CodeIgniter Forums

Full Version: Picture uploading
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

El Forum

[eluser]stuffradio[/eluser]
What can I use to upload pictures and give them unique file names when they're uploaded?

El Forum

[eluser]EEssam[/eluser]
Check this:

http://ellislab.com/codeigniter/user-gui...ading.html

El Forum

[eluser]charlie spider[/eluser]
here's my upload function from my current project:

Code:
function do_upload()
{                        

    $this->load->model('Boot_model');
    
    $config['upload_path'] = './uploads/';
    $config['allowed_types'] = 'jpg';
    $config['overwrite'] = 'TRUE';
    $this->load->library('upload', $config);
    
                $this->load->library('image_lib');
    
    if ( ! $this->upload->do_upload() )
    {
        $this->validation->error_string .= $this->upload->display_errors();        
        $this->boot( $this->input->post('bootID') );
    }    
    else
    {
        $upload_data = $this->upload->data();
        foreach( $upload_data as $item => $value ) { $filedata[$item] = $value; }
    
        $img4db = md5( $this->input->post('bootNmbr_Name') . $this->input->post('whchimg') . 'salt_phrase') ; //scrambles the file name
                    
        if ( $filedata['is_image'] )
        {
            // create fullsize original
            $resize_config['image_library'] = 'GD2';
            $resize_config['source_image'] =  $upload_data['full_path'];
            $resize_config['maintain_ratio'] = TRUE;            
            $resize_config['create_thumb'] = FALSE;
            $resize_config['quality'] = 100;
            $resize_config['new_image'] = './uploads/' . $img4db . '_full.jpg';     // './uploads/' .  $filedata['file_name'];
            $this->image_lib->initialize($resize_config);
            if ( !$this->image_lib->resize() )
            {
                //echo $this->image_lib->display_errors('<p>', '</p>');
                $this->validation->error_string .= $this->image_lib->display_errors();
            }
    
            // resize original to  300 x 300 for CMS backend
            $resize_config['image_library'] = 'GD2';
            $resize_config['source_image'] =  $upload_data['full_path'];
            $resize_config['maintain_ratio'] = TRUE;            
            $resize_config['create_thumb'] = FALSE;
            $resize_config['quality'] = 100;
            $resize_config['width'] = 300;
            $resize_config['height'] = 300;
            $resize_config['new_image'] = './uploads/' . $img4db . '_cms.jpg';     // './uploads/' .  $filedata['file_name'];
            $this->image_lib->initialize($resize_config);
            if ( !$this->image_lib->resize() )
            {
                //echo $this->image_lib->display_errors('<p>', '</p>');
                $this->validation->error_string .= $this->image_lib->display_errors();
            }
    
            // create thumb
            $thumb_config['image_library'] = 'GD2';
            $thumb_config['source_image'] = $upload_data['full_path'];
            $thumb_config['maintain_ratio'] = TRUE;
            $thumb_config['thumb_marker'] = '_thumb';
            $thumb_config['create_thumb'] = TRUE;            
            $thumb_config['quality'] = 100;
            $thumb_config['width'] = 40;
            $thumb_config['height'] = 40;
            $thumb_config['new_image'] = './uploads/' . $img4db . '.jpg';    // './uploads/' .  $filedata['file_name'];
            $this->image_lib->initialize($thumb_config);
            if ( !$this->image_lib->resize() )
            {              
                $this->validation->error_string .= $this->image_lib->display_errors();
            }    
                
            unlink($resize_config['source_image']); //delete source image
                
            if( !$this->Boot_model->update_boot_pic( $this->input->post('bootID'), $this->input->post('whchimg'), $img4db, $upload_data['raw_name'] ) )
            {
                $this->validation->error_string .=  'An error occured while attempting to update ' . $this->input->post('whchimg');
            }
                  
        }
        else
        {
            $this->validation->error_string .= $this->image_lib->display_errors();
        }
            
        $goBack = 'cms/boot/' . $this->input->post('bootID');
        redirect($goBack, 'refresh');

    }

}


i store the original image name in the database as well as the scrambled ( md5 + salted ) version. Then to display an image on the site i send the original filename to a script that retreives the scrambled filename from the database, then sends the headers and streams the image to the browser. From the site visitor's perspective, they never see the scrambled filename and therefore can't reference any hacker laced files they've uploaded.

El Forum

[eluser]Skippy[/eluser]
Code:
$config['overwrite'] = 'TRUE';

This should probably be TRUE (without the quotes). The docs say it's a boolean so if you actually submit a string (even if it's 'FALSE') it will still get evaluated to true. You probably didn't have any issues because you're going for true anyway.