Hi there...

I have a form setup already with 4 upload boxes....

How do i upload all 4 files to my website and then store it so that user1 can only access their uploaded material and so on...

I dont understand how to store the files and only be available to the person who uploaded the files.

I have the whole user authentication already in place.

    When you upload the files and save them to the hard drive, pick a random name. (There are lots of different ways to do that. I like to md5 the time + a secret string.) Whatever means you use to pick a random name, save the file under that name. Then write the new name and the old name to a database along with the user's userid.

    When the user logs in, read the database to find all the files that belong to their userid. Then make a series of links like this:

    print "<a href=\"usersdata/$random_name\">$original_name</a>";

    This way, the user can see links to all their files with their original name... but nobody will be able to see other people's files because the only links they see are to their own files.

    The reason you store the files with a random name is so that (A) hackers can't guess the names of other people's files that might be in the directory and (😎 so that nobody has the same file name as some other user's files.

    This method is one of about six ways to do it. It's not necessarily the best way to do it but it's easy and secure. Once you get good at doing it this way, you'll be able to come up with some other ways that work too.

      How do i connect these two?

      {
      if(move_uploaded_file($FILES['uploaded']['tmp_name'], $target))
      (move_uploaded_file($      FILES['uploaded1']['tmp_name'], $target1))
      {

      <?php 
$target = "upload/"; 

$target = $target . basename($_FILES['uploaded']['name']);
$target1 = basename(md5($_FILES['uploaded']['name']));
$target = $target . basename($_FILES['uploaded1']['name']);
$target2 = basename(md5($_FILES['uploaded1']['name']));

$ok=1; 

//This is our size condition 
if ($uploaded_size > 350000) 
{ 
echo "Your file is too large.<br>"; 
$ok=0; 
} 

//This is our limit file type condition 
if ($uploaded_type =="text/php") 
{ 
echo "No PHP files<br>"; 
$ok=0; 
} 

//Here we check that $ok was not set to 0 by an error 
if ($ok==0) 
{ 
Echo "Sorry your file was not uploaded"; 
} 

//If everything is ok we try to upload it 
else 
{ 
if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)), (move_uploaded_file($_FILES['uploaded1']['tmp_name'], $target1)) 
{ 
echo $target."<br>".$target2;
} 
else 
{ 
echo "Sorry, there was a problem uploading your file."; 
} 
} 
?>
        Write a Reply...