This is a short tutorial for image upload with random salt (haven't included any other checking like file type/size--- but you can include it)
<?php
//////////////////////////////////////////////////////////////////
//////////// script created by DHRUBOJYOTI DAS ///////////////////
/////////////////////////////////////////////////////////////////
if(isset($_POST['Submit']))
{
///// picking the image and storing in variable $image1 and creating a temporary variable $tmp_image1
$image1=$_FILES['image1']['name'];
$tmp_image1=$_FILES['image1']['tmp_name'];
////////////////////////////////////////////////////////////////
////////// Now the allowed extension type validation is done ///
//////////by javascript function Checkfiles1() [check below]
///////// better practice do it again b php ///////////////////
///////// You can also validate the size of the image////////
////////////////////////////////////////////////////////////////
///// now creating my own salt (password fro each uploaded image)
$password = "ABCDXYZW1234567890EFGLWKMNOPQRST";
$string = str_shuffle($password);
$salt=substr($string,0,8);
if(!empty($image1))
{
$image1_name=$salt."_".$image1;
//// uploading the image using move_uploaded_file function
//// replace your uploaded image folder name by images
$uploading = move_uploaded_file($tmp_image1, "images/".$image1_name);
if($uploading)
{
echo "<font color='green'>File uploaded, now check your uploaded folder for the image throght the below link";
echo "<br/>New file name :- ". $image1_name;
////// NOTE:- when inserting into database insert ($image1_name) not ($image1)
/////// then insert it into your databse or something else
echo "<br/>Thank You from Dhrubojyoti Das</font>";
}
else{
echo "Something went wrong";
}
}
else{
echo "Upload image to check the demo";
}
}
?>
<html>
<head>
<title>
Secure File Upload Script in PHP
</title>
<script>
function Checkfiles1()
{
var fup = document.getElementById('image1');
var fileName = fup.value;
var ext = fileName.substring(fileName.lastIndexOf('.') + 1);
if(ext == "gif" || ext == "GIF" || ext == "JPEG" || ext == "jpeg" || ext == "jpg" || ext == "JPG" || ext == "PNG" || ext == "png")
{
return true;
}
else
{
alert("Upload Gif or Jpg or png images only");
fup.value="";
fup.focus();
return false;
}
}
function validate(){
var mar=true;
var image = document.frm.image1.value;
if(image == "")
{
mar = false;
alert("Select your image");
document.frm.image1.focus();
}
return mar;
}
</script>
</head>
<body>
<h2>Secure image upload with random salt</h2>
<form name='frm' method='post' enctype="multipart/form-data" onsubmit='return validate();'>
Upload Image» <input type='file' name='image1' id='image1' onchange='Checkfiles1();'><br/>
<br/r><input type='submit' name='Submit' value='Upload'>
</form>
<a href='images/'>Check Uploaded Image</a>
</body>
</html>
Create the images folder
Live Demo
<?php
//////////////////////////////////////////////////////////////////
//////////// script created by DHRUBOJYOTI DAS ///////////////////
/////////////////////////////////////////////////////////////////
if(isset($_POST['Submit']))
{
///// picking the image and storing in variable $image1 and creating a temporary variable $tmp_image1
$image1=$_FILES['image1']['name'];
$tmp_image1=$_FILES['image1']['tmp_name'];
////////////////////////////////////////////////////////////////
////////// Now the allowed extension type validation is done ///
//////////by javascript function Checkfiles1() [check below]
///////// better practice do it again b php ///////////////////
///////// You can also validate the size of the image////////
////////////////////////////////////////////////////////////////
///// now creating my own salt (password fro each uploaded image)
$password = "ABCDXYZW1234567890EFGLWKMNOPQRST";
$string = str_shuffle($password);
$salt=substr($string,0,8);
if(!empty($image1))
{
$image1_name=$salt."_".$image1;
//// uploading the image using move_uploaded_file function
//// replace your uploaded image folder name by images
$uploading = move_uploaded_file($tmp_image1, "images/".$image1_name);
if($uploading)
{
echo "<font color='green'>File uploaded, now check your uploaded folder for the image throght the below link";
echo "<br/>New file name :- ". $image1_name;
////// NOTE:- when inserting into database insert ($image1_name) not ($image1)
/////// then insert it into your databse or something else
echo "<br/>Thank You from Dhrubojyoti Das</font>";
}
else{
echo "Something went wrong";
}
}
else{
echo "Upload image to check the demo";
}
}
?>
<html>
<head>
<title>
Secure File Upload Script in PHP
</title>
<script>
function Checkfiles1()
{
var fup = document.getElementById('image1');
var fileName = fup.value;
var ext = fileName.substring(fileName.lastIndexOf('.') + 1);
if(ext == "gif" || ext == "GIF" || ext == "JPEG" || ext == "jpeg" || ext == "jpg" || ext == "JPG" || ext == "PNG" || ext == "png")
{
return true;
}
else
{
alert("Upload Gif or Jpg or png images only");
fup.value="";
fup.focus();
return false;
}
}
function validate(){
var mar=true;
var image = document.frm.image1.value;
if(image == "")
{
mar = false;
alert("Select your image");
document.frm.image1.focus();
}
return mar;
}
</script>
</head>
<body>
<h2>Secure image upload with random salt</h2>
<form name='frm' method='post' enctype="multipart/form-data" onsubmit='return validate();'>
Upload Image» <input type='file' name='image1' id='image1' onchange='Checkfiles1();'><br/>
<br/r><input type='submit' name='Submit' value='Upload'>
</form>
<a href='images/'>Check Uploaded Image</a>
</body>
</html>
Create the images folder
Live Demo
No comments:
Post a Comment
Thank your for your comment..your submitted coment will be live after admin approval