...

View Full Version : Numbers appearing on the wrong side of filename



Xaqa
09-11-2011, 12:45 AM
I'm using this code:


$file12 = $_FILES['site_url']['name']; // Get the name of the file (including file extension).
$file12 = preg_replace('/\s/', '_', $file12);
$filename = $file12.$rand;
$ext = substr($filename, strpos($filename,$rand,'.'), strlen($filename)-1); // Get the extension from the filename.

Except the numbers ($rand) are appearing on the right side of the extension. How would I make it on the left of the extension?

BluePanther
09-11-2011, 03:25 AM
I'm using this code:


$file12 = $_FILES['site_url']['name']; // Get the name of the file (including file extension).
$file12 = preg_replace('/\s/', '_', $file12);
$filename = $file12.$rand;
$ext = substr($filename, strpos($filename,$rand,'.'), strlen($filename)-1); // Get the extension from the filename.

Except the numbers ($rand) are appearing on the right side of the extension. How would I make it on the left of the extension?

You've almost got it, just a bit of false logic I think.

At the start, $file12 will contain the filename+extension. So, you want to create a filename from that, with a random number just before the extension. The extension will proceed after the last . in the filename. So, you would use strrpos() to find the last occurence of . which will guarantee the remainder of the string will be the extension.
Using this produces the following:


// Get the name of the file (including file extension).
$file12 = $_FILES['site_url']['name'];

$file12 = preg_replace('/\s/', '_', $file12);

// Find extension position
$position = strrpos($file12, '.');
$filename = substr($file12,0,$position).$rand.substr($file12,$position);

Tested it, and it works :). This also allows for filenames that have more than 1 . as the last . in a filename will always preceed the extension.

Xaqa
09-11-2011, 05:21 PM
Thank you for that it works. But the uploaded file has entirley different numbers. Here's the code:

if(move_uploaded_file($_FILES['site_url']['tmp_name'],$upload_path . $filename))

BluePanther
09-11-2011, 07:08 PM
Show me the whole script. You must be assigning $rand twice, and the filename twice, if the numbers are different. Can't tell without seeing the whole of your script

Xaqa
09-11-2011, 07:29 PM
Home File - http://pastebin.com/Xa7G52hg
MySQL Upload - http://pastebin.com/WL7bEpH0

BluePanther
09-11-2011, 09:10 PM
Your problem is your mysql portion is re-processing the form submit data. It actually looks like you've just copied and pasted the same segments of code into both pages without thinking what it will actually do. rand() generates a random number, and using that to try and figure out the old filename is a pointless venture as rand() will generate a different number every time (in theory, lol).

It looks like the editSite() is designed to parse form input, so I would remove the form processing from the home page, and leave the editSite() method in the mysql to do it's job there.

Xaqa
09-11-2011, 11:18 PM
Sorry, I'm not following you. Remove what part?

kbluhm
09-11-2011, 11:37 PM
Is this issue at all related to your other topic?
http://www.codingforums.com/showthread.php?t=237361

BluePanther
09-11-2011, 11:37 PM
Your code is very messy. Did you write this? It's poor formatting is giving me a right headache haha. There's not a single { bracket surrounding long segments of if conditioned code, which isn't essential but makes everything SO much easier to understand and read.

Anyway, remove the image processing part from the home page (the bit down the bottom). It is causing you to process the images twice (i'm sure if you look at your directory, there's duplicates of your test images there) which is why the numbers aren't matching up.

BluePanther
09-11-2011, 11:41 PM
Is this issue at all related to your other topic?
http://www.codingforums.com/showthread.php?t=237361

Looks like it was at first yeah. Looks like he never implemented your code properly. Regardless of double post, he's also implemented this code improperly as well and needs assistance with a newly created problem. You shouldn't double post in the future though, Xaqa.

Just a small critique on your code though kbluhm (hope you don't mind), if there's more than 1 . in the filename (which is unlikely, but can happen) then your script will cut off the extension, and maybe other information. My script takes the last . in the string, which is guaranteed to separate the extension only.

kbluhm
09-12-2011, 01:02 AM
Just a small critique on your code though kbluhm (hope you don't mind), if there's more than 1 . in the filename (which is unlikely, but can happen) then your script will cut off the extension, and maybe other information. My script takes the last . in the string, which is guaranteed to separate the extension only.

Incorrect, mine works just fine. You missed the third parameter for explode(). The `2` limits it to 2 pieces:


$filename = 'filename.tar.gz';

$pieces = explode( '.' $filename, 2 );

echo $pieces[0]; // filename
echo $pieces[1]; // tar.gz

BluePanther
09-12-2011, 01:13 AM
I should reword what I said. Mine is more robust because with your code, the resultant output for some files would be unexpected - foo.bar.php would evaluate to foo.rand().bar.php whereas Xaqa's requirement is to have the random value to the left of the extension separator specifically. But I also see your point that if there was a file that was a tar.gz, the extension would become useless in that filename.tar.gz would become filename.tar.rand().gz. However, in Xaqa's example alone that won't be a problem as he is limiting uploads to single-extension images. For an unspecific file extension, yours would be better than mine but wouldn't be ideal if they were wanting some degree of filename preservation.

