FSST/Geizkragen
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor filename generation for user uploads to use a timestamp for uniqueness and filesystem safety

Browse Source
This commit is contained in:
Fabian Schieder 2026-01-25 23:19:39 +01:00
parent 5499482637
commit 787c32fdf5
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/images/profilePictures/user_10_69769485461a7618397775.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.6 KiB

8
upload.php
View File

@ -106,10 +106,10 @@ if (!is_writable($targetDir))
exit(); exit();
} }
// Fallback-kompatibler Name (auch ohne random_bytes) // Dateiname: user_<ID>_<Datum>.<ext>
$rand = uniqid('', true); // Format ist dateisystem-sicher (keine Doppelpunkte) und eindeutig genug.
$rand = str_replace('.', '', $rand); $timestamp = gmdate('Ymd-His');
$filename = 'user_' . $userId . '_' . $rand . '.' . $ext; $filename = 'user_' . $userId . '_' . $timestamp . '.' . $ext;
$targetPath = rtrim($targetDir, "\\/") . DIRECTORY_SEPARATOR . $filename; $targetPath = rtrim($targetDir, "\\/") . DIRECTORY_SEPARATOR . $filename;
if (!move_uploaded_file($tmp, $targetPath)) if (!move_uploaded_file($tmp, $targetPath))