Refactor filename generation for user uploads to use a timestamp for uniqueness and filesystem safety

2026-01-25 23:19:39 +01:00 · 2026-01-25 23:19:39 +01:00 · 787c32fdf5
commit 787c32fdf5
parent 5499482637
2 changed files with 4 additions and 4 deletions
--- a/assets/images/profilePictures/user_10_69769485461a7618397775.jpg
+++ b/assets/images/profilePictures/user_10_69769485461a7618397775.jpg
--- a/upload.php
+++ b/upload.php
@ -106,10 +106,10 @@ if (!is_writable($targetDir))
    exit();
 }

-// Fallback-kompatibler Name (auch ohne random_bytes)
-$rand = uniqid('', true);
-$rand = str_replace('.', '', $rand);
-$filename = 'user_' . $userId . '_' . $rand . '.' . $ext;
+// Dateiname: user_<ID>_<Datum>.<ext>
+// Format ist dateisystem-sicher (keine Doppelpunkte) und eindeutig genug.
+$timestamp = gmdate('Ymd-His');
+$filename = 'user_' . $userId . '_' . $timestamp . '.' . $ext;
 $targetPath = rtrim($targetDir, "\\/") . DIRECTORY_SEPARATOR . $filename;

 if (!move_uploaded_file($tmp, $targetPath))