PDA

View Full Version : find out the username that uploaded the file


Josh
11-15-2010, 08:51 AM
Hi,

can anybody help me with this,

I've got an upload script on my website, to get to the upload page the user must be logged in, when the user uploads a file. How can I make it so that when that user uploads the file to my server, it tells me the username that has uploaded it, so that I know who it's come from.

this i my html code


<form enctype="multipart/form-data" action="uploader.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="12000000" />
Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Upload File" />
</form>


and this is the php;


<?php
$target_path = "uploads/";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
} else{
echo "Your file is either too big (max size 20mb) or it is in the wrong format. Please try again!";
}
?>


any help is appreciated,

Thanks,

Josh

Corrosive
11-15-2010, 09:50 AM
Moved to PHP forum.

If you have a session created from the log in (so they have access to the page) then tag the file upload with the info contained in it.

Josh
11-15-2010, 11:55 AM
thanks corrosive, but could you make it a bit simpler for me please?

i.e. what code do I use to tag this file upload, where to put it etc.

I've changed the php code,


<?php
// Configuration - Your Options
$allowed_filetypes = array('.avi','.mpeg','.flv','.zip'); // These will be the types of file that will pass the validation.
$max_filesize = 12024288; // Maximum filesize in BYTES (currently 12MB).
$upload_path = '../../onlinestage.co.uk/uploads/'; // The place the files will be uploaded to (currently a 'files' directory).

$filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename.

// Check if the filetype is allowed, if not DIE and inform the user.
if(!in_array($ext,$allowed_filetypes))
die('The file you attempted to upload is not allowed.');

// Now check the filesize, if it is too large then DIE and inform the user.
if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
die('The file you attempted to upload is too large.');

// Check if we can upload to the specified path, if not DIE and inform the user.
if(!is_writable($upload_path))
die('You cannot upload to the specified directory, please CHMOD it to 777.');

// Upload the file to your specified path.
if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename))
echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; // It worked.
else
echo 'There was an error during the file upload. Please try again.'; // It failed :(.

?>


and this is the form code.


<form action="/includes/uploader.php" method="post" enctype="multipart/form-data">
<p align="center">
<label for="file">Select a file please:</label> <input type="file" name="userfile" id="file"> <br />
<button>Upload File</button>
<p align="center">
</form>


thanks,

Josh

edbr
11-16-2010, 12:23 AM
this line
$filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).
gets the file name on upload

this line you can see is the final name $filename
echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; // It worked.

so if you get you $_SESSION ['NAME'] however it is set, you can remname the final name
ie $filename= $_SESSION ['NAME'];

Josh
11-16-2010, 11:38 AM
I've tried to change the code to $_SESSION[username]; which is he session that starts when they log in.

but when I replace;

$filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename.


with


$filename = $_SESSION['username']; // Get the name of the file (including file extension).
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename.


the file doesn't upload to the server, I get my error. So i'm doing something wrong.

also, when the file is uploaded the way I want it to be, where would the username be displyed so that I can see which username it came from? I'm assuming it will have another extension like is does with the file name saying username?

please could you alter my code so I can see exactly how it's supposed to go, I find it hard not knowing much about php as it is, to know where everything should go and in what order etc.

Thank you for helping me, I just need to get this done as it plays a big part in my website, if I don't know who its come from I'm stuck.

Josh

Corrosive
11-16-2010, 02:21 PM
You are renaming the file at the wrong point in the sequence of code. You need to rename it once it is uploaded or it won't work.

edbr
11-18-2010, 05:21 AM
it needs to be before the move file to final folder but after upload when it gets a temp name

Josh
11-18-2010, 11:50 AM
argh I don't know, i'm trying different ways but nothing seems to be working, it's so annoying when you can't do something!

please could somebody just put the code where it's supposed to be in the following;


<?php
session_start();
// Configuration - Your Options
$allowed_filetypes = array('.avi','.mpg','.flv','.swf','.zip','.wmv','. mp4','.vob','.3g2','3gp','.rm'); // These will be the types of file that will pass the validation.
$max_filesize = 12024288; // Maximum filesize in BYTES (currently 12MB).
$upload_path = '../../onlinestage.co.uk/uploads/'; // The place the files will be uploaded to (currently a 'files' directory).

$filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename.


// Check if the filetype is allowed, if not DIE and inform the user.
if(!in_array($ext,$allowed_filetypes))
die('The file you attempted to upload is not allowed.');

// Now check the filesize, if it is too large then DIE and inform the user.
if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
die('The file you attempted to upload is too large.');

// Check if we can upload to the specified path, if not DIE and inform the user.
if(!is_writable($upload_path))
die('You cannot upload to the specified directory, please CHMOD it to 777.');

// Upload the file to your specified path.
if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename))

echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; // It worked.
else
echo 'There was an error during the file upload. Please try again.'; // It failed :(.

?>


I will pay somebody to get this working for me, I just need it to tell me that when the username uploads the file, the file tells me which username it has been uploaded from.

The user must be logged in to access the upload page so I already have a session started from that. the session that's started when they log in is;

$_SESSION['username'];

and also, when the user uploads the file, where will the username be displayed?

I've been trying to figure this out for a while now, it's a key part to my website and so I will be very very grateful if somebody could help me the easy way.

Thank You

Josh

edbr
11-19-2010, 06:26 AM
read the posts by directing you is more helpful than blindly stabbing at it

Josh
11-19-2010, 12:48 PM
I am reading the posts, but they don't make sense to me.

I just cannot see what I need to do :(

Josh

Josh
11-23-2010, 03:27 PM
Still needing help with this :(

I can't figure it out. Please please can somebody help me.

Thanks

Josh
11-26-2010, 03:08 PM
please guys, it's so annoying.

my site supposed to go live 1st Dec, and if I don't have this function in place it's not going to be able to.

I'll pay somebody to get it working for me.

thanks,

Josh

Corrosive
11-26-2010, 03:45 PM
I'll pay somebody to get it working for me.



Hi Josh

If you want to offer this as a job you might be better posting on the 'job offers' board. It might get more attention there.

Josh
11-26-2010, 04:05 PM
Thanks, I have done so. want it? :)

Corrosive
11-26-2010, 04:17 PM
Thanks, I have done so. want it? :)

Sorry mate, no. Snowed under at the moment (literally if I look out the window!) I'm sure someone will do it though. :grin:

davidj
11-30-2010, 10:33 AM
contact me through codezenith.co.uk to discuss this work

Josh
11-30-2010, 11:12 AM
Hi David,

I've managed to fix this now.

thank you anyway.

davidj
11-30-2010, 06:32 PM
ok no probs