Xaqa
09-12-2011, 02:53 AM
While not understand anything you both just said, I made this instead:


<?php
$site_id = intval($_GET['id']);
$site = $sites->getSite($site_id);
// Configuration - Your Options
$allowed_filetypes = array('.jpg','.gif','.bmp','.png'); // These will be the types of file that will pass the validation.
$max_filesize = 524288; // Maximum filesize in BYTES (currently 0.5MB).
$upload_path = './uploads/'; // The place the files will be uploaded to (currently a 'files' directory).
$rand = rand(1,99999999);
$file12 = $_FILES['site_url']['name'];

$file12 = preg_replace('/\s/', '_', $file12);
// Find extension position
$position = strrpos($file12, '.');
$filename = substr($file12,0,$position).$rand.substr($file12,$position);

// Now check the filesize, if it is too large then DIE and inform the user.
if(filesize($_FILES['site_url']['tmp_name']) > $max_filesize)
die('The file you attempted to upload is too large.');

if (file_exists($filename))
die('File exsist.');

$con = mysql_connect("crowngaming.ipagemysql.com","crowngaming","Hipporules2?");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("schematics", $con);

mysql_query("UPDATE sites SET site_url = '$filename' WHERE site_url = site_id");

mysql_close($con);

// Check if we can upload to the specified path, if not DIE and inform the user.
if(!is_writable($upload_path))
die('You cannot upload to the specified directory, please CHMOD it to 777.');

// Upload the file to your specified path.
if(move_uploaded_file($_FILES['site_url']['tmp_name'],$upload_path . $filename))
echo 'Sucessfully uploaded file. <a href="/index.php?page=site_view&id=' .$row['site_id'] .'">Here</a>';
else
echo "Error!";
?>

Which connect to MySQL databse and updates the site_url. But it updates for all the site_urls'. Can I make it so that it only updates for one?

BluePanther
09-12-2011, 03:05 AM
I'm pretty sure that's what I was trying to get you to do. I'm not really sure what's not to get haha, you were processing the form twice - once on the home page and once in the mysql function.

Never the less, you're almost right but you're using the wrong information in the WHERE clause of your query. You're currently comparing two different fields. I noticed you retrieving the id from GET up the top, yet your form uses POST data. Not unusual, but how are you passing the id of the row currently being updated? However it is, your query should update "WHERE site_id=$id".

Xaqa
09-12-2011, 03:18 AM
Alright, I tried what you said replacing the WHERE with WHERE site_id=$id. Now what comes up is, nothing for site_url. Edit: It was '" . intval($site_id) . "' not $id :P

BluePanther
09-12-2011, 03:41 AM
I actually asked you to confirm if that was the correct ID for the record you'll be updating, but evidently it is so whatever :P glad we got it working.

It should be noted that "UPDATE sites SET site_url = '$filename' WHERE site_id=$site_id" will give the exact same result as your inval() verson. Your mysql query changes $site_id to an integer (I think it already was an integer anyway), but then puts it in quotations inside the mysql making mysql think its a string, but then comparing it to an integer type field forcing mysql to turn it back into an integer. Values wrapped with ' in mysql queries are strings, values without ' are integers - completely independent of the type in php. In other words, a string without ' around it in a query, is a mysql integer, and vice versa.

kbluhm
09-12-2011, 03:47 AM
I should reword what I said.

You didn't reword it... you changed it. ;)

Not sure how yours is any more robust than mine is... different maybe.

My solution: filename.12345.bar.php, yours: filename.bar.12345.php
My solution: filename.12345.tar.gz, yours: filename.tar.12345.gz

To be honest, I would prefer mine... in the above examples bar.php is not a true extension, whereas tar.gz is. But hey, that's just me.

The best solution would have a collection of known extensions, referencing that list first to modify recognised file extensions before falling back on either of the aforementioned solutions.

BluePanther
09-12-2011, 04:27 AM
You didn't reword it... you changed it. ;)

Not sure how yours is any more robust than mine is... different maybe.

My solution: filename.12345.bar.php, yours: filename.bar.12345.php
My solution: filename.12345.tar.gz, yours: filename.tar.12345.gz

To be honest, I would prefer mine... in the above examples bar.php is not a true extension, whereas tar.gz is. But hey, that's just me.

The best solution would have a collection of known extensions, referencing that list first to modify recognised file extensions before falling back on either of the aforementioned solutions.

Pretty much exactly what I said in my last reply ;)

kbluhm
09-12-2011, 07:01 PM
Sooo, we agree to agree... :)

BluePanther
09-12-2011, 07:31 PM
I Agree :)

Xaqa
09-13-2011, 01:02 AM
Alright BluePanther, I did as you said which is keep it out of 's and use site_id as used in the mySQL and got this:


mysql_query("UPDATE sites SET site_url = '$filename' WHERE site_id = " . $site_id . " LIMIT 1");

Unfortunately, instead of saying the name for the only file with that id it doesn't even print the id. Can you tell me what I am doing wrong.

BluePanther
09-13-2011, 01:06 AM
Alright BluePanther, I did as you said which is keep it out of 's and use site_id as used in the mySQL and got this:


mysql_query("UPDATE sites SET site_url = '$filename' WHERE site_id = " . $site_id . " LIMIT 1");

Unfortunately, instead of saying the name for the only file with that id it doesn't even print the id. Can you tell me what I am doing wrong.

What? That code won't print anything at all - it's not designed to. Don't really get what you mean here...

Also, for queries you should always handle errors by either checking for a FALSE return, or using a statement like mysql_query() or die(mysql_error()).



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum