i am looking for the best way to display error for User, i am using Class File() and profile page. The Class File() will handle the following : - check file extension - check if file already exist - explode and create link file && insert the link to database - upload file to folder directory inside project folder
The code is working properly except for error display, for exemple if the extension is wrong it will display the last error instead of stop the execution and display the extension error.
Also if the file already exist in database && folder directory the php function move_uploaded_file will display and error "Warning: failed to open the stream: permission denied"
Thanks for your help
class File {
private $file = array();
private $file_up = '';
private $pdo = '';
private $error = '';
private $regex_file = '/^[a-z0-9][a-z0-9]{4,20}.jpg|.jpeg|.png|.gif|.txt|.doc|.docx|.pdf|.xlsx|.xlm|.xls|.pub|.one|.pptx$i/';
/**
* [__construct connection ]
* @param [int] $id [Unique user_id retrieved from database (from include/header.inc)]
* Construct database connection using PDO
*
*/
public function __construct($id)
{
$this->pdo = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME, DB_USER, DB_PASS, array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
$sql = 'SELECT `file_name`, `file_extention` FROM `users`'
.'JOIN `file`'
.'ON users.`user_id` = file.`user_id`'
.'WHERE users.`user_id` = :id';
$stmt = $this->pdo->prepare($sql);
$stmt->execute(array(':id' => $id));
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$this->file[] = $row['file_name'] . '.' . $row['file_extention'];
}
}
/**
* [displayFile extention]
* @return [link] [description]
*/
public function displayFile()
{
$output = '';
$link = $this->file;
foreach($link as $row) {
$output .= '<table class="table table-bordered table-hover"';
$output .= '<thead><tr>';
$output .= '<th><a href="../file_user/'.$row.'><i class="fa fa-folder"></i>  '.$row.'</a><br /></th>';
$output .= '</tr></thead>';
$output .= '</table>';
}
return $output;
}
public function checkFile($file)
{
$this->file_up = strip_tags($file);
if(!preg_match($this->regex_file, $this->file_up)){
$this->error = '<b style="color:red">Extention ou nom de fichier incorrect</b>';
}
foreach($this->file as $row){
if($this->file_up == $row){
$this->error = '<b style="color:red">Fichier ou nom du fichier deja existant</b>';
}
}
if($this->error){
return $this->error;
}else{
$this->file_up = explode(".", $this->file_up);// array
return $this->file_up;
}
}
public function getError()
{
if($this->error !== ''){
return $this->error;
}
}
public function uploadFile($array, $id)
{
if(is_array($array)){
array_push($array, $id);
$sql = 'INSERT INTO `file`(`file_name`, `file_extention`, `user_id`) VALUES (?, ?, ?)';
$con = $this->pdo->prepare($sql);
$con->execute($array);
}else{
$this->error = '<b style="color:red">Fichier ne peut etre telecharger</b>';
}
}
public function mvFile($size, $name, $tmp_name)
{
$to = 'file_user/';
if($size <= 2000000){
move_uploaded_file($tmp_name, $to.$name);
$this->error = '<b style="color:green">Fichier téléchargé avec succes</b>';
}else{
$this->error = '<b style="color:red">Un probleme est survenue veuillez recommencer</b>';
}
}
}
And testing.php to test it:
require_once 'class/file.inc';
$error = '';
$id = 2;
$file = new File($id);
$name = $_FILES['file']['name'];
$size = $_FILES['file']['size'];
$type = $_FILES['file']['type'];
$tmp_name = $_FILES['file']['tmp_name'];
if(isset($_FILES['file'])){
$file_up = $_FILES['file']['name'];
$file_up = $file->checkFile($file_up);
$file->uploadFile($file_up, $id);
//$file->mvFile($size, $name, $_FILES['file']['tmp_name']);
if($file->getError()){
$error = $file->getError();
}
} // end isset
if($error){
echo $error;
}