CODEWITHSUNDEEP
phpvariables
tom simo
tom simo

Reputation: 73

How to pass a variable into a file path in PHP

I am trying to pass a user entered company into a path to determine the content displayed. I have the company submitting to the page that the form is on and this as the path for the content display. I would like to include a mkdir if it is a new company name.

$path = '(uploadedFiles/($_POST['companyName']))';
$dirs = scandir($path);

Not sure why but I am now getting an undefined index error. Here is the portion that is asking for the name it is on the page named admin.php

print '<form action="admin.php" method="POST">'.PHP_EOL;
            print' <h4> Enter the name of the company the new uploads belong to.</h4>';
            print'    <label class="control-label"    `for="companyName">companyName</label>';`
            print'      <input type="text" name="" id="companyName" placeholder="Enter Comapny Name ">';
            print'      <button type="submit" class="btn">Enter</button>';
            print' </div>';

Upvotes: 0

Views: 12990

Answers (5)

Faruq
Faruq

Reputation: 50

$path = 'uploadedFiles/'. $_POST['companyName'] ;
if (!file_exists($path) {
    mkdir($path, 0775, true);
   }
$dirs = scandir($path);

I hope that helps.

Upvotes: 0

aynber
aynber

Reputation: 23035

You should use double-quotes to process the variable, and the variable is $_POST, not $-POST.

$path = "uploadedFiles/{$_POST['companyName']}";

Of course, this is a BAD BAD BAD idea to use the POST variable here

Upvotes: 1

Lolito
Lolito

Reputation: 412

Added to errors said before ($_POST, not $-POST; mix quotes and double-quotes) you can echo a variable into a string using braces:

$path = "uploadedFiles/{$_POST['companyName']}";

Upvotes: 0

Daniel W.
Daniel W.

Reputation: 32360

The best way (Zend Code Style Guide) is to concat it like this:

$path = 'uploadedFiles/' . $_POST['companyName']; // works with double-
                                                  // and single-quotes

But be warned: Accepting user input, non-validated into your system can result in hacking attempts.

Another way would be like this:

$path = "uploadedFiles/{$_POST['companyName']}"; // double-quotes only

Upvotes: 3

Daniel
Daniel

Reputation: 4946

here you go:

$companynamedir = $_POST['companyName'];

$path = "uploadedFiles/" . $companynamedir;

$dirs = scandir($path);

Upvotes: 1

Related Questions