getClientFilename(), PATHINFO_EXTENSION); $basename = bin2hex(random_bytes(8)); // see http://php.net/manual/en/function.random-bytes.php $filename = sprintf('%s.%0.8s', $basename, $extension); $uploadedFile->moveTo($directory . DIRECTORY_SEPARATOR . $filename); return $filename; } $authorizer = $this->ci->authorizer; $currentUser = $this->ci->currentUser; if (!$authorizer->checkAccess($currentUser, 'uri_dashboard')) { throw new ForbiddenException(); } $directory = $_SERVER['DOCUMENT_ROOT'] . '/beam/social/main/uploads/'; $uploadedFiles = $request->getUploadedFiles(); $uploadedFile = $uploadedFiles['example1']; if ($uploadedFile->getError() === UPLOAD_ERR_OK) { $filename = moveUploadedFile($directory, $uploadedFile); $response->write('uploaded ' . $filename . '
'); } foreach ($uploadedFiles['example2'] as $uploadedFile) { if ($uploadedFile->getError() === UPLOAD_ERR_OK) { $filename = moveUploadedFile($directory, $uploadedFile); $response->write('uploaded ' . $filename . '
'); } } foreach ($uploadedFiles['example3'] as $uploadedFile) { if ($uploadedFile->getError() === UPLOAD_ERR_OK) { $filename = moveUploadedFile($directory, $uploadedFile); $response->write('uploaded ' . $filename . '
'); } } } /** * Moves the uploaded file to the upload directory and assigns it a unique name * to avoid overwriting an existing uploaded file. * * @param string $directory directory to which the file is moved * @param UploadedFile $uploaded file uploaded file to move * @return string filename of moved file */ function moveUploadedFile($directory, UploadedFile $uploadedFile) { $extension = pathinfo($uploadedFile->getClientFilename(), PATHINFO_EXTENSION); $basename = bin2hex(random_bytes(8)); // see http://php.net/manual/en/function.random-bytes.php $filename = sprintf('%s.%0.8s', $basename, $extension); $uploadedFile->moveTo($directory . DIRECTORY_SEPARATOR . $filename); return $filename; } protected function getUserFromParams($params) { // Load the request schema $schema = new RequestSchema('schema://requests/user/get-by-username.yaml'); // Whitelist and set parameter defaults $transformer = new RequestDataTransformer($schema); $data = $transformer->transform($params); // Validate, and throw exception on validation errors. $validator = new ServerSideValidator($schema, $this->ci->translator); if (!$validator->validate($data)) { // TODO: encapsulate the communication of error messages from ServerSideValidator to the BadRequestException $e = new BadRequestException(); foreach ($validator->errors() as $idx => $field) { foreach ($field as $eidx => $error) { $e->addUserMessage($error); } } throw $e; } /** @var UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */ $classMapper = $this->ci->classMapper; // Get the user to delete $user = $classMapper->staticMethod('user', 'where', 'user_name', $data['user_name']) ->first(); return $user; } }