PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
I am developing a PHP script that will allow registered users to upload a very small jpg picture. This picture is then processed (reduced to a certain size). The original file, after being processed, has to be renamed. The new name will be the username (plus the filename extension *.jpg). The processed and renamed file will be stored on the server. The link to this file will be put into a database.
Whenever a user logs in to the site, the username.jpg picture will be retrieved and displayed. There will be several hundred users. Filesize will be around 20k. The first step here is to allow users to upload the file. I already have a working script that checks if the user is logged in (by reading a cookie) and authenticated by checking username/password against a database. I also have the script for resizing the picturem, checking file siz and type.
[color=brown]What I need help with is:[/color]
When the user uploads a picture, I want the filename to be changed from what it is originally to what I want it to be (which is $username.jpg). How do I incorporate that into the Form for uploading? The problem I am having is: the COOKIE containing the username has to be incorporated into the form below i.e. [color=brown]name="nameoffile" to be replaced with name=$_COOKIE[usernamecookie][/color], or something similar to that. Can this be done?? I tried different ways of doing it, but doesn't work. Would appreciate any help. Thanks!!
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
I have one more question:
The image file is saved by the script on the server in some directory like this:
/userimages/username.jpg
What prevents anonymous users from gaining access to those files? I know I do have to grant access to the user, but how do I match users to their respective files without giving permission to the whole group? Particularly when the image is displayed using tags like <img src=http://blah.blah.blah/folder/userimages/username.jpg ....Can't everyone gain access to that folder and files???
Sorry if I sound idiotic, but I am a newbee to both PHP as well as server/security related stuff.
Thanks!
Users who upload their picture may not be comfortable with it being available to others to see.
In fact, the whole folder will become an album of whos who in the website's membership. I want to keep all this private. Besides, the picture is uploaded by the user for it be displayed only in the user's personalized webpages. The picture will be of their child or a family. This is a family-oriented site.
The file size will be less than 10k each. I am also considering putting it into a database if that's easier. Any comments on this?