php upload form with renaming/unique directory capabilities...

I'm trying to build an upload form in php that will do the following
things:

- have the option to upload 10 unique files
- only allow certain filetypes to be uploaded
- rename each file depending on whats specified in a corresponding
dropdown menu
- have three text fields that are spit into a text document (or an
easier, better alternative... that info just needs to be visible
somewhere)
- move the renamed, uploaded files into a unique directory that is
named after one of the text fields

i've found a couple upload form scripts but i'm wondering if anybody
has suggestions for what the best one is, and if any offer that kind
of capability i described above since clearly some of that stuff has
been before...

i've seen some that show how to specify what filetypes are allowed but
i'm unsure how to do the renaming of files and a unique directory...
any help would be awesome. thanks

truck

Re: php upload form with renaming/unique directory capabilities...

On Thu, 29 Nov 2007 22:47:30 +0100, Truck Estevez =

wrote:

> I'm trying to build an upload form in php that will do the following
> things:
>
> - have the option to upload 10 unique files

You can't control the uniqueness client-side. You could try comparing an=
=

hash (md5_file()) server side... The rest is just creating 10 file-input=
s =

in html.

> - only allow certain filetypes to be uploaded

Not possible to limit filetypes on upload using PHP. I don't think =

javacript will either. The most you can hope for client-side is a coded =
=

limit on extension. Even that is not trustworthy. On the server, you'll =
=

have a hrad time checking validity of certain files too. You can filter =
on =

extension again, that's not reliable though. The same goes for checking =
=

mime-type. There are some tricks to check for certain files. We cannot =

tell you unless you specify what types you want.

> - rename each file depending on whats specified in a corresponding
> dropdown menu

move_uploaded_file($_FILES['input_name']['tmp_name'],'/path/ to/dir/'.$_P=
OST['chosen_name']);

Check for validity of the chosen name though: no slashes allowed (we don=
't =

want to end up somewhere else if the user chooses =

'../../something/sensitive'.

> - have three text fields that are spit into a text document (or an
> easier, better alternative... that info just needs to be visible
> somewhere)

$fh =3D fopen('bla.txt','w');
fwrite($fh,$_POST['field1'].$_POST['field2'].$_POST['field3' ]);
fclose($fh);

> - move the renamed, uploaded files into a unique directory that is
> named after one of the text fields

See move_uploaded_file(), mkdir(), and if that fails possible read up on=
=

safe_mode.
-- =

Rik Wasmus

Re: php upload form with renaming/unique directory capabilities...

>
> > - only allow certain filetypes to be uploaded
>
> Not possible to limit filetypes on upload using PHP. I don't think
> javacript will either. The most you can hope for client-side is a coded
> limit on extension. Even that is not trustworthy. On the server, you'll
> have a hrad time checking validity of certain files too. You can filter on
> extension again, that's not reliable though. The same goes for checking
> mime-type. There are some tricks to check for certain files. We cannot
> tell you unless you specify what types you want.
>

thanks... the filetypes would be .ai, .eps, .pdf, .psd, and .tif. all
image files.

Re: php upload form with renaming/unique directory capabilities...

Hello,

On 30 marras, 00:12, Truck Estevez wrote:
> > > - only allow certain filetypes to be uploaded
>
> > Not possible to limit filetypes on upload using PHP. I don't think
> > javacript will either. The most you can hope for client-side is a coded
> > limit on extension. Even that is not trustworthy. On the server, you'll
> > have a hrad time checking validity of certain files too. You can filter on
> > extension again, that's not reliable though. The same goes for checking
> > mime-type. There are some tricks to check for certain files. We cannot
> > tell you unless you specify what types you want.
>
> thanks... the filetypes would be .ai, .eps, .pdf, .psd, and .tif. all
> image files.

on a Unix/Linux machine as server you probably could use the /usr/bin/
file command which provides a file type recognition based on byte
patterns in the begin of the file.

BR,
Roland