I am pretty much a new newbie when it comes to PHP, and have a problem that I need to solve, for a website that has to go live tomorrow.
Basically I have been using a javascript upload script called 'uploadify' which had an option for the upload folder which was added to the script in the form:
'folder' : '/songs/<?php echo $_SESSION["name"];?>',
I added the php echo to return the username from a PHP login, so it gets added to the path to the upload folder (each user has their own subfolder for uploading to).
With the new version of the uploadify script, the folder option has been moved to a separate PHP file where it is now in the form:
$targetFolder = '/songs/';
I need to find a way of adding the username variable to this line. I have tried using echo in various ways, and googled about, but it has stumped me, simple as it may be.
If anyone could let me know how I construct this line I'd be very grateful. Time is of the essence, as they say...
Thanks,
Nick
I thought I'd include all of the php involved in case this illuminates why the session var isn't available to uploadify.php.
First there is this at the top of the index.php page:
<?
require("log.php");
?>
Which triggers log.php:
<?
session_name("MyLogin");
session_start();
if($_GET['action'] == "login") {
$conn = mysql_connect("","",""); // your MySQL connection data
$db = mysql_select_db(""); //put your database name in here
$name = $_POST['user'];
$q_user = mysql_query("SELECT * FROM USERS WHERE login='$name'");
if(mysql_num_rows($q_user) == 1) {
$query = mysql_query("SELECT * FROM USERS WHERE login='$name'");
$data = mysql_fetch_array($query);
if($_POST['pwd'] == $data['password']) {
$_SESSION["name"] = $name;
header("Location: http://monthlymixup.com/index.php"); // success page. put the URL you want
exit;
} else {
header("Location: login.php?login=failed&cause=".urlencode('Wrong Password'));
exit;
}
} else {
header("Location: login.php?login=failed&cause=".urlencode('Invalid User'));
exit;
}
}
// if the session is not registered
if(session_is_registered("name") == false) {
header("Location: login.php");
}
?>
(I have removed MySql info from this)
This then calls the login.php, which has this php at the top (followed by the html for the form):
<?
session_name("MyLogin");
session_start();
session_destroy();
if($_GET['login'] == "failed") {
print $_GET['cause'];
}
?>
which includes session_destroy();. Which I thought may be causing the problem, but I deleted this line, and the session var isn't passed to uploadify.php (and why would it be available to index.php it it is destroyed here?). uploadify.php currently looks like this:
<?php
session_start()
print_r($_SESSION);
$targetFolder = '/songs/' . $_SESSION['name']; // Relative to the root
if (!empty($_FILES)) {
$tempFile = $_FILES['Filedata']['tmp_name'];
$targetPath = $_SERVER['DOCUMENT_ROOT'] . $targetFolder;
$targetFile = rtrim($targetPath,'/') .'/'. $_FILES['Filedata']['name'];
// Validate the file type
$fileTypes = array('m4a','mp3','flac','ogg'); // File extensions
$fileParts = pathinfo($_FILES['Filedata']['name']);
if (in_array($fileParts['extension'],$fileTypes)) {
move_uploaded_file($tempFile,$targetFile);
echo '1';
} else {
echo 'Invalid file type.';
}
}
?>
The uploadify.php is referred to in jquery.uploadify.js. I think these are all the lines that are relevant:
uploader : 'uploadify.php',
upload_url : settings.uploader,
case 'uploader':
swfuploadify.setUploadURL(settingValue);
So long as the user name is being stored in a session variable make sure that whatever script $targetFolder resides in has the session started (session_start()) and change that line to the following:
$targetFolder= "/songs/".$_SESSION['name'].'/';
If $_SESSION['name'] = "foo" your path would now be /songs/foo/.
$targetFolder = "/songs/{$_SESSION['name']}";
EDIT: Your issue is session_name. If you ever use that (which is not usually necessary), "you need to call session_name() for every request (and before session_start() or session_register() are called)."
Could it be this simple?
$targetFolder = '/songs/' . $_SESSION['name'];
Assuming you still have the session var to work with...
$targetFolder = '/songs/' . $_SESSION['name'];
Just use concatenation....
$targetFolder = '/songs/' . $_SESSION['name'];
Should you need a trailing slash (since it was working before without It i dont think you do), use :
$targetFolder = '/songs/' . $_SESSION['name'] . '/';
When you are within a PHP script, adding variables to the string of another variable is trivial - using the "." dot operator, you can concatenate or join strings.
I would also check if the session name variable exists, and perhaps cancel out or set a default if it doesnt. perhaps
if(!isset($_SESSION['name']))
do { $_SESSION['name'] = microtime(); } while(!file_exists('songs/'.$_SESSION['name']));
This will actively find a new folder for that file and it will not overwrite existing folders.
As mentioned above, an alternative is to use double quotes and the "{}" to achieve the same result. What you'll find is that using double quotes over single quotes can be very marginally slower because the string parser will check to see if you've included any variables and 'expand' them out to their value. Both syntaxes are acceptable.
Here's what I normally do to transfer the session ID
$('#file_upload').uploadify({
'uploader': '/prototype/site/assets/template/swf/uploadify.swf',
'script': '/prototype/jobs/filemanager/upload',
'cancelImg': '/prototype/site/assets/template/images/cancel.png',
'auto': true,
'multi': false,
'fileDesc': 'Portable Document Format *.pdf',
'fileExt': '*.pdf',
'buttonText':'Upload',
'onComplete': load_list,
'scriptAccess':'always',
'checkScript':'/jobs/filemanager/check',
'scriptData': {'session_id':'<?php echo session_id()?>'},
'queueID':'queue'
});
See that script data? I basically output the session id and then pass that onto the uploadify.php (well my example doesn't use uploadify.php, that's contained in a class but it's the same thing)
You're looking for a concatenation operator ('.'):
$targetFolder = '/songs/'.$_SESSION["name"].'/';