I have a fileupload with php but that's irrelevant because my real problem is that i have this code:
if (!empty($_FILES)) {
$tempFile = $_FILES['Filedata']['tmp_name'];
$real = $_FILES['Filedata']['name'];
$finfo = pathinfo($real);
$time = time();
$rand1 = substr(sha1($real.$time),0,4);
$rand2 = substr(sha1($real.$time),5,-22);
$fname = preg_replace("#[^A-Za-z1-9]#","_", $_FILES['Filedata']['name']);
mkdir(UPLOAD_TO."/".$rand2,0777);
$targetFile = UPLOAD_TO."/".$rand2."/".$real;
move_uploaded_file($tempFile,$targetFile);
$query = $db->prepare("INSERT INTO files (realname,filename,extension,filesize,rand1,rand2,uppedby,created) VALUES(:real,:filename,:extension,:filesize,:rand1,:rand2,:uppedby,:created)");
$query->execute(array(
":real" => $real,
":filename" => $fname,
":extension" => $finfo['extension'],
":filesize" => filesize($tempFile),
":rand1" => $rand1,
":rand2" => $rand2,
":uppedby" => $_SERVER['REMOTE_ADDR'],
":created" => time()
));
}
THe file is uploaded and i am creating an sha1 hash from the actual timestamp and the real filename. After i am cutting them with substr() but there is the tricky part. The mkdir is creating the directory not with the cutted string but with strange another combinations.
I don't know what i'm doing wrong. Could you please take a look at it?
$rand2 = sha1(sha1($real.$time),0,4);
this should be $rand2 = substr(sha1($real.$time),0,4); #RAND2
and please remove $do = ;
Under "dev mod" an error would show up: Warning: sha1() expects at most 2 parameters, 3 given
It's just you have a typo or something like that
I made a quick check on my local server with such code and it works
<?php
DEFINE('UPLOAD_TO',"C:/env/php/www/tests/");
if (!empty($_FILES))
{
$tempFile = $_FILES['Filedata']['tmp_name'];
$real = $_FILES['Filedata']['name'];
$finfo = pathinfo($real);
$time = time();
$rand1 = substr(sha1($real.$time),0,4);
$rand2 = substr(sha1($real.$time),5,-22);
$fname = preg_replace("#[^A-Za-z1-9]#","_", $_FILES['Filedata']['name']);
mkdir(UPLOAD_TO."/".$rand2,0777);
$targetFile = UPLOAD_TO."/".$rand2."/".$real;
move_uploaded_file($tempFile,$targetFile);
}
?>
<form method="POST" enctype="multipart/form-data" action="">
<input type="file" name="Filedata" />
<input type="submit" />
</form>
You could check it, but problem is your sha1 function which should be replaced by substr
Update 2
As you have problems with your folder name and are unhappy with its name you can try changing $rand2 = substr(sha1($real.$time),5,-22); to $rand2 = substr(sha1($real.$time),1,5);
Read a manual of substr at php.net substr and suit it to your needs, it's very basic by the way.
Three arguments of substr are $STRING, $START and $LENGTH which is optional. An excerpt from php.net might clear it all for you:
If start is non-negative, the returned string will start at the start'th position in string, counting from zero. For instance, in the string 'abcdef', the character at position 0 is 'a', the character at position 2 is 'c', and so forth.
In my opinion following part would clear your mind about it more (pay attention to negative part)
If length is given and is positive, the string returned will contain at most length characters beginning from start (depending on the length of string).
If length is given and is negative, then that many characters will be omitted from the end of string (after the start position has been calculated when a start is negative). If start denotes the position of this truncation or beyond, false will be returned.