renaming while uploading??

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
PHPycho
Forum Contributor
Posts: 336
Joined: Fri Jan 06, 2006 12:37 pm

renaming while uploading??

Post by PHPycho »

i had a photo gallery for users where users can upload many photos..
I am writing an script that renames the files while uploading as

Code: Select all

$new_filename=$user_id."_"."uniqueNO";
$new_add=$new_filename.".jpg";
rename($old_add,$new_add);
problem??
>how to generate "uniqueNO" that never repeats?
>is there any function??
>this script changes any file extension to .jpg...is that good or else?
Plz help in solving above questions....
Thank U
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

the function uniqid() never returns the same value twice, of course you should sha1() or md5() this value to get a web-safe string for the filename. another option is keep a database of images (still store your images on the filesys) and use the value for the primary auto increment id for the filename itself.


U r welcome
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

#1 ... adding .jpg to a picture just because it's a picture is bad. Even if it WAS a jpg, what if they used the extension .jpeg?

Also, there are some very other common and valid picture extensions. gif png bmp tiff

here's how to get a file's extension if it's being uploaded

Code: Select all

$extension = strstr($_FILES['formfilename']['name'],".");
Then, tack this on to the end of what you named the file. Which brings me to..

#2 .. Unless you're adding pictures inside of a loop, then naming them to time() would guarantee a unique filename for each picture (unless you have concurrent users uploading). Then you should use JshPro's advice and go with sha1(uniqid(1)).

So in the end you should end up with something like this.

Code: Select all

$filename = $_FILES['formfilename']['name'];

$file_extension = strstr($filename,".");

$my_filename = substr(sha1(uniqid(1),0,10);

$complete_filename = $my_filename.$file_extension;
and #3.. don't rename the files after you've already moved them to the server. you should'n't have to use rename() .. just name them what you want before you store it.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

you could use something like

Code: Select all

image_id = session_id(). "_".microtime()
I think this should work even if you are trying to upload 10 or more photos at a time unless the server is extremely fast and capable of saving two or more images in a microsecond.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

when dealing with uploads, I don't rely on any information a user submits. If I'm expecting a certain type of file, I analyze the file they send to check for validity, in the process I set the extension to the correct one if it's acceptable. How do you do that with images? getimagesize() will tell you what type of image it is, if any. You can set the extension based on that. As for uniquely naming the file, for security reasons, I wouldn't use the session_id() directly, if at all. In fact, I feel it shouldn't even directly relate to the user. The name I would use would likely be based off the current time in some fashion.
Post Reply