Im trying to add user profile photo, but the problem is moving the uploaded file to the target directory because of the fakepath.
since the this is fakepath and temp location is (C:fakepathroundtableandchairs.jpg), moving the uploaded file will return error as well.
what i did is, i have change the line 106 and i also removed moving uploaded file section and the return is success.
I already did a research about the fakepath it is because of the browser security.
is there any way to get the temp path of the file in localhost (not live)? i just want to test it first in my computer (localhost). or to get this [name][tmp_name][size][type] using the code?
public function add(array $data)
{
if ($errors = $this->registrator->validateUser($data, false)) {
Response::validationError($errors);
}
$allowedTypes = ['jpg', 'jpeg', 'png', 'gif'];
$profilepic = (string)$data['profile_image'];
// Handle secure profile image upload
$targetDirectory = 'c:/Apache24/AdminLTE/dist/assets/img/usersprofile/';
$imageFileType = strtolower(pathinfo($profilepic, PATHINFO_EXTENSION));
// Generate a unique filename: complete_name_uniqueID.extension
$safeName = preg_replace('/[^A-Za-z0-9]/', '_', $data['username']); // Remove special chars
$uniqueID = uniqid();
$imageName = "{$safeName}_{$uniqueID}.{$imageFileType}";
$targetFile = $targetDirectory . $imageName;
$profilepicsize = getimagesize($profilepic);
// Validate image file size
if ($profilepicsize > 5000000) {
return "File size exceeds the 2MB limit.";
}
//Validate Mime Types
if (!in_array($imageFileType, $allowedTypes)) {
return ['success' => false, 'message' => 'Invalid file type. Only JPG, JPEG, PNG, GIF allowed.'];
}
// Prevent executable file uploads
if (preg_match('/.(php|html|htm|js|exe|sh)$/i', $profilepic[0])) {
return "Invalid file type.";
}
// Ensure upload directory exists
if (!is_dir($targetDirectory)) {
if (!mkdir($targetDirectory, 0755, true)) {
return "Failed to create upload directory.";
}
}
// Move the uploaded file
if (!move_uploaded_file($profilepicpic, $targetFile)) {
return "Error uploading the image.";
}
// Insert data into the database
$this->db->insert('users', [
'email' => $data['email'],
'username' => $data['username'],
'password' => $this->hashPassword($data['password']),
'confirmed' => 'Y',
'confirmation_key' => '',
'register_date' => date('Y-m-d H:i:s'),
'profile_image' => $imageName
]);
$this->db->insert('user_details', [
'user_id' => $this->db->lastInsertId(),
'first_name' => $data['first_name'],
'last_name' => $data['last_name'],
'phone' => $data['phone'],
'address' => $data['address']
]);
Response::success(["message" => trans("user_added_successfully")]);
}
Warning: getimagesize(roundtableandchairs.jpg): Failed to open stream: No such file or directory in C:Apache24htdocsAdminLTEdistScriptUser.php on line 106
line 106 :
$profilepicsize = getimagesize($profilepic);
Replacement of line 106
$profilepicsize = pathinfo($profilepic, PATHINFO_DIRNAME);