SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Member
    Join Date
    Nov 2013
    Posts
    15
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    How to replace space " " with underscore "_"

    I need a little help. I have created the below script. A form that save its info to my database and a long with that it create some (2 on different paths) folders on the server.

    My issue is that in the form under ”folder” you can type the name of the folder you want to create along with the info that is saved in the database. At the moment everything works just as it should. My request/issue is how do a replace space “ “ from the folder name to an underscore “_”

    Means, if someone enters a folder name called “My Folder Photo” I need the script to change the name to: “my_folder_photo” so it will work in urls on the website.

    The is my codes so fare:
    PHP Code:
    <?php
    include "../config.php";
    if(isset(
    $_POST['send']))
    {
    mysql_query("insert into profiles set name= '".$_POST["name"]."', age= '".$_POST["age"]."', country = '".$_POST["country"]."', folder = '".$_POST["folder"]."'");

    $folder $_POST['folder'];
    $path1 '../game1/photos/' $folder;
    $path2 '../game2/photos/' $folder;
    mkdir($path1);
    mkdir($path2);
    header("Location: myprofile-new-step2.php");

    exit;
    }

    ?>


    <form method="post" action="<?=$_SERVER["PHP_SELF"]?>" name="myform" id="myform">
    <table bgcolor="#FFFFFF"  border="0" align="center"><tr><td width="70">
    Name: 
    </td><td width="270">
    <input type="text" name="name" size="40">
    </td><td>

    </td></tr><tr><td>
    Age: 
    </td><td>
    <input type="text" name="age" size="40">
    </td><td>

    </td></tr><tr><td>
    Country: 
    </td><td>
    <select name="country"  data-placeholder="<?=$country?>" class="chosen-select" style="width:250px;" id="<?=$country?>" value="<?=$country?>"  <?= (!empty($country) ? 'checked="checked"' "")?>>
                <option value="<?=$country?>"></option>
                <option value="United States">United States</option>
                <option value="United Kingdom">United Kingdom</option>
    </select>
    </td><td>
    Enter the country you live in.
    </td></tr><tr><td>
    Folder: 
    </td><td>
    <input type="text" name="folder" size="40"  id="folder">
    </td><td>

    </td></tr></table> 
    <center><br /> 
    <input type="submit" name="send" title="NEXT" value="NEXT"></center>
    </form>
    Im a new to php so need as much help as possible to figure this out THANKS

  2. #2
    SitePoint Mentor bronze trophy
    John_Betong's Avatar
    Join Date
    Aug 2005
    Location
    City of Angels
    Posts
    1,577
    Mentioned
    62 Post(s)
    Tagged
    3 Thread(s)
    Try Googling for "php manual str_replace()".

    Be aware that the space may be "%20"and also best to set the final path to lowercase.
    Google "php manual strtolower()"

    Added:

    What happens if two users select the same path name?

    Why not use the username + userID or something guaranteed to be unique?
    Last edited by John_Betong; Jan 11, 2014 at 20:03. Reason: added dupicate paths

  3. #3
    SitePoint Enthusiast
    Join Date
    Sep 2013
    Posts
    39
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Code:
    strtolower( str_replace( " ", "_", $item ) );
    Yeh I agree with John. You should save users stuff to a directory of their user id that way you will not be accidentally overwriting any of your users files.

    Also the mysql_* functions are depreciated.

  4. #4
    SitePoint Addict bronze trophy vectorialpx's Avatar
    Join Date
    Dec 2012
    Location
    Bucharest
    Posts
    219
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    I hope you don't have that code on any on-line server.

    1. SQL-injection, from:
    Code:
    mysql_query("insert into profiles set name= '".$_POST["name"]."', age= '".$_POST["age"]."', country = '".$_POST["country"]."', folder = '".$_POST["folder"]."'");
    2. And I can create a bazilion folders on your drive, from:
    Code:
    $folder = $_POST['folder'];
    $path1 = '../game1/photos/' . $folder;
    mkdir($path1);
    My suggestion is to save files into folders organized by date (more exactly by month) and not by username. After a number of 200 000 users the OS will have some speed issues in reading all your folders. So, again, my suggestion is:

    PHP Code:
    <?php

    $dateToStore 
    date('YM');
    // store $dateToStore into database

    $path1 '../game1/photos/' $dateToStore;
    $path2 '../game2/photos/' $dateToStore;
    mkdir($path1);
    mkdir($path2); 

    ?>
    And also, this is how you will eliminate the 2nd security issue.
    Also, as @iamjones says, you should use PDO and prepared statements.
    Be nice to nerds. Chances are you'll end up working for one - Bill Gates
    > photos | admin panel


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •