Start your free trial now, and begin learning software, business and creative skills—anytime, anywhere—with video instruction from recognized industry experts.

Start Your Free Trial Now

Removing spaces from file names


From:

Uploading Files Securely with PHP

with David Powers

Video: Removing spaces from file names

The remaining stages in making the upload file class more robust involve inspecting the file name and altering it if necessary. We'll begin by implementing a simple routine to replace spaces in file names with underscores. Spaces are acceptable on Windows and Mac operating systems, but they cause problems on Linux and in URLs. So, we'll begin by creating a property to store the filename if it's been altered. And, like all properties, it needs to be declared at the top of the class definition.
Expand all | Collapse all
  1. 4m 49s
    1. Welcome
      57s
    2. What you should know before watching this course
      2m 0s
    3. Using the exercise files
      1m 52s
  2. 33m 2s
    1. How PHP handles file uploads
      6m 16s
    2. Examining the $_FILES array
      5m 8s
    3. Setting the maximum file size
      5m 36s
    4. Preparing the upload folder
      3m 18s
    5. Moving the file to its destination
      6m 51s
    6. Limitations on file uploads
      5m 53s
  3. 47m 3s
    1. Planning the class's features
      3m 15s
    2. Creating and using a namespaced class
      5m 25s
    3. Creating the class constructor
      7m 26s
    4. Getting a reference to the uploaded file
      5m 9s
    5. Checking the error level
      5m 7s
    6. Displaying errors and other messages
      4m 51s
    7. Setting and checking the maximum file size
      7m 19s
    8. Strengthening the setMaxSize() method
      8m 31s
  4. 35m 30s
    1. Restricting acceptable MIME types
      5m 27s
    2. Removing spaces from file names
      5m 21s
    3. Restricting acceptable file-name extensions
      6m 10s
    4. Neutralizing potentially dangerous uploads
      5m 54s
    5. Renaming files with duplicate names
      7m 58s
    6. Moving the file to its destination
      4m 40s
  5. 10m 25s
    1. Understanding how the $_FILES array handles multiple files
      4m 42s
    2. Adapting the class to handle both single and multiple uploads
      5m 43s
  6. 38m 15s
    1. Overview of the UploadFile class
      5m 9s
    2. Setting up to use the class
      4m 11s
    3. Using the class
      8m 12s
    4. Reporting errors with multiple uploads
      4m 0s
    5. Displaying the server limits
      4m 51s
    6. Alerting the user about exceeding the server limits
      6m 14s
    7. Changing the class's defaults
      5m 38s
  7. 1m 38s
    1. Goodbye
      1m 38s

please wait ...
Watch the Online Video Course Uploading Files Securely with PHP
2h 50m Intermediate Feb 24, 2014

Viewers: in countries Watching now:

The basic process of uploading files with PHP is very simple, but there are security implications that many people are unaware of. This course shows how to create a secure custom PHP class that can handle both single-file and multi-file uploads. Author David Powers shows you how to create a file upload class that checks the size, type, and names of files, renaming them when it encounters a duplicate file name. He'll show you how to make the class report on the outcome of the upload process and the nature of any errors that occur, and how to prevent the user from uploading files that exceed the server limits.

At the end of this course, you'll have a robust, flexible class that can be incorporated into many projects (including web forms) with just a few lines of code.

Topics include:
  • How PHP handles file uploads
  • Setting the maximum file size
  • Moving the file to its destination
  • Creating and using a namespaced class
  • Displaying error messages
  • Restricting unacceptable MIME types and file extensions
  • Using the class
  • Reporting errors
  • Altering the user
Subject:
Developer
Software:
PHP
Author:
David Powers

Removing spaces from file names

The remaining stages in making the upload file class more robust involve inspecting the file name and altering it if necessary. We'll begin by implementing a simple routine to replace spaces in file names with underscores. Spaces are acceptable on Windows and Mac operating systems, but they cause problems on Linux and in URLs. So, we'll begin by creating a property to store the filename if it's been altered. And, like all properties, it needs to be declared at the top of the class definition.

