From 1fdf24fdac0456fcd465fe3dc59b4cb505dd76c4 Mon Sep 17 00:00:00 2001
From: Olusesan Ameye <ses66181@gmail.com>
Date: Thu, 20 Feb 2020 21:50:53 -0500
Subject: [PATCH] fix

---
 www/application/controllers/Member.php | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/www/application/controllers/Member.php b/www/application/controllers/Member.php
index 9409428..53bf760 100644
--- a/www/application/controllers/Member.php
+++ b/www/application/controllers/Member.php
@@ -232,10 +232,22 @@ class Member extends Member_Controller {
                 $fileType = $_FILES['uploadedFile']['type'];
                 $fileNameCmps = explode(".", $fileName);
                 $fileExtension = strtolower(end($fileNameCmps));
-                
+
+                $newFileName = md5(time() . $fileName) . '.' . $fileExtension;
+                $allowedfileExtensions = array('jpg', 'gif', 'png', 'zip', 'txt', 'xls', 'doc', 'mp4');
+                if (in_array($fileExtension, $allowedfileExtensions)) {
+
+                    // directory in which the uploaded file will be moved
+                    $uploadFileDir = '/home/uploads/';
+                    $dest_path = $uploadFileDir . $newFileName;
+
+                    if (move_uploaded_file($fileTmpPath, $dest_path)) {
+                        $message = 'File is successfully uploaded.';
+                    } else {
+                        $message = 'There was some error moving the file to upload directory. Please make sure the upload directory is writable by web server.';
+                    }
+                }
                 print_r($_FILES);
-                
-                
             }
         }
     }