• 0

[PHP] File upload script

Asked by imation2458,

 Share

Question

Mentor

imation2458

Posted
Posted

I have a PHP file upload script working but i want to customize it slightly... Right now after upload it gives you this output to screen:

File Upload Successful!

Successfully Sent: mp3test.exe , a 214528 byte file with the extension type of application/octet-stream

I want it to give you the www url of the file you uploaded. So you could just click on a link given and it would take you right to the file. I dunno how to do this though. I hope someone can give me the php to do this. THanks

Link to comment
https://www.neowin.net/forum/topic/112621-php-file-upload-script/
Share on other sites

10 answers to this question

Recommended Posts

  • 0
Mentor

imation2458

Posted
  • Author
Posted 
<?php

if ($img1_name != "") {
        
        @copy("$img1" , "/home/imation/public_html/upload/files/$img1_name")
               
                or die("Couldn't Upload Your File.");


} else {

       die("No File Specified");

}

?>

<HTML>
<HEAD>
<TITLE>File Upload Successful</TITLE>
</HEAD>

<BODY>

<H1>File Upload Successful!</H1>

<P>Successfully Sent: <?php echo "$img1_name"; ?> , a <?php echo "$img1_size"; ?> byte file with the extension type of <?php echo "$img1_type"; ?> </P>

</BODY>

</HTML>

  • 0
Grand Master

AshMan

Posted
Posted 
<?php

if ($img1_name != "") {
        
        @copy("$img1" , "/home/imation/public_html/upload/files/$img1_name")
               
                or die("Couldn't Upload Your File.");


} else {

       die("No File Specified");

}

?>

<HTML>
<HEAD>
<TITLE>File Upload Successful</TITLE>
</HEAD>

<BODY>

<H1>File Upload Successful!</H1>

<P>Successfully Sent: <?php echo "$img1_name"; ?> , a <?php echo "$img1_size"; ?> byte file with the extension type of <?php echo "$img1_type"; ?> </P>

<A HREF="http://www.YOURSERVER.com/upload/files/<?=$img1_name ?>" Target=_blank><?=$img1_name ?></A>

</BODY>

</HTML>

  • 0
Grand Master

Dessimat0r

Posted
Posted

What kind of file upload script do you need? I made something called CollegeBast*rd while back that gives you a listing of uploaded files, and allows you upload and delete files, etc.

This is from when I didn't know that much about PHP ;)

<?php
set_time_limit(1000);
?>
<body text="#000000" link="#3366CC" vlink="#3333CC" alink="#3333CC">
<div align="left">
  <p align="center"><font size="5" face="Verdana, Arial, Helvetica, sans-serif">University<strong>****** 
    <font size="2">0.94b<br>
    The ****** that brings files from j00r home to college, and vice-versa!</font></strong></font></p>
  <p align="left"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
    <?php

	function zonechange ($current, $target) {
	$current = +5 * $current;
	$zonedate = mktime(date('G'), date('i'), date('s'), date('n'), date('j'), date('Y'), 1) + (($current + $target) * 3600);
	return $zonedate;
	}
    
	$db = mysql_connect("localhost", "n/a", "n/a");
	if($db) {
  $db = mysql_select_db("college******", $db);
  if (($HTTP_GET_VARS['username']) && ($HTTP_GET_VARS['password'])) {
 	 $username = trim($HTTP_GET_VARS['username']);
 	 $password = trim($HTTP_GET_VARS['password']);
 	 if ($users = mysql_fetch_row(mysql_query("SELECT * FROM users WHERE username='$username' AND 

password='$password'"))) {
    ?>
     	 Welcome to College<strong>******</strong>, <?php echo $users[1] ?>.</font> 
      </p>
      </div>
    
<?php 
if (isset($HTTP_GET_VARS['delete'])) {
	$deleteid = $HTTP_GET_VARS['delete'];
	$delfilesql = mysql_query("SELECT * FROM files WHERE id='$deleteid'");
	if ($delfile = mysql_fetch_row($delfilesql)) {
  if ($delfile[5] == $users[0]) {
 	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The file has been 

verified to belong to you.</font></strong>';
 	 ?><BR /><?php
 	 $file = 'downloads/'.$username.'/'.$delfile[1];
 	 if (unlink($file)) {
    echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The file has 

been successfully deleted from the server.</font></strong>';	
 	 } else {
    echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">There was a 

problem in deleting the file from the server!</font></strong>';
 	 }
 	 ?><BR /><?php
 	 mysql_query("DELETE FROM files WHERE id=$deleteid");
 	 if (!mysql_result(mysql_query("SELECT * FROM files WHERE id='$deleteid'"),0)) {
    echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The file 