It'll be protected and we'll call it newName. Now we need to create a protected method, called checkName. It needs to go with our other check methods, so we'll put it after the checkType method. So create a little bit of extra space there And the argument that we will pass the checkName will be the reference to the current element in the file's super global array, so that will be file, and then inside our definition, the first thing we need to do is to make sure that newName is null.

The reason for doing that is that the class will eventually be capable of handling multiple file uploads. So, newName needs to be cleared each time this method is used. So it'll be this, newName equals null. Now we can replace the spaces with underscores, and we'll assign the result to a temporary result called nospaces. And we'll use the string replace function. That searches for something. What we're going to search for is a string, which is simply a space, we're going to replace it with a string, which will be an underscore.

And the subject, what we're looking at, is the file name, as reported in the file superglobal array. So that's file and then it's the name element that we're looking for. To check whether the name has been changed, we can compare nospaces with file name. So, if nospaces is not equal to file name, if they're not equal, we know that it's been changed. So, we assign nospaces to the new name property.

So this newName equals nospaces. So that's as far as we are going to go with the checkName method in this video. So we need to call this in the checkFile method. So I'll scroll back up there and we'll call it after checkType. You just need to call it directly so it'll be this checkName. And we pass it file as the argument. But if the file has been renamed, we need to tell the user.

And we'll do that in the moveFile method, which is right down at the bottom. And at the moment, this messages takes file name was uploaded successfully. What we need to do is to add something to the end of that message if it was renamed. So, instead of this messages, we'll use a temporary variable which we'll call result. And then we'll remove that period at the end there. And then we'll have a conditional statement if. And we'll have a conditional statement.

And we'll know this if new name is not null, we know that the file has been renamed. So, not is null and we're looking at this newName. We can then add to result .= and was renamed. Then we need to add that new name, which is in the newName property.

And then let's be grammatically correct. Let's add a period to the end of result, and finally we can assign result to this messages. So it's this messages, add square brackets, equals result. So we can now save our definition, and go to form, test it in a browser. If we choose a file that has got underscores in it, upload file, we get that uploaded successfully. Then if we choose a file that has got spaces in it. Let's try rose pink, and upload that.

It says that rose pink was uploaded successfully and was renamed, rose_pink.jpg. So removing spaces from the file name and replacing them with underscores has been a fairly trivial operation. But we'll continue improving the checkName method to neutralize risky file name extensions and to optionally prevent files from being over written.

There are currently no FAQs about Uploading Files Securely with PHP.

 
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ .

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

* Estimated file size

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed Uploading Files Securely with PHP.

Return to your organization's learning portal to continue training, or close this page.


OK

Upgrade to View Courses Offline

login

With our new Desktop App, Annual Premium Members can download courses for Internet-free viewing.

Upgrade Now

After upgrading, download Desktop App Here.

Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member ?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Learn more, save more. Upgrade today!

Get our Annual Premium Membership at our best savings yet.

Upgrade to our Annual Premium Membership today and get even more value from your lynda.com subscription:

“In a way, I feel like you are rooting for me. Like you are really invested in my experience, and want me to get as much out of these courses as possible this is the best place to start on your journey to learning new material.”— Nadine H.

Start your FREE 10-day trial

Begin learning software, business, and creative skills—anytime,
anywhere—with video instruction from recognized industry experts.
lynda.com provides
Unlimited access to over 4,000 courses—more than 100,000 video tutorials
Expert-led instruction
On-the-go learning. Watch from your computer, tablet, or mobile device. Switch back and forth as you choose.
Start Your FREE Trial Now
 

A trusted source for knowledge.

 

We provide training to more than 4 million people, and our members tell us that lynda.com helps them stay ahead of software updates, pick up brand-new skills, switch careers, land promotions, and explore new hobbies. What can we help you do?

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.