DataTables
Advanced interaction
features for your tables.
Editor
Comprehensive editing
library for DataTables.
Manual
Download
Show site navigation

Name of upload file is easy to guess, how to give it a random name?

Name of upload file is easy to guess, how to give it a random name?

mfmf Posts: 41Questions: 11Answers: 0
in DataTables 1.10

Hello,

I am using the file upload but when I use ID the file is easy to guess. Suppose you do not want everyone to see (or guess) all file names, how could I for example give it a random number or hash?

    /**
     * Apply macros to a user specified path
     *
     * @param  string $name File path
     * @param  int $id Primary key value for the file
     * @return string Resolved path
     */
    private function _path ( $name, $id )
    {
        $extn = pathinfo( $name, PATHINFO_EXTENSION );
        $to = $this->_action;
        $to = str_replace( "__NAME__", md5($name), $to   );
        $to = str_replace( "__ID__",   $id,   $to   );
        $to = str_replace( "__EXTN__", $extn, $to );

        return $to;
    }

this attempt has actually no affect at all. And to be clear I don't even like to use NAME because I don't want to overwrite duplicate names.

I hope someone can help me in the right direction thanks!

Answers

  • mfmf Posts: 41Questions: 11Answers: 0

    Never mind, I found a way

        ->join(
        Mjoin::inst( 'files' )
            ->link( 'contracts.contracts_id', 'contracts_files.contracts_id' )
            ->link( 'files.id', 'contracts_files.file_id' )
            ->fields(
                Field::inst( 'id' )
                    //->upload( Upload::inst( $_SERVER['DOCUMENT_ROOT'].'/upload/__ID__.__EXTN__' )
                    ->upload( Upload::inst( $_SERVER['DOCUMENT_ROOT'].'/upload/__ID__'.md5(uniqid(mt_rand(), true)).'.__EXTN__' )
                        ->db( 'files', 'id', array(
                            'filename'    => Upload::DB_FILE_NAME,
                            'filesize'    => Upload::DB_FILE_SIZE,
                            'web_path'    => Upload::DB_WEB_PATH,
                            'system_path' => Upload::DB_SYSTEM_PATH
                        ) )
                        ->validator( Validate::fileSize( 5000000, 'Files must be smaller that 5000K' ) )
                        ->validator( Validate::fileExtensions( array( 'pdf', 'jpg', 'jpeg', 'docx', 'doc' ), "Please upload pdf, docx or jpg" ) )
                    )
            )
    )
This discussion has been closed.

DataTables

DataTables designed and created by SpryMedia Ltd.
© 2007-2025 MIT licensed. Privacy policy. Supporters.
SpryMedia Ltd is registered in Scotland, company no. SC456502.