linkage was successfully deleted from the database.</font></strong>';
 	 } else {
    echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">The file linkage 

could not be removed from the database! It has possibly been deleted already.</font></strong>';
 	 }	
  } else {
 	 echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">You do not own this file, 

and so therefore you cannot delete it.</font></strong>';
  }
	} else {
  echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">This file does not exist in the 

database.</font></strong>';
	} 	 
} else if ($FrmBtn == 'Upload') {
	if ($file = $HTTP_POST_FILES['userfile']['name']) {
	echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The filename has been retrieved from 

the file that is going to be uploaded.</font></strong><BR />';
  if(is_dir('downloads/'.$username)) {
 	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory that the 

file will be moved to already exists.</font></strong><BR />';
  } else {
 	 echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">The directory that the 

file will be moved to does not exist! Attempting to create directory now.</font></strong><BR />';
 	 if (mkdir('downloads/'.$username)) {
    echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory 

was created successfully.</font></strong><BR />';
 	 }
  }
  if(is_dir('downloads/'.$username)) {
  echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory that the file 

will be moved to has been verified to exist.</font></strong><BR />';  
 	 if (!file_exists('downloads/'.$username.'/'.$file)) {
    echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory 

that the file will be moved to does not contain a file with the same name.</font></strong><BR />';
    if(is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])) {
   	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The 

file was uploaded to the temporary directory successfully.</font></strong><BR />';
   	 $filesize = $HTTP_POST_FILES['userfile']['size'];
   	 $max_id = mysql_result(mysql_query("SELECT MAX(id) FROM files"), 0)+1;
   	 if (copy($HTTP_POST_FILES['userfile']['tmp_name'],"downloads/".$username.'/'.$file)) {
      echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, 

sans-serif">The file was moved from the temporary directory to the final directory successfully.</font></strong><BR />';	
      $dateuploaded = date('d/m/Y');
      echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="green"><b>The 

upload date was aqquired successfully : '.$dateuploaded.'.<BR />';
      $description = trim(nl2br(htmlspecialchars($description)));
      $path_parts = pathinfo($file);
      $extension = $path_parts["extension"];
      if (mysql_query("INSERT INTO files 

(id,name,extension,size,category,userid,description,dateuploaded) VALUES ('$max_id','$file','$extension', 

'$filesize','$category','$users[0]','$description','$dateuploaded')")) {
     	 echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" 

color="green"><b>The file details were entered into the database correctly.<BR />';
     	 echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" 

color="green"><b>The file was uploaded successfully. (/downloads/'.$username.'/'.$file.'</font></b>)';
      } else {
     	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, 

sans-serif">The details of the file could not be entered into the database.</font></strong>';
      }
   	 } else {
      echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, 

sans-serif">The file could not be moved from the temporary directory to the final directory.</font></strong>';
   	 }
    } else {
   	 echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="red"><b>The file could 

not be uploaded for some reason.</font></b><BR />';
    }
 	 } else {
    echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="red"><b>The file already 

exists on the server, or a different file under the same filename. Please rename the file to avoid the conflict, and then try 

again.</font></b>';  
 	 }
  } else {
 	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory was 

created successfully.</font></strong>';
  }
	} else {
  echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="red"><b>The filename could not be retrieved 

from the file that is going to be uploaded.</font></b>';  
	}
}

?>

<table width="100%" border="1" cellpadding="1" cellspacing="0" bordercolor="#FFFFFF">
  <tr align="center" bgcolor="#CCCCCC"> 
    <td width="10%" height="18" nowrap><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">id 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=id&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'id') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>) </font></strong></td>
    <td width="20%" height="18" nowrap bgcolor="#999999"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">filename 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=name&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'name') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></td>
    <td width="20%" nowrap bgcolor="#CCCCCC"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">description 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=description&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'description') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></td>
    <td width="10%" height="18" nowrap bgcolor="#999999"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">extension 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=extension&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'extension') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></td>
    <td width="10%" height="18" nowrap bgcolor="#CCCCCC"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">size 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=size&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'size') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></td>
    <td width="10%" height="18" nowrap bgcolor="#999999"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">category 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=category&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'size') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></font></td>
	<td width="10%" nowrap bgcolor="#CCCCCC"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>upload 

date</strong></font></td>
  
    <td width="10%" nowrap bgcolor="#999999"><font size="2" face="Verdana, Arial, Helvetica, 

sans-serif"><strong>delete?</strong></font></td>
  </tr>
  <?php
    if ($HTTP_GET_VARS['order']) {
   	 $order = $HTTP_GET_VARS['order'];
    } else {
   	 $order = 'id';
    }
    
    if ($HTTP_GET_VARS['sort']) {
   	 $sort = $HTTP_GET_VARS['sort'];
    } else {
   	 $sort = 'ASC';
    }
   	 
