php - upload script mkdir saying file already exists when same directory even though different filename
Posted
by
neeko
on Stack Overflow
See other posts from Stack Overflow
or by neeko
Published on 2012-10-02T21:25:42Z
Indexed on
2012/10/02
21:37 UTC
Read the original article
Hit count: 260
my upload script says my file already exists when i try upload even though different filename
<?php
// Start a session for error reporting
session_start();
?>
<?php
// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: index.html');
}
// Call our connection file
include('config.php');
// Check to see if the type of file uploaded is a valid image type
function is_valid_type($file)
{
// This is an array that holds all the valid image MIME types
$valid_types = array("image/jpg", "image/JPG", "image/jpeg", "image/bmp", "image/gif", "image/png");
if (in_array($file['type'], $valid_types))
return 1;
return 0;
}
// Just a short function that prints out the contents of an array in a manner that's easy to read
// I used this function during debugging but it serves no purpose at run time for this example
function showContents($array)
{
echo "<pre>";
print_r($array);
echo "</pre>";
}
// Set some constants
// Grab the User ID we sent from our form
$user_id = $_SESSION['username'];
$category = $_POST['category'];
// This variable is the path to the image folder where all the images are going to be stored
// Note that there is a trailing forward slash
$TARGET_PATH = "img/users/$category/$user_id/";
mkdir($TARGET_PATH, 0755, true);
// Get our POSTed variables
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$contact = $_POST['contact'];
$price = $_POST['price'];
$image = $_FILES['image'];
// Build our target path full string. This is where the file will be moved do
// i.e. images/picture.jpg
$TARGET_PATH .= $image['name'];
// Make sure all the fields from the form have inputs
if ( $fname == "" || $lname == "" || $image['name'] == "" )
{
$_SESSION['error'] = "All fields are required";
header("Location: error.php");
exit;
}
// Check to make sure that our file is actually an image
// You check the file type instead of the extension because the extension can easily be faked
if (!is_valid_type($image))
{
$_SESSION['error'] = "You must upload a jpeg, gif, or bmp";
header("Location: error.php");
exit;
}
// Here we check to see if a file with that name already exists
// You could get past filename problems by appending a timestamp to the filename and then continuing
if (file_exists($TARGET_PATH))
{
$_SESSION['error'] = "A file with that name already exists";
header("Location: error.php");
exit;
}
// Lets attempt to move the file from its temporary directory to its new home
if (move_uploaded_file($image['tmp_name'], $TARGET_PATH))
{
// NOTE: This is where a lot of people make mistakes.
// We are *not* putting the image into the database; we are putting a reference to the file's location on the server
$imagename = $image['name'];
$sql = "insert into people (price, contact, category, username, fname, lname, expire, filename) values (:price, :contact, :category, :user_id, :fname, :lname, now() + INTERVAL 1 MONTH, :imagename)";
$q = $conn->prepare($sql) or die("failed!");
$q->bindParam(':price', $price, PDO::PARAM_STR);
$q->bindParam(':contact', $contact, PDO::PARAM_STR);
$q->bindParam(':category', $category, PDO::PARAM_STR);
$q->bindParam(':user_id', $user_id, PDO::PARAM_STR);
$q->bindParam(':fname', $fname, PDO::PARAM_STR);
$q->bindParam(':lname', $lname, PDO::PARAM_STR);
$q->bindParam(':imagename', $imagename, PDO::PARAM_STR);
$q->execute();
$sql1 = "UPDATE people SET firstname = (SELECT firstname FROM user WHERE username=:user_id1) WHERE username=:user_id2";
$q = $conn->prepare($sql1) or die("failed!");
$q->bindParam(':user_id1', $user_id, PDO::PARAM_STR);
$q->bindParam(':user_id2', $user_id, PDO::PARAM_STR);
$q->execute();
$sql2 = "UPDATE people SET surname = (SELECT surname FROM user WHERE username=:user_id1) WHERE username=:user_id2";
$q = $conn->prepare($sql2) or die("failed!");
$q->bindParam(':user_id1', $user_id, PDO::PARAM_STR);
$q->bindParam(':user_id2', $user_id, PDO::PARAM_STR);
$q->execute();
header("Location: search.php");
exit;
}
else
{
// A common cause of file moving failures is because of bad permissions on the directory attempting to be written to
// Make sure you chmod the directory to be writeable
$_SESSION['error'] = "Could not upload file. Check read/write persmissions on the directory";
header("Location: error.php");
exit;
}
?>
© Stack Overflow or respective owner