1-it does not remove the old file in the directory inspite of the unlink function.
2- when it creates a new file name to be stored in the MySQL db it gets the correct file type
(doc or pdf) but it leaves out the "." between the file name and file type!?!
Code: Select all
<?php
/*
- PHP5 Image upload script
*/
class imageupload
{
//pblic variables
public $path = '';
public $errorStr = '';
public $imgurl = '';
//private variables
private $_errors = array();
private $_params = array();
private $_lang = array();
private $_maxsize = 1048576;
public $_im_status = false;
//public methods
public function __construct ()
{
require 'config_2.php';
$this->_types = $types;
$this->_lang = $lang;
$this->_upload_dir = $upload_dir;
$this->_maxsize = $maxsize;
$this->path = $PHP_SELF;
if (is_array($_FILES['__upload']))
{
$this->_params = $_FILES['__upload'];
if (function_exists('exif_filetype'))
$this->_doSafeUpload();
else
$this->_doUpload();
if (count($this->_errors) > 0)
$this->_errorMsg();
}
}
public function allowTypes ()
{
$str = '';
if (count($this->_types) > 0) {
$str = 'Allowed types: (';
$str .= implode(', ', $this->_types);
$str .= ')';
}
return $str;
}
// private methods
private function _doSafeUpload ()
{
preg_match('/\.([a-zA-Z]+?)$/', $this->_params['name'], $matches);
if (exif_filetype($this->_params['tmp_name']) && in_array(strtolower($matches[1]), $this->_types))
{
if ($this->_params['size'] > $this->_maxsize)
$this->_errors[] = $this->_lang['E_SIZE'];
else
$this->_im_status = true;
if ($this->_im_status == true)
{
$ext = substr($this->_params['name'], -4);
$this->new_name = md5(time()).$ext;
$file_stat= $_POST['file_stat'];
$userID= $_POST['userID'];
$file_name = $this->new_name;
mysql_connect('************************', 'js_info', '*******************') or die(mysql_error());
mysql_select_db('js_info') or die(mysql_error());
$select_query="SELECT file_name from js_resume WHERE userID = '$userID' ";
$select_result = mysql_query($select_query) or die(mysql_query());
if(mysql_num_rows($select_result) > 0)
{
$imgrow=mysql_fetch_assoc($select_result);
$imgfilename=$imgrow['file_name'];
unlink($this->_upload_dir.$imgfilename);
}
$query = "UPDATE js_resume SET file_name = '$file_name', file_stat = '$file_stat' WHERE userID = '$userID'";
$result = mysql_query($query) or die(mysql_query());
mysql_close();
move_uploaded_file($this->_params['tmp_name'], $this->_upload_dir.$this->new_name);
$this->imgurl = 'http://'.$_SERVER['HTTP_HOST'].preg_replace('/\/([^\/]+?)$/', '/', $_SERVER['PHP_SELF']).$this->_upload_dir.$this->new_name;
}
}
else
$this->_errors[] = $this->_lang['E_TYPE'];
}
private function _doUpload ()
{
preg_match('/\.([a-zA-Z]+?)$/', $this->_params['name'], $matches);
if(in_array(strtolower($matches[1]), $this->_types))
{
if ($this->_params['size'] > $this->_maxsize)
$this->_errors[] = $this->_lang['E_SIZE'];
else
$this->_im_status = true;
if ($this->_im_status == true)
{
$ext = substr($this->_params['name'], -3);
$this->new_name = md5(time()).$ext;
$file_stat= $_POST['file_stat'];
$userID= $_POST['userID'];
$file_name = $this->new_name;
mysql_connect('***************', 'js_info', '****************') or die(mysql_error());
mysql_select_db('js_info') or die(mysql_error());
$select_query="SELECT file_name from js_resume WHERE userID = '$userID' ";
$select_result = mysql_query($select_query) or die(mysql_query());
if(mysql_num_rows($select_result) > 0)
{
$imgrow=mysql_fetch_assoc($select_result);
$imgfilename=$imgrow['file_name'];
unlink($this->_upload_dir.$imgfilename);
}
$query = "UPDATE js_resume SET file_name = '$file_name', file_stat = '$file_stat' WHERE userID = '$userID'";
$result = mysql_query($query) or die(mysql_query());
mysql_close();
move_uploaded_file($this->_params['tmp_name'], $this->_upload_dir.$this->new_name);
$this->imgurl = 'http://'.$_SERVER['HTTP_HOST'].preg_replace('/\/([^\/]+?)$/', '/', $_SERVER['PHP_SELF']).$this->_upload_dir.'/'.$this->new_name;
}
}
else
$this->_errors[] = $this->_lang['E_TYPE'];
}
function _errorMsg()
{
$this->errorStr = implode('<br />', $this->_errors);
}
}
?>thanks in advance.
Batoe