Rename image before upload

Asked

Viewed 246 times

-1

I want to know how to rename imgs before upload, because of security issues, it is good to rename with the date (I think), but if someone knows a better way please comment.

<?php
include "conexao.php";
include "executaSQL.php";

$nome = $_POST['nome'];
$email = $_POST['email'];
$senha = $_POST['senha'];
$tipo = $_POST['tipo'];
$permissoes = $_POST['permissoes'];

$senha_codificada = sha1($senha);

$arqName = $_FILES['arquivo']['name'];

$arqType = $_FILES['arquivo']['type'];

$arqSize = $_FILES['arquivo']['size'];

$arqTemp = $_FILES['arquivo']['tmp_name'];

$arqError = $_FILES['arquivo']['error'];

list($largura, $altura) = getimagesize($_FILES["arquivo"]["tmp_name"]);

if($largura=="" || $altura ==""){
echo "<script>alert('Você deve selecionar uma imagem válida para envio!')</script>";
echo "<script>window.location.href='cadastro_usuario.php' </script>";
exit;

}
$pasta = 'upload/avatar/';

if(!file_exists($pasta))
    {
        mkdir("$pasta", 0755);
    }
$upload = move_uploaded_file($arqTemp, $pasta . $arqName);

$SQL = "INSERT INTO tbl_usuario VALUES('null','$nome','$email','$senha_codificada','$tipo','$permissoes','$arqName');";

$link= conectar ();
$inserido = executaSQL($SQL, $link);

if ( $inserido == True && $arqError  ==  0){
        echo "<script>alert('Dados Cadastrados com Sucesso!');</script>";
        echo "<script>window.location.href='cadastro_usuario.php' </script>";   
    }
    else{
        echo "<script>alert('Falha ao Realizar Cadastro!');</script>";
        echo "<script>window.location.href='cadastro_usuario.php' </script>";       
}

?>

  • 3

    what safety problem Voce refers to?

1 answer

3


Replace your $arqName = $_FILES['arquivo']['name']; for:

$ext = pathinfo($_FILES['arquivo']['name'], PATHINFO_EXTENSION);
$arqName = date("Y-m-d-h-i-s").".".$ext;

So you rename with Date and already save the Image with name changed in SQL.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.