PHP File Upload
If I want to change my filename before it goes to the server for its permanent location, not its temporary Location how could I do this.
The code is as followed:
<form action="upload_file.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
<?php
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 20000))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Upload: " . $_FILES["file"]["name"] . "<br />";
echo "Type: " . $_FILES["file"]["type"] . "<br />";
echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
}
}
}
else
{
echo "Invalid file";
}
?>
Solution 1:
I'm not sure if I understand what you mean. If you just want to rename the file when storing it in the "upload" directory, do so when using move_uploaded_file()
:
$destination = "upload/" . $new_filename;
if (file_exists($destination)) {
echo 'File ', $destination, ' already exists!';
} else {
move_uploaded_file($temp_filename, $destination);
}
You could also let the user define $new_filename
by providing an additional "rename" text field in your HTML form.
EDIT: Code could be something like that:
Form:
<form action="upload_file.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<!-- NEW TEXTBOX -->
<label for="newname">Rename to (optional):</label>
<input type="text" name="newname" id="newname" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
PHP:
$upload_dir = realpath('upload') . DIRECTORY_SEPARATOR;
$file_info = $_FILES['file'];
// Check if the user requested to rename the uploaded file
if (!empty($_POST['newname'])) {
$new_filename = $_POST['newname'];
} else {
$new_filename = $file_info['name'];
}
// Make sure that the file name is valid.
if (strpos($new_filename, '/') !== false || strpos($new_filename, '\\') !== false) {
// We *have* to make sure that the user cannot save the file outside
// of $upload_dir, so we don't allow slashes.
// ATTENTION: You should do more serious checks here!
die("Invalid filename");
}
$destination = $upload_dir . $new_filename;
// ... if (file_exists(... move_uploaded_file(...
Solution 2:
you do it in the move_uploaded_file function
move_uploaded_file($temporary_file, "path/to/destination/and/new_file_name.gif");
right now, you're just moving it to the destination with it's current name.
Solution 3:
public static function uploadFile($filepath="upload",$uniq=0){
global $_FILES;
try {
// Undefined | Multiple Files | $_FILES Corruption Attack
// If this request falls under any of them, treat it invalid.
if (
!isset($_FILES['uploaded_file']['error']) ||
is_array($_FILES['uploaded_file']['error'])
) {
$result["status"]="fail";$result["errors"]=('Invalid parameters.');return $result;
}
// Check $_FILES['uploaded_file']['error'] value.
switch ($_FILES['uploaded_file']['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_NO_FILE:
$result["status"]="fail";$result["errors"]=('No file sent.');return $result;
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$result["status"]="fail";$result["errors"]=('Exceeded filesize limit.');return $result;
default:
$result["status"]="fail";$result["errors"]=('Unknown errors.');return $result;
}
// You should also check filesize here.
if ($_FILES['uploaded_file']['size'] > 1000000) {
$result["status"]="fail";$result["errors"]=('Exceeded filesize limit.');return $result;
}
// DO NOT TRUST $_FILES['uploaded_file']['mime'] VALUE !!
// Check MIME Type by yourself.
$finfo = new finfo(FILEINFO_MIME_TYPE);
if (false === $ext = array_search(
$finfo->file($_FILES['uploaded_file']['tmp_name']),
array(
'jpg' => 'image/jpeg',
'png' => 'image/png',
'gif' => 'image/gif',
),
true
)) {
$result["status"]="fail";$result["errors"]=('Invalid file format.');return $result;
}
if($uniq==0){
$temp=$filepath;
}
else{
$temp=$filepath."/".uniqid()."_".$_FILES['uploaded_file']['name'];
}
if(@copy($_FILES['uploaded_file']['tmp_name'], $temp)) {
return $result["status"]="success";
}
$result["status"]="fail";$result["errors"]=('Unknown errors.');return $result;
} catch (Exception $e) {
$result["status"]="fail";$result["errors"]= $e->getMessage();return $result;
}
}