    $sqlx = 'SELECT * FROM files WHERE userid='.$users[0].' ORDER BY '.$order.' '.$sort;
    $sql = mysql_query($sqlx);
    
    $sizecounter = 0;
  
    while ($files = mysql_fetch_row($sql)) {
   	 if (!$files[6]) {
      $files[6] = 'A description is not yet available.';
   	 }
   	 
   	 $catssql = mysql_query("SELECT * FROM categories WHERE id='$files[4]' ORDER BY id");
   	 $cats = mysql_fetch_row($catssql);
   	 if ($cats) {
      $files[4] = $cats[1];	
   	 } else {
      $files[4] = 'N/A';
   	 }
   	 
   	 if (!$files[7]) {
      $files[7] = 'N/A';
   	 }
   	 
   	 $sizecounter = ($sizecounter + $files[3]);
    
   	 $ext2 = array("B","KB","MB","GB","TB");
   	 while ($files[3] >= pow(1024,$j)) ++$j;
      $files[3] = round($files[3] / pow(1024,$j-1) * 100) / 100 . $ext2[$j-1];
   	 
   	 print <<<EOT
   	 <tr bgcolor="#CCCCCC" align="center"> 
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[0]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a 

href="downloads/$username/$files[1]"><b>$files[1]</b></a><BR /><font size="1">[<a href="downloads/$username/$files[1]?!">bypass 

proxy</a>]</BR>[ <a href="?username=$users[1]&password=$users[2]&modify=$files[0]&order=$order&sort=$sort">modify</a> 

]</font></font></td>
   	 <td align="left"><font size="1" face="Verdana, Arial, Helvetica, 

sans-serif">$files[6]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[2]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[3]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[4]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[7]</font></td>
   	 <td><font size="1" face="Verdana, Arial, Helvetica, sans-serif">[ <a 

href="?username=$users[1]&password=$users[2]&delete=$files[0]&order=$order&sort=$sort">Delete</a> ]</font></td>
   	 </tr>
EOT;
   	 $count++;
    }
    if (!$count) {
   	 ?>
  <tr bgcolor="#000000"> 
    <td colspan="8" align="center"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif" color="#33FF00">** 
      No files uploaded yet. **</font></strong></td>
  </tr>
  <?php
    } else {
   	 $ext2 = array("B","KB","MB","GB","TB");
   	 while ($sizecounter >= pow(1024,$j)) ++$j;
      $sizecounter = round($sizecounter / pow(1024,$j-1) * 100) / 100 . $ext2[$j-1];
   	 ?>
   	 <font size="2" face="Verdana, Arial, Helvetica, sans-serif">You currently have <?php echo 

$sizecounter ?> of files stored.</font>
    <?php
    }
    ?>
  <tr bgcolor="#999999"> 
    <td height="17" colspan="8" align="right"><font color="#FFFFFF" size="1" face="Verdana, Arial, Helvetica, 

sans-serif">College<strong>******</strong> 
      <font color="#33FF00">>>></font></font></td>
  </tr>
</table>
    
<form name="upload" enctype="multipart/form-data" method="post" action="index.php?username=<?php echo $users[1] ?>&password=<?php echo 

$users[2] ?>&order=<?php echo $order ?>&sort=<?php echo $sort ?>">
  <table width="400" border="1" align="center" cellpadding="2" cellspacing="0" bordercolor="#3366CC">
    <tr> 
      <td bgcolor="#3366CC"> <div align="center"><font color="#FFFFFF" size="2" face="Verdana, Arial, Helvetica, 

sans-serif"><strong>Uploader</strong></font></div></td>
    </tr>
    <tr> 
      <td bgcolor="#CCCCCC"> <p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>File 
          to upload:</strong><br />
          <input name="userfile" type="file" size="40" />
          <br />
          <br />
          <strong>Description:</strong><br />
          <textarea name="description" cols="40" rows="6" id="description"></textarea>
          <br />
          <br />
          <strong>Category:</strong></font><br />
    <select name="category" id="category">
   	 <?php
 	 $catssql = mysql_query("SELECT * FROM categories ORDER BY id");	
 	 while ($cats = mysql_fetch_row($catssql)) {
    if ($cats[0] == 0) {
   	 echo '<option value="'.$cats[0].'" $selected>['.$cats[0].'] - '.$cats[1].'</option>';
    } else {
   	 echo '<option value="'.$cats[0].'">['.$cats[0].'] - '.$cats[1].'</option>';
    }	
 	 }
 	 ?>
          </select>
        </p>
        <p align="center"> 
          <input name="FrmBtn" type="submit" id="FrmBtn" value="Upload" />
        </p></td>
    </tr>
  </table>
</form>
  <?php
 	 } else {
    echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">The username and 

password entered is invalid.</font></strong>';
 	 }
  } else {
 	 echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">You did not specify a 

username and password!</font></strong>';
  }   	 
	} else if(!$db) {
  echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">Could not connect to the MySQL 

database!</font></strong>';
	}

?>

  • 0
Mentor

imation2458

Posted
  • Author
Posted

WEll, heres what i am trying to do. I have a guest user name & pass in order to access upload privalges. But when you get access your able to also delete files. Is there anyway i can maybe add a admin user name that only has those "delete" prviagles? Thanks if you can tell me the code i neeed.

