change the name of the file by changing the name of the file in the second parameter of move_uploaded_file.

Instead of

move_uploaded_file($_FILES["file"]["tmp_name"], "../img/imageDirectory/" . $_FILES["file"]["name"]);

Use

$temp = explode(".", $_FILES["file"]["name"]);
$newfilename = round(microtime(true)) . '.' . end($temp);
move_uploaded_file($_FILES["file"]["tmp_name"], "../img/imageDirectory/" . $newfilename);

Changed to reflect your question, will product a random number based on the current time and append the extension from the originally uploaded file.

Tuesday, June 1, 2021
 
SilverHorn
answered 7 Months ago
77

Gee, this was a pretty tuff one. I always make sure when I copy anything from the web to first paste it into a normal texteditor in order to remove all strange/hidden characters, then copy the whatever again and paste it into my dev tool.

As I mentioned somewhere in a comment, I did pwd and copied the text form my virtual server to my osx. But what I didn't think about/know was that strange/hidden characters could follow if I did that from my linux server, hence I didn't make sure to copy everything via texteditor.

I remembered that I had problem quite some time ago when I copied from the web and figured this may be a similar kind of problem. I opened my script in an hex editor. And what did I find... '/var' looked lite this: '/var'. Removing the strange characters fixed the problem.

Thank you all for your comments above. Hope those can help someone else and perhaps it has helped me without even knowing it (since I did a lot of things based on your comments).

Wednesday, March 31, 2021
 
drowneath
answered 9 Months ago
29

You can try something like this:

<?php
$query = "SELECT * FROM payment_form";
$result = mysql_query($query);
if (!$result) {
    die('SQL error');
}
echo "<table>";
while ($row = mysql_fetch_assoc($result)) {
    echo "<tr>";
    echo "<td>{$row['Tracking']}</td>";
    echo "<td>{$row['date']}</td>";
    echo "<td>{$row['ContactNo']}</td>";
    echo "<td>{$row['totalsent']}</td>";
    echo "<td>{$row['datesent']}</td>";
    echo "<td><img src='/uploads/{$row['filename']}'/></td>";
    echo "</tr>";
}
echo "</table>";
?>

first you need to run mysql_query with "SELECT" query, then run a function like mysql_fetch_assoc to get each row and then output the information.

Also, your original code has a SQL injection vulnerability, you have to use mysql_real_escape_string for all values submitted by user, e.g.

$transactionNo=mysql_real_escape_string($transactionNo);
$contactNo=mysql_real_escape_string($contactNo);
$totalSent=mysql_real_escape_string($totalSent);
$dateSent=mysql_real_escape_string($dateSent);
$file_name=mysql_real_escape_string($file_name);

UPD To get specific file by tracking id you can use something like this:

<?php
$Tracking = mysql_real_escape_string($_GET['Tracking']);
$query = "SELECT Tracking,filename FROM payment_form WHERE Tracking = '$Tracking'";
$result = mysql_query($query);
if (!$result) {
    die('SQL error');
}
echo "<table>";
while ($row = mysql_fetch_assoc($result)) {
    echo "<tr>";
    echo "<td>{$row['Tracking']}</td>";
    echo "<td><img src='/uploads/{$row['filename']}'/></td>";
    echo "</tr>";
}
echo "</table>";
?>
Saturday, May 29, 2021
 
superhero
answered 7 Months ago
70

Using find:

find . -maxdepth 1 -type f

Using the -maxdepth 1 option ensures that you only look in the current directory (or, if you replace the . with some path, that directory). If you want a full recursive listing of all files in that and subdirectories, just remove that option.

Saturday, June 12, 2021
 
commonpike
answered 6 Months ago
23

It looks like you are using the rename you get on Ubuntu (it's not the one that's on my ArchLinux box), but there are other ones out there. But, you've presented it oddly. The brackets around -n shouldn't be there and the ; ends the command.

The syntax, if you are using what I think you are, is this:

% rename -n -e PERL_EXPR file1 file2 ...

The Perl expression is the argument to the -e switch, and can be a simple substitution. Note that this expression is a string that you give to -e, so that probably needs to be quoted:

% rename -n -e 's/-d+-pdr2_wide//' *.fits
rename(2185-cutout-HSC-I-9330-pdr2_wide.fits, 2185-cutout-HSC-I.fits)

And, instead of doing this in one step, I'd do it in two:

% rename -n -e 's/-cutout-/-/; s/-d+-pdr2_wide//' *.fits
rename(2185-cutout-HSC-I-9330-pdr2_wide.fits, 2185-HSC-I.fits)

There are other patterns that might make sense. Instead of taking away parts, you can keep parts:

% rename -n -e 's/A(d+).*(HSC-I).*/$1-$2.fits/' *.fits
rename(2185-cutout-HSC-I-9330-pdr2_wide.fits, 2185-HSC-I.fits)

I'd be inclined to use named captures so the next poor slob knows what you are doing:

% rename -n -e 's/A(?<galaxy>d+).*(HSC-I).*/$+{galaxy}-$2.fits/' *.fits
rename(2185-cutout-HSC-I-9330-pdr2_wide.fits, 2185-HSC-I.fits)
Thursday, August 26, 2021
 
LoicTheAztec
answered 4 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :
 
Share