CODEWITHSUNDEEP
php
Michal
Michal

Reputation: 3368

how to identify unique files in a dir?

I have a code that lists all files in a dir. The code looks something like this:

//path to directory to scan
$directory = "../images/team/harry/";

//get all image files with a .jpg extension.
$images = glob($directory . "*.jpg");

//print each file name
foreach($images as $image)
{
   echo "some.php?file=".$image;
}

In the link part where it says echo "some.php?file=".$image; I need to identify each file uniquely and forward it by $_GET or $_POST or something to the next page. However, the file names may contain special characters (diacritics), spaces etc. as they are uploaded by users by FTP. What would be a good way to identify them in the next page? Something like an ID, maybe base64_encode / decode or similar? (using simply a counter may not be reliable as the files may get deleted in the mean time which would yeld a wrong result)

Upvotes: 1

Views: 258

Answers (3)

Aram Kocharyan
Aram Kocharyan

Reputation: 20431

It's always possible that the file requested will not exist. I think it would be a good idea to first generate an md5 string and pass that. You should probably check the existence of the generated string to ascertain it is available. Otherwise, a simple 8 character number will suffice and should be appointed at upload time. If the file is deleted, then some.php should present an error to the user.

I would not consider using base64 and then decoding it again in some.php. The URL would be insanely long to copy and may present security issues, though I hope PHP will prevent those. Also, the URL is unwieldily enough for the user to accidentally change the base64 and end up with a seemingly randomly generated picture...

Upvotes: 1

Ben Ashton
Ben Ashton

Reputation: 1405

Base64 would probably do the trick nicely:

echo "some.php?file=".base64_encode($image);

and on the page receiving the get query:

$image=base64_decode($_GET['file']);

Another suggestion is to use a database to store user's uploaded files. Upon upload, each image will be stored in the DB with example columns of an ID, and filename. Then you can just assign the GET var that ID, and on the otherside pull the filename from the given ID.

Upvotes: 2

Jirka Kopřiva
Jirka Kopřiva

Reputation: 3089

What about just sanitizing file names with "urlencode/urldecode" ? http://www.php.net/manual/en/function.urlencode.php

Upvotes: 0

Related Questions