Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End I need a simple way to give ability to upload multiple pics along with form

  • This topic is empty.
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #170867
    PicnicTutorials
    Participant

    I have the php back end I just need to upload script and a couple directions on its use.

    #170877
    shaneisme
    Participant

    I don’t really know a simple way to do it.

    Uploading files to your server brings with it a TON of security risks. When I wrote my own, I used the built in file() method with some caveats. I split the file name up + added in a random hash to each after I moved it from the default upload directory. I do this because a) they won’t know the name of the file after it’s uploaded on my server, b) it’s above their root access deeper in the file structure.

    In order to download the files, I simply accessed the database for the real file name, bundled it up and renamed it to its original and then passed it back to the user.

    I remember reading some tutorials:

    http://www.tizag.com/phpT/fileupload.php
    http://www.sitepoint.com/file-uploads-with-php/

    Neither of these gave the full picture though… That took a lot of work. Best case is to get a basic version up and running and let us know if you have any difficulties so we have specifics.

    #170884
    __
    Participant

    I split the file name up + added in a random hash to each…

    I usually just hash the file itself and use that as the filename (this also allows you to avoid uploading a file if you already have a copy of it).

    #170895
    shaneisme
    Participant

    I apply the hash to the file name, but keep it in the db for downloading later. My users like the file names to be what they set it to!

    #170896
    __
    Participant

    Oh, no, I keep the original filename in the DB. Just not on the file.

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.