Home/ Questions/Q 8848329
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T12:23:57+00:00

I need help with adding the feature to check whether a file exists when

  • 0

I need help with adding the feature to check whether a file exists when uploading.

This is how the upload.php code looks like for uploading:

$file_name = $HTTP_POST_FILES['ljudfil']['name'];
$random_digit=rand(0000,9999);
$mp3 ='.mp3';
$pdf ='.pdf';
$datum = date('Ymd'); 
$new_file_name=$random_digit.$file_name;
$target_path1 = $target_path . $orgnr . '_' . $gsm . $pdf; 

$target_path3 = $target_path . 'AC' . $datum . $new_file_name . $mp3; 
$target_path11 = $target_path4 . $orgnr . '_' . $gsm . $pdf; 

$target_path33 = $target_path4 . 'AC' . $datum . $new_file_name . $mp3;
$targetljudfilftp = 'AC' . $datum . $new_file_name . $mp3;

move_uploaded_file($_FILES['avtalsfil1']['tmp_name'], $target_path1);
move_uploaded_file($_FILES["ljudfil"]["tmp_name"], $target_path3);
$sql = "INSERT INTO affarer (tid, cid, orgnr, ljudfilftp) VALUES 
        (CURDATE(),'$date','$cid','$orgnr', '$targetljudfilftp')";

As you can see, it renames the uploaded file including a random number.

Sometimes, it happens that it renames the file to a number that already exists.

When that happens, it overwrites the previous file on my server.

So, how can I add a function to check whether the target name exists before it is used for renaming?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can use

    if (file_exists($target_path1))

    to verify whether a file exists.

    You would do better, though, to change strategy and employ tempnam:

    $target_path  = tempnam ($target_path, 'AC' . $datum . $file_name . $mp3)

    This will create a file such as “AC_2012_Anacreon.mp3_xTfKxy” but you have the guarantee of it being unique, while even using file_exists would expose you to the risk of a concurrency collision.

    Of course the file no longer has a .mp3 extension, so you have to take it into account when you scan the directory and supply files for download.

    A still not secure, but maybe easier way is this:

    for(;;)
{
    $newname = // some strategy to generate newname, including a random
    if (!file_exists($newname))
        touch($newname);
    if (!filesize($newname))
        break;
}

    or you can use a lock file to guarantee no concurrency (and therefore, that file_exists will return the truth and it will stay the truth):

    $fp = fopen('.flock', 'r+');
if (flock($fp, LOCK_EX))
{
    for(;;)
    {
        $newname = // some strategy to generate newname, including a random
        if (!file_exists($newname))
        {
            // this creates the file uniquely for us.
            // all other writers will find the file already there
            touch($newname);
        }
    }    
    flock($fp, LOCK_UN);
}
else
    die("Locking error");
fclose($fp);
// $newname is now useable.
    • 0