$output = true; $fields = $hook->getValues(); /* User's photo */ if (!empty($fields['cvdoc'])) { // valid extensions $extArray = array('doc', 'docx', 'pdf'); // create temporary path for this form submission $uploadPath = 'assets/uploads/temp/'; $targetPath = $hook->modx->config['base_path'] . $uploadPath; // get uploaded file names: $submittedFiles = array_keys($_FILES); // loop through files foreach ($submittedFiles as $sf) { // Get Filename and make sure its good. $filename = basename($_FILES[$sf]['name']); // Get file's extension $ext = pathinfo($filename, PATHINFO_EXTENSION); // case insensitive $ext = mb_strtolower($ext); // is the file name empty (no file uploaded) if ($filename != '') { // is this the right type of file? if (in_array($ext, $extArray)) { //create file called the user name $filename = mb_strtolower($filename); // full path to new file $uploadFilePath = $targetPath . $filename; // create directory to move file into if it doesn't exist @mkdir($targetPath, 0755, true); if (file_exists($uploadFilePath)) { // Change the file permissions if allowed chmod($uploadFilePath, 0755); // remove the file unlink($uploadFilePath); } // is the file moved to the proper folder successfully? if (move_uploaded_file($_FILES[$sf]['tmp_name'], $uploadFilePath)) { $hook->setValue($sf, $uploadPath . $filename); if (!chmod($uploadFilePath, 0644)) { /* some debug function */ } } else { // File not uploaded $errorMsg = 'There was a problem uploading the file.'; $hook->addError($sf, $errorMsg); // generate submission error $output = false; } } else { // File type not allowed $errorMsg = 'Type of file not allowed.'; $hook->addError($sf, $errorMsg); // generate submission error $output = false; } } else { // if no file, don't give error, but just return blank $hook->setValue($sf, ''); } } } return $output;
This question has been answered by BobRay. See the first response.
You can get a unique number with time(), though there's a very slight chance that two files could be uploaded in the same second if the server is very fast. A guaranteed unique string can be generated by uniqid();
$uniqueName = $filename . '-' . time() would also be pretty safe, as would $uniqueName = $filename . '-' . str_replace(' ', '-', strftime('%c'));
The last one would add the date and time the file was uploaded to the filename. See this for other formatting options.
foreach ($submittedFiles as $sf) { // Get Filename and make sure its good. $filename = basename($_FILES[$sf]['name']); $filename = $filename . ...;
$filename = mb_strtolower($filename).$randomstring;
Line 27, where you define the filename, add the random part to the filename. You can generate your random string by whatever method you like anywhere before that. I'd do it on line 26, so it's only done if the conditionals are met, and not just wasting time.
$filename = mb_strtolower($filename).$randomstring;
// JWD $randomstring = time(); $filename = mb_strtolower($filename).$randomstring;
if (strpos($filename, '.') === false) { // no extension } else { /* Get extension (including the dot) */ $ext = substr($filename, strrpos($filename, '.')); /* remove extension */ $filename = str_replace($ext, '', $filename); $randomstring = time(); $filename = mb_strtolower($filename).$randomstring . $ext; }
This should do it:
if (strpos($filename, '.') === false) { // no extension } else { /* Get extension (including the dot) */ $ext = substr($filename, strrpos($filename, '.')); /* remove extension */ $filename = str_replace($ext, '', $filename); $randomstring = time(); $filename = mb_strtolower($filename).$randomstring . $ext; }
This will work even if there are other dots in the filename.