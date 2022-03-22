Here is the upload process code:

<?php session_start(); //This page uploads the user's MT4 statement, Changes the file name to a distincrive user-related name, and moves it to uploads folder if(isset($_SESSION['user_id']) && !empty($_SESSION['user_id'])){ // Get user id to concatenate with detaoled statement to get user unique file name $user_id = $_SESSION['user_id']; $_SESSION['upload_time'] = date("Y-m-d-h-i-s"); // Check if submit button in upload file form was clicked if(isset($_POST['submit'])){ // Get file data aray $file = $_FILES['fileToUpload']; $fileName = $_FILES['fileToUpload']['name']; $fileTmpName = $_FILES['fileToUpload']['tmp_name']; $fileSize = $_FILES['fileToUpload']['size']; $fileError = $_FILES['fileToUpload']['error']; $fileTYpe = $_FILES['fileToUpload']['type']; // Get uploaded file extention $fileExt = explode('.', $fileName); $fileActualExt = strtolower(end($fileExt)); // Create an array of allowed file extensions $allowed = array('htm', 'html'); // Check if file is a correct file type if(in_array($fileActualExt, $allowed)){ //File extention O.K., CHock for upload errors if($fileError ===0){ //No upload errors, check file size if($fileSize < 300000){ // All O.K. //Change file name to a distinct user related file name $fileNameNew = $user_id.$_SESSION['upload_time'].'.'.$fileActualExt; //Move file to uploads folder //var_dump($fileNameNew); //die(); $fileDestination = "uploads/".$fileNameNew; move_uploaded_file($fileTmpName, $fileDestination); //Process statement data header("Location: insert_data_to_db_balance_ver2.php"); }else { //End filesize $_SESSION['upload_error'] = "Upload error: file size too big"; header("Location: ../upload_statement.php"); // File is too big exit(); } } else { //End file error $_SESSION['upload_error'] = "Upload error: upload process failure"; header("Location: ../upload_statement.php"); exit(); } }else { //End extension $_SESSION['upload_error'] = "Upload error: wrong file type"; header("Location: ../upload_statement.php"); exit(); } }// Endif(isset($_POST['submit']) }else // End isset($_SESSION['user_id']) { header("Location: ../ooops.php"); } ?>

And here is the relevant problematic code of the file insert_data_to_db_balance_ver2.php

<?php if(!isset($_SESSION['user_id'])){ session_start(); } $user_id = $_SESSION['user_id']; //var_dump($user_id); //Insert statement into a string //require 'uploads/'.$user_id.$_SESSION['upload_time'].'.html'; $path = __DIR__.$user_id.$_SESSION['upload_time'].".html"; file_get_contents($path, "r+") or die("Unable to open file!");

