0

So I want to add a random number and a _ on to the begging of the original file name before it pushes to the DB and the assigned folder.

I've been looking around the internet all evening and cant find my solution

Heres my code

This works perfectly to upload my file to the db and folder but if you take a photo on an ios device the file is always named image.jpg 

$images_arr = array();

$target_dir = "uploads/";
$target = $target_dir.$_FILES['photo']['name'];

    //$target = $target . basename( $_FILES['photo']['name']);

    //This gets all the other information from the form
$userId=$_POST['userId'];
$name=$_POST['nameMember'];
$bandMember=$_POST['bandMember'];
$pic=($_FILES['photo']['name']);
$about=$_POST['aboutMember'];


    // Connects to your Database
mysql_connect("", "", "") or die(mysql_error()) ;
mysql_select_db("") or die(mysql_error()) ;

    //Writes the information to the database
mysql_query("INSERT INTO portal_phocagallery (user_id,title,alias,filename,description)
VALUES ('$userId', '$name', '$bandMember', '$pic', '$about')") ;

//Writes the photo to the server
if(move_uploaded_file($_FILES ['photo']['tmp_name'], $target)){

        //Tells you if its all ok
    echo "The file ". $target_dir.$_FILES['photo']['name']. " has been uploaded, and your information has been added to the directory";
    $images_arr[] = $target;
}
else {

    //Gives and error if its not
    echo "Sorry, there was a problem uploading your file.";
}


function errorMessage($str) {
return '<div style="width:50%; margin:0 auto; border:2px solid #F00;padding:2px; color:#000; margin-top:10px; text-align:center;">' . $str . '</div>';
}

function successMessage($str) {
return '<div style="width:50%; margin:0 auto; border:2px solid #06C;padding:2px; color:#000; margin-top:10px; text-align:center;">' . $str . '</div>';
}

Thanks is advance!

I got it working perfectly by changing the top few lines of code to this

$images_arr = array();
            //This is the directory where images will be saved
        $target_dir = "uploads/";
        $file = rand().'_'.$_FILES['photo']['name'];
        $target = $target_dir.$file;

            //$target = $target . basename( $_FILES['photo']['name']);

            //This gets all the other information from the form
        $userId=$_POST['userId'];
        $name=$_POST['nameMember'];
        $bandMember=$_POST['bandMember'];
        $pic=$file;
        $about=$_POST['aboutMember'];
Dave Lynch
  • 65
  • 7
  • Not possible. When the file is uploaded then you can do with it whatever you want. It is the $_FILES['photo']['temp'] that is the actual file. See manual for details http://php.net/manual/en/features.file-upload.php –  Mar 10 '16 at 23:16
  • 1
    `$pic=rand().'_'.$_FILES['photo']['name'];` –  Mar 10 '16 at 23:24
  • 1
    But then $target should be `=$target_dir.$pic;` – VolkerK Mar 10 '16 at 23:44
  • @VolkerK i understand the theory behind that but its throwing back " Sorry, there was a problem uploading your file. " – Dave Lynch Mar 10 '16 at 23:52
  • And what's the output when you add the line `echo '
    ', print_r( error_get_last(), true), '
    ';` betweeen `//Gives and error if its not` and the next echo?     – VolkerK Mar 10 '16 at 23:55
  • Your code is vulnerable to SQL injection. Please read [How can I prevent SQL-injection in PHP?](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) for information on how to fix it. – Matt Raines Mar 10 '16 at 23:55
  • @VolkerK Array ( [type] => 2 [message] => move_uploaded_file(): Unable to move '/webtemp/phpe3Oh9G' to 'uploads/' [file] => /fullURL/post.php [line] => 29 ) Sorry, there was a problem uploading your file. – Dave Lynch Mar 11 '16 at 00:00
  • @MattRaines thankyou I will follow it :) – Dave Lynch Mar 11 '16 at 00:00
  • @Dagon Thanks! your code helped loads!!!! – Dave Lynch Mar 11 '16 at 00:27
  • @VolkerK Thanks you helped so much! a bit of jigging the code around and i got it working, now just need to prevent SQL injection :) – Dave Lynch Mar 11 '16 at 00:28
  • possible duplicate of [How to rename uploaded file before saving it into a directory?](http://stackoverflow.com/questions/18705639/how-to-rename-uploaded-file-before-saving-it-into-a-directory) – Funk Forty Niner Mar 11 '16 at 00:41

1 Answers1

0

Rename the file on the upload, when moving it from the temp folder pass through the $new_target variable instead of the $target

$images_arr = array();

$target_dir = "uploads/";
$target = $target_dir.$_FILES['photo']['name'];
$pic = rand()."_".$_FILES['photo']['name'];
$new_target = $target_dir.$pic;

//$target = $target . basename( $_FILES['photo']['name']);

//This gets all the other information from the form
$userId=$_POST['userId'];
$name=$_POST['nameMember'];
$bandMember=$_POST['bandMember'];
//$pic=($_FILES['photo']['name']);
$about=$_POST['aboutMember'];


// Connects to your Database
mysql_connect("", "", "") or die(mysql_error()) ;
mysql_select_db("") or die(mysql_error()) ;

//Writes the information to the database
mysql_query("INSERT INTO portal_phocagallery (user_id,title,alias,filename,description)
VALUES ('$userId', '$name', '$bandMember', '$pic', '$about')") ;

//Writes the photo to the server
if(move_uploaded_file($_FILES ['photo']['tmp_name'], $new_target)){

    //Tells you if its all ok
    echo "The file ". $new_target. " has been uploaded, and your information has been added to the directory";
    $images_arr[] = $new_target;
} else {
    //Gives and error if its not
    echo "Sorry, there was a problem uploading your file.";
}


function errorMessage($str) {
    return '<div style="width:50%; margin:0 auto; border:2px solid #F00;padding:2px; color:#000; margin-top:10px; text-align:center;">' . $str . '</div>';
}

function successMessage($str) {
    return '<div style="width:50%; margin:0 auto; border:2px solid #06C;padding:2px; color:#000; margin-top:10px; text-align:center;">' . $str . '</div>';
}
Ant Avison
  • 178
  • 1
  • 10