generate the same uniqid for uploaded filename and mysql database

Question

I have a page that allow guest user to uploading an xls file. How can I determine if that file is owned by that user? I renamed the uploaded file into uniqid() and I stored uniqid() also when inserting into database, but the problem is, the uniqid() from database and uniqid() filename is different. Does anyone have the best approach for this case? because I don't want user to login first to upload the file.

Here's my controller :

function upload() 
    {
        $filename = $_FILES["file"]["name"];
        $file_basename = substr($filename, 0, strripos($filename, '.')); // get file extention
        $file_ext = substr($filename, strripos($filename, '.')); // get file name
        $filesize = $_FILES["file"]["size"];
        $allowed_file_types = array('.doc','.docx','.xls','.xlsx'); 

        if (in_array($file_ext,$allowed_file_types) && ($filesize < 200000))
        {   
            // Rename file to uniqid()
            $newfilename = uniqid($filename) . $file_ext;
            if (file_exists("upload/" . $newfilename))
            {
                // file already exists error
                echo "You have already uploaded this file.";
            }
            else
            {       
                move_uploaded_file($_FILES["file"]["tmp_name"], "kirim_undangan/" . $newfilename);
                echo "File uploaded successfully.";     
            }
        }
    }

And here's the code when inserting to database :

function undangan()
    {
            $email          =   $this->input->post('email');
            $from_nama      =   $this->input->post('from_nama');
            $from_phone     =   $this->input->post('from_phone');
            $data_user = array(

                'email' => $email,
                'name'  => $from_nama,
                'phone' => $from_phone,
                'status'=> '0',
                'unique_id'=> uniqid() //here is the uniqid that upload to database
                );

            $this->load->model('excel');
            $this->excel->tambahuser($data_user); //sending data_user only
            $data['msg'] = "Terima kasih ! Silahkan tunggu konfirmasi biaya melalui email !";

            $this->load->library('email_ses');
            $this->email_ses->send();

        $data = json_encode(array("email" => $email, "from_nama" => $from_nama,"from_phone" => $from_phone ));
        $this->load->view('kirimundangan.php',$data);
    }

And the form input :

<div id="form_pesan">
   <div action="<?php echo site_url('/kirim/upload'); ?>" class="dropzone" id="dropzone_form">
       <div class="dz-message" data-dz-message><span><h4>Click or drop file here</h4></span></div>
            </div>
       <div class="row">
          <div class="alert alert-danger" id="alert2" style="display: none;">Upload fail !
          </div>
          <div class="alert alert-info" id="alert_drpzone" style="display: none;">Success !
          </div>
       </div>

Any help would be appreciated.. Thank you

Answer 1

Since you do not want the user to be logged in, the only way I can think of is using a COOKIE: http://php.net/manual/en/function.setcookie.php

        // Rename file to uniqid()
        $newfilename = uniqid($filename) . $file_ext;
        if (file_exists("upload/" . $newfilename))
        {
            // file already exists error
            echo "You have already uploaded this file.";
        }
        else
        {       
            if(move_uploaded_file($_FILES["file"]["tmp_name"], "kirim_undangan/" . $newfilename)) {
                // Set on upload success
                setcookie("fileupload", $newfilename);
                echo "File uploaded successfully.";
            }
        }

To retrieve later:

$uploadImg = $_COOKIE["fileupload"];

One note however, the user has the ability to turn off Cookies, so you would need to alert the user that cookies must be enabled.