What are the common pitfalls to avoid when working with image directories and paths in PHP scripts like the one described in the thread?

Common pitfalls to avoid when working with image directories and paths in PHP scripts include using incorrect file paths, not checking if the directory exists before saving files, and not sanitizing user input to prevent directory traversal attacks. To solve these issues, always use absolute paths, check if the directory exists before saving files, and sanitize user input to prevent any malicious file operations.

// Example of using absolute paths and checking directory existence before saving files
$uploadDirectory = '/path/to/upload/directory/';

if (!file_exists($uploadDirectory)) {
    mkdir($uploadDirectory, 0777, true);
}

// Sanitize user input to prevent directory traversal attacks
$userInput = $_POST['user_input'];
$cleanedInput = preg_replace('/[^a-zA-Z0-9_\-\.]/', '', $userInput);

// Save uploaded file with sanitized file name
if (isset($_FILES['file'])) {
    $fileName = $cleanedInput . '_' . $_FILES['file']['name'];
    move_uploaded_file($_FILES['file']['tmp_name'], $uploadDirectory . $fileName);
}