I'm trying to rename a file uploaded to the username of the logged in user. I can't seem to figure it out. I'm trying to mimic how I got the username and details on my profile pages. The pictures are uploaded to a folder, not a database.

Here's my uploads.php

<?php session_start();
	include 'mysql-connect2.php';

# Setting auser as SESSION['user']
$auser = $_SESSION['user'];

# SQL protecting variables
$username = (isset($_GET['username']))?mysql_real_escape_string($_GET['username']):$username;

if(isset($auser)) {
  $sql = mysql_query("SELECT * FROM `user` WHERE `username` = '$username'");
// directory path.

// get the dir to send file to and the file name.
$uploadfile = $username . basename($_FILES['userfile']['name']);

// get the current file information.

//get the . and file exstention.
$ext = substr($file, -4);

//convert varable to the uplaoded directory the new id
//and extention.


//rename the file to the new one.


// if all the conditions are correct send the file to the directory.

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)){

// success echoed

echo " <font color='red'>File is valid, and was successfully uploaded.</font>";
}else {

//unsuccesfull echoed

echo "<font color='red'>File was unsuccesful sorry</font>";

// show the form.
<form enctype='multipart/form-data' action='uploads.php' method='POST'>
<input type='hidden' name='MAX_FILE_SIZE' value='30000000000000000000000'>
send this file <input name='userfile' type='file' >
<input type='submit' name='submit' value='Send File'>



And my profile page code for reference.

<?php /*?><?php error_reporting(E_ALL ^ E_NOTICE); ?><?php */?>
# Starting the session

# Requiring SQL connection
require_once 'mysql-connect2.php';

# Setting auser as SESSION['user']
$auser = $_SESSION['user'];

# SQL protecting variables
$username = (isset($_GET['username']))?mysql_real_escape_string($_GET['username']):$username;

# Checking through each query
if(isset($auser)) {
  $sql = mysql_query("SELECT * FROM `user` WHERE `username` = '$username'");
  if(mysql_num_rows($sql)) {
    while($row = mysql_fetch_array($sql)) {
      $page = "<h1>User Info</h1>".
              "<b>Username: {$row['username']}<br /><br />".
			  "<b>First Name: {$row['firstname']}<br /><br />".
			  "<b>Last Name: {$row['lastname']}<br /><br />".
			  "<b>Email: {$row['email']}<br /><br />".
              "<form name=\"backlistfrm\" method=\"post\" action=\"members2.php\">".
              "  <input type=\"submit\" value=\"Back to The List\">".
              "</form><br />";
  } else {
    $page = "ERROR: No member found for username: <strong>{$_GET['username']}</strong>.";
} else {
  $page = "ERROR: Not logged in.";

# Printing the final output
print $page;


Edit: sorry had wrong code.

I'm getting resource id #5 on the file name save instead of the username?? I really need help with this!! I'm a noob to php. Thanks in advance.

Edited by blt4424: n/a

6 Years
Discussion Span
Last Post by hielo

AFTER successful execution of line 11, $sql contains a resource NOT a string - so line 28 doesn't make sense. You need to extract the data from the resource ($sql) returned by your query. It is not clear to me which field in $sql you are interested in , but assuming that in your DB Table you have a field named 'mysteryField', then what you need to do is:

//try not to doe SELECT * if you are NOT going to use all your fields
$sql = mysql_query("SELECT `mysteryField` FROM `user` WHERE `username` = '$username'") or die( mysql_error() );


/* you don't need this. If I upload 'hi.txt' and you want it renamed to 'bye.rtf' you just need to specify the NEW name as the second argument to move_uploaded file which you are ALREADY DOING.
//rename the file to the new one
if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)){
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.