Home/ Questions/Q 8015823
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T20:21:55+00:00

I seem to be having an issue with using variables to create directories via

  • 0

I seem to be having an issue with using variables to create directories via the mkdir() function. The variable is being parsed from the URL. See my coding below:

$pageURL = 'http';
 if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
 $pageURL .= "://";
 if ($_SERVER["SERVER_PORT"] != "80") {
 $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
} else {
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
$pageURL;
$url = $pageURL;
$parse = parse_url($url);
$dirID = $parse['query'];

I’m using define() to define the folder path since the path is used several times throughout the code:

 define("DESTINATION_FOLDER", "mydir/".$dirID."/");

And here is the if statement telling it to create the directory if it doesn’t exist:

if (!@file_exists(DESTINATION_FOLDER)) {      
    mkdir(DESTINATION_FOLDER);
}

Sounds pretty straightforward but for some reason the variable $dirID does not get read, and the file instead uploads to the mydir directory. What’s really odd, is that if I hardcode the variable to something like $dirID = “28”, it works and the file gets uploaded like mydir/28/file.jpg. I have used this method to pass variables many times before, but never to pass a variable to be used in the mkdir function. Does anyone know what might be going on?

Thank you in advance for any and all help.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This is all in the comments above, but I’ll spell it out:

    The query part is never actually passed to URL, and therefore not passed into “parse”.

    I’ll paraphrase your code:

    1. Construct URL using protocal (http/https) and server name and URL. (Note – you’re not appending the query at this point)
    2. Parse the url (which does not include the query)
    3. Get the query from the parse (which still isn’t there)

    $_SERVER[‘QUERY_STRING’] is the bit you’re looking for – you can either add to the URL and then parse, or just use it directly

    $dirID = $_SERVER['QUERY_STRING'];

    But why you’d use that to create the directory is a bit (A LOT) dangerous as it’ll invariably contain invalid parameters. As suggested in the comments, you probably mean to get a particular value for a query string parameter? Or is it the actual string. You can get these from:

    // For ?DirectoryName
$aKeys = array_keys($_GET)
$directoryName = isset($aKeys[0]) ? $aKeys[0] : '';

    or 

    // For ?ParamName=DirectoryName
$directoryName = $_GET['ParamName']

    I then also suggest you use a preg_match to validate the directory name meets an acceptable format and to avoid crap being created!

    • 0