Hi All, I have the following scrip that uploads a image to a destination folder on my server.

What I am trying to do is "rename" the uploaded file and update the link in the back end database.

The file uploads and stores in the correct folder, but what it does not do, is rename the uploaded file.

Here is the script I am working on.

            $img1 = $_FILES['jan_image']['name'];
            //let's add a security check, to make sure only allowed files are uploaded
            $ext=explode('.',$img1);//explode the image name into an array to get the extension
            // allowed extensions, add or remove any extension you want allowed(LOWER CASE ONLY)
            if(in_array(strtolower($ext[1]), $allowed_exts)){//file type is allowed!

                $val= move_uploaded_file($_FILES['jan_image']['tmp_name'], $dest);

                chmod($dest, 0644);//make sure you have permissions for the file
                { //update database and rename
                rename($dest, 'members/'.$securecode.'/'.$sname.'/images/'.$id.'/'.$storeitem.'/update.jpg');
                $dest="members/".$securecode."/".$sname."/images/".$id."/".$storeitem."/update.jpg";//set $dest to the new file name - database entry is correct

                mysql_query("update 3tfbs set img1 ='http://www.website.com/members/$securecode/$sname/images/".$id."/".$storeitem."/$img1' where uiid='".$storeitem."'");

                header( "Location: members.php") ;

Edited by pyTony: fixed formating

6 Years
Discussion Span
Last Post by cereal

Use absolute paths, you can use $_SERVER['DOCUMENT_ROOT'] . "/members/$securecode/$sname/..."

Also, if I upload a file with double extension, let's say my_image.jpg.php, it will get through the conditional statement at line 7. Bye.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.