Hi All, I have the following scrip that uploads a image to a destination folder on my server.

What I am trying to do is "rename" the uploaded file and update the link in the back end database.

The file uploads and stores in the correct folder, but what it does not do, is rename the uploaded file.

Here is the script I am working on.

            $img1 = $_FILES['jan_image']['name'];
            //let's add a security check, to make sure only allowed files are uploaded
            $ext=explode('.',$img1);//explode the image name into an array to get the extension
            // allowed extensions, add or remove any extension you want allowed(LOWER CASE ONLY)
            if(in_array(strtolower($ext[1]), $allowed_exts)){//file type is allowed!

                $val= move_uploaded_file($_FILES['jan_image']['tmp_name'], $dest);

                chmod($dest, 0644);//make sure you have permissions for the file
                { //update database and rename
                rename($dest, 'members/'.$securecode.'/'.$sname.'/images/'.$id.'/'.$storeitem.'/update.jpg');
                $dest="members/".$securecode."/".$sname."/images/".$id."/".$storeitem."/update.jpg";//set $dest to the new file name - database entry is correct

                mysql_query("update 3tfbs set img1 ='http://www.website.com/members/$securecode/$sname/images/".$id."/".$storeitem."/$img1' where uiid='".$storeitem."'");

                header( "Location: members.php") ;

Use absolute paths, you can use $_SERVER['DOCUMENT_ROOT'] . "/members/$securecode/$sname/..."

Also, if I upload a file with double extension, let's say my_image.jpg.php, it will get through the conditional statement at line 7. Bye.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.