Jump to content
xisto Community
Sign in to follow this  
iGuest

Alphabetical File Sort Script

Recommended Posts

Okay, this script takes in an uploaded file from a form, adds it to the web server, and then it adds it to the correct alphabetical letter directory (ie. Active would go in the a directory). The only use I see for it would be for making it easier to find something when it is uploaded. This script takes two .php files: upload.php and upload-check.php. If you are going to use the script, you can rename those files to whatever you want. So, here's the script. Use it at your own discretion (as always).

 

 

upload.php

 

[/br]<?php[br][/br]echo "<form action = 'upload-check.php' method='post' enctype='multipart/form-data'>";[br]echo "<input type = 'text' name='nameOfFile'>";[/br]echo "<input type = 'file' name='uploadFile'>";[br]echo "<input type = 'submit' value = 'Send'>";[/br]echo "</form>";[br][/br]?>

upload-check.php

 

[/br]<?php[br][/br]$letterArray = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', [br]'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z');[br][/br]$arraySize = array_count_values($letterArray);[br][/br]for($n = 0; $n <= $arraySize; $n++)[/br]{[br]     if(!is_dir($n))[/br]     {[br]           mkdir('somefolder/' . $n, 0666);[/br]     }[br]}[br][/br]if(strlen($_POST['nameOfFile']) > 1 and substr($_FILES['uploadFile'], -4) != '.exe')[/br]{[br]     for($i = 0; $i <= $arraySize; $i++)[/br]     {[br]          if(substr($_FILES['nameOfFile'], 1) == $i)[/br]          {[br]               $tmpFile = $_FILES['uploadFile']['tmp_name'];[/br]               $dest = "http://yourwebsite.com/somefolder/" . $i . "/" . [br]                      $_FILES['uploadName']['name'];[/br]               copy($tmpFile, $dest);[br]          }[/br]     }  [br]}[/br]else[br]{[/br]     echo "Sorry, but your file name was either too short or it had an invalid file  [br]             extension. Please go back and try again.";[/br]}[br][/br]?>

Share this post


Link to post
Share on other sites

It's just an idea, but I generally like to keep all of it together in a single file. You could achieve this by combining the scripts as shown below, but ensuring that only one portion is executed at a time (hence the need for the use of the if statement, and the exit function).

<?php[br][/br]if(!isset($_POST['uploadFile'])) {[br]     echo "<form action = 'upload.php' method='post' enctype='multipart/form-data'>";[/br]     echo "<input type = 'text' name='nameOfFile'>";[br]     echo "<input type = 'file' name='uploadFile'>";[/br]     echo "<input type = 'submit' value = 'Send'>";[br]     echo "</form>";[/br]     exit;[br]}[br][/br][/br]$letterArray = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', [br]'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z');[br][/br]$arraySize = array_count_values($letterArray);[br][/br]for($n = 0; $n <= $arraySize; $n++)[/br]{[br]    if(!is_dir($n))[/br]    {[br]          mkdir('somefolder/' . $n, 0666);[/br]    }[br]}[br][/br]if($_POST['nameOfFile'] < 1 and substr($_FILES['uploadFile'], -4) != '.exe')[/br]{[br]    for($i = 0; $i <= $arraySize; $i++)[/br]    {[br]         if(substr($_FILES['nameOfFile'], 1) == $i)[/br]         {[br]              $tmpFile = $_FILES['uploadFile']['tmp_name'];[/br]              $dest = "http://yourwebsite.com/somefolder/" . $i . "/" . [br]                     $_FILES['uploadName']['name'];[/br]              copy($tmpFile, $dest);[br]         }[/br]    }  [br]}[/br]else[br]{[/br]    echo "Sorry, but your file name was either too short or it had an invalid file  [br]            extension. Please go back and try again.";[/br]}[br][/br]?>

Share this post


Link to post
Share on other sites

I was just curious, but what is the reason to exclude exes? (Or am I reading this wrong? ^^;)

if($_POST['nameOfFile'] < 1 and substr($_FILES['uploadFile'], -4) != '.exe')

Share this post


Link to post
Share on other sites

I was just curious, but what is the reason to exclude exes? (Or am I reading this wrong? ^^:D

if($_POST['nameOfFile'] < 1 and substr($_FILES['uploadFile'], -4) != '.exe')
I excluded .exe as an example. It just shows you how to protect against certain file types. I just chose .exe randomly.

Share this post


Link to post
Share on other sites

I was just curious, but what is the reason to exclude exes? (Or am I reading this wrong? ^^:D

if($_POST['nameOfFile'] < 1 and substr($_FILES['uploadFile'], -4) != '.exe')
I excluded .exe as an example. It just shows you how to protect against certain file types. I just chose .exe randomly.
Ah.. that's very neat. :D

I'm going to go disect that part of the code and figure out what it does. ^^

Share this post


Link to post
Share on other sites

As for the first part:

if($_POST['nameOfFile'] < 1
I would assume that is to check that $_POST['nameOfFile'] (which is passed to the script from the form) does actually have a value. The fact that an integer comparison is used sort of makes it a little confusing though. I would have used either:
if($_POST['nameOfFile'])[/br]// (because if a variable has an assigned value, then it will be returned as true) or[br]if($_POST['nameOfFile'] != ""[/br]// or[br]if(isset($_POST['nameOfFile'])
But that's just me.

substr($_FILES['uploadFile'], -4) != '.exe'
This uses the substr(); function to select the last 4 characters of the filename entered, and then makes sure that are not '.exe'. Substr(); is used to select a certain portion of a string, eg:
substr("My name is Spectre", 3)
Will select all of the characters, starting at postion 3, so it would become 'name is Spectre'. Using a negative integer, eg. -4, will select the last -4 characters of the string.

In an IF statement, 'x == y' means that 'x' is equal to 'y' (double equals sign is intentional), and 'x != y' means that 'x' is not equal to 'y'.

Hope that sort of explains it for you.

Checking the filename is certainly a good idea, but a binary check would be much more secure.

Share this post


Link to post
Share on other sites

As for the first part:

if($_POST['nameOfFile'] < 1
I would assume that is to check that $_POST['nameOfFile'] (which is passed to the script from the form) does actually have a value. The fact that an integer comparison is used sort of makes it a little confusing though. I would have used either:

if($_POST['nameOfFile'])[/br]// (because if a variable has an assigned value, then it will be returned as true) or[br]if($_POST['nameOfFile'] != ""[/br]// or[br]if(isset($_POST['nameOfFile'])
But that's just me.

 

substr($_FILES['uploadFile'], -4) != '.exe'
This uses the substr(); function to select the last 4 characters of the filename entered, and then makes sure that are not '.exe'. Substr(); is used to select a certain portion of a string, eg:

substr("My name is Spectre", 3)
Will select all of the characters, starting at postion 3, so it would become 'name is Spectre'. Using a negative integer, eg. -4, will select the last -4 characters of the string.

 

In an IF statement, 'x == y' means that 'x' is equal to 'y' (double equals sign is intentional), and 'x != y' means that 'x' is not equal to 'y'.

 

Hope that sort of explains it for you.

 

Checking the filename is certainly a good idea, but a binary check would be much more secure.


Spectre, about $_POST['nameOfFile'] < 1. I forgot 2 things here: First, it was supposed to be strlen($_POST['nameOfFIle']) < 1, and second, it's not supposed to be < 1, it's supposed to be > 1. I made two mistakes in that piece of code. Sorry about that.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.