Hi.
A question on file upload. The user signs in using his/her 'user_id'. He/She wants to upload a file. I want the file submitted by the user to be uploaded to a folder named after the user's id. By default, a folder named after the user's id is created once he/she signs up as a user. The php code which I wrote is shown below. My idea is to use the 'basename' function to copy the uploaded file to the file named $_SESSION('user_id').
Code:
<?php
$userid = $_SESSION["user_id"];
echo 'hello, $_SESSION["user_id"]';
$uploaddir = "/home/www/aaa/fyp/author/scripts/";
$foldername = $uploaddir . basename($userid);
echo $foldername;
$uploadfile = $foldername . basename($_FILES["userfile"]["name"]);
if (move_uploaded_file($_FILES["userfile"]["tmp_name"], "$uploadfile/$userid")) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
?>
Result:
hello, $_SESSION["user_id"]/home/www/aaa/fyp/author/scripts/File is valid, and was successfully uploaded.
The result is not what I want. Not only was the actual $_SESSION["user_id"] not being reflected, the destination of the file upload was also wrong. The desired destination is " /home/www/aaa/fyp/author/scripts/"user_id" ".
Can someone help me with this? Thank you very much!
Regards,
dbf
PHP file upload 'basename'?
Moderator: General Moderators
use the php tags if you post code
if you are using variables in $_SESSION make sure the session has been started...
lookup how string and variable extraploation work (see the difference between ' and " )
if you are using variables in $_SESSION make sure the session has been started...
Code: Select all
if (!isset($_SESSION) session_start();lookup how string and variable extraploation work (see the difference between ' and " )
Code: Select all
echo "welcome {$_SESSION['user_id'] ";