Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member
The allow all types method that we've created on line 71 to 81, makes the upload file class accept all types of files. It also allows you to specify whether a suffix should be appended to the file name of potentially risky types. We now need to amend the check name method so that it renames files correctly and appends that suffix, if necessary. So let's find the check name method. It's down towards the bottom of the class definition.
There it is. We need to add an extra line on line 165. And the first task, is to extract the file name extension. The file name is stored here in no spaces. We can get the extension by passing nospaces as an argument to the built-in PHP function path info, which returns an associative array of information about a file or a file path. So we'll create a variable called nameparts and pathinfo. Nospaces.
If the file name doesn't have an extension, the extension element of nameparts won't have been set, so we need to check if it exists. So let's create a variable to store the extension. Then we'll check if it's set. So we're checking for nameparts. Extension. And we'll use conditional operators. So if it has been set we'll assign nameparts extension to extension. If not, we'll make it an empty string.
Now if type checking is on, we don't need to add a suffix. Nor do we need to do so, if the suffix is an empty string. Now let's create a conditional statement. If not, this type checking on, and not empty, this suffix. So the code inside this conditional statement will run only if type checking is off.
And the suffix is not an empty string. The next thing that we need to check is if the extension is in the notTrusted array or if it's empty. So another conditional statement, if in array we're looking for the extension that's our needle and the haystack that we're looking in. Is this notTrusted. And the other condition that we're looking for, the alternative condition, is whether the extension is empty.
So if either of those conditions is true, we need to add the suffix to nospaces and then assign the value to the new name property. To indicate that the name has been changed. So in other words, if the extension is in the notTrusted array, or if the extension is empty, we're going to add the suffix. This newName equals the original name, nospaces, then with the suffix added to it.
Course it's the suffix property. The reason that I've included an empty extension here is that files without a file name extension are frequently used on Linux as executable files. Of course, this will catch some innocent files such as readme, but I think it's better to be on the cautious side. So let's save the class definition. And then go back to, form.PHP. At the moment we're allowing all types. We're not adding a particular extension. But let's, just test that.
By adding the default suffix to the filename you can also specify custom suffix by parsing a string as an argument to allow all types. And if you don't want to add a suffix, simply parse an empty string as the argument. But if you want to be really restrictive, just omit allow all types from the processing. And only specified mine types will be uploaded.
Get unlimited access to all courses for just $25/month.Become a member
82 Video lessons · 101192 Viewers
61 Video lessons · 87945 Viewers
71 Video lessons · 71833 Viewers
56 Video lessons · 103682 Viewers
Access exercise files from a button right under the course name.
Search within course videos and transcripts, and jump right to the results.
Remove icons showing you already watched videos if you want to start over.
Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.
Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.
Your file was successfully uploaded.