I use the follwing function for moving files:
public function moveFile($file,$targetdir="../uploads/images/")
{
$fileName = $file['name'];
$ext = substr($fileName, strrpos($fileName, '.') + 1);
do
{
$targetfilename=md5(date("m.d.y.h.i.s").basename($fileName)).'.'.$ext;
$fullname=$targetdir.$targetfilename;
}while(file_exists($fullname));
move_uploaded_file($file["tmp_name"],$fullname);
return $fullname;
}
Call the fn as :
foreach($_FILES as $file_name => $filearray)
{
if( $filearray['error']=='')
{
$filenametobestored=moveFile($filearray);
/*Enter name into db here*/
}
}
this will make sure you never over write anyfiles..
Midhun Girish
On Thu, Apr 1, 2010 at 3:25 PM, Ashley Sheridan <ash@xxxxxxxxxxxxxxxxxxxx>wrote:
> of the web
> root, which will prevent people from maliciously uploadi
>