################## configurations ####################

# header & title of this file
$title = "File Upload Manager";

# individual file size limit - in bytes (102400 bytes = 100KB)
$file_size_ind = "1024000";

# the upload store directory (chmod 777)
$dir_store= "store";

# the images directory
$dir_img= "img";

# the style-sheet file to use (located in the "img" directory, excluding .css)
$style = "style-def";

# the file type extensions allowed to be uploaded
$file_ext_allow = array("gif","jpg","jpeg","png","txt","nfo","doc","rtf","htm","dmg","zip","rar","gz","exe");

# option to display the file list
# to enable/disable, enter '1' to ENABLE or '0' to DISABLE (without quotes)
$file_list_allow = 1;

# option to allow file deletion
# to enable/disable, enter '1' to ENABLE or '0' to DISABLE (without quotes)
$file_del_allow = 1;

# option to password-protect this script [-part1]
# to enable/disable, enter '1' to ENABLE or '0' to DISABLE (without quotes)
$auth_ReqPass = 1;

# option to password-protect this script [-part2]
# if "$auth_ReqPass" is enabled you must set the username and password
$auth_usern = "uploader";
$auth_passw = "upload";

################ end of configurations ###############


# DO NOT ALTER OR EDIT BELOW THIS LINE UNLESS YOU ARE AN ADVANCED PHP PROGRAMMER

?>
<?
if (@phpversion() < '4.1.0') {
    $_FILE = $HTTP_POST_FILES;
    $_GET = $HTTP_GET_VARS;
    $_POST = $HTTP_POST_VARS;
}
clearstatcache();
error_reporting(E_ALL & ~E_NOTICE);
$fum_vers = "1.3"; # do not edit this line, the script will not work!!!
$fum_info_full = "File Upload Manager v$fum_vers";

function authDo($auth_userToCheck, $auth_passToCheck) 
{
	global $auth_usern, $auth_passw;
	$auth_encodedPass = md5($auth_passw);

	if ($auth_userToCheck == $auth_usern && $auth_passToCheck == $auth_encodedPass) {
	$auth_check = TRUE;
	} else {
	$auth_check = FALSE;
	} 
	return $auth_check;
	}

	if (isset($logout)) {
	setcookie ('fum_user', "",time()-3600); 
	setcookie ('fum_pass', "",time()-3600);
	}
  
	if (isset($login)) {
	$auth_password_en = md5($auth_formPass); 
	$auth_username_en = $auth_formUser;

	if (authDo($auth_username_en, $auth_password_en)) { 
	setcookie ('fum_user', $auth_username_en,time()+3600); 
	setcookie ('fum_pass', $auth_password_en,time()+3600); 
	$auth_msg = "<b>Authentication successful!</b> The cookies have been set.<br><br>".
	$auth_msg . "Your password (MD5 encrypted) is: $auth_password_en";
	} else { 
	$auth_msg = "<b>Authentication error!</b>";
	}
}

if (($_GET[act]=="dl")&&$_GET[file]) 
{
	if ($auth_ReqPass != 1 || ($auth_ReqPass == 1 && isset($fum_user) && !isset($logout))) { 
	if ($auth_ReqPass != 1 || ($auth_ReqPass == 1 && authDo($fum_user, $fum_pass))) {

	$value_de=base64_decode($_GET[file]);
	$dl_full=$dir_store."/".$value_de;
	$dl_name=$value_de;

	if (!file_exists($dl_full))
	{ 
	echo"ERROR: Cannot download file, it does not exist.<br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";  
	exit();
	} 

	header("Content-Type: application/octet-stream");
	header("Content-Disposition: attachment; filename=$dl_name");
	header("Content-Length: ".filesize($dl_full));
	header("Accept-Ranges: bytes");
	header("Pragma: no-cache");
	header("Expires: 0");
	header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
	header("Content-transfer-encoding: binary");
 	 
	@readfile($dl_full);

	exit();

	}
	}
}

function getlast($toget)
{
	$pos=strrpos($toget,".");
	$lastext=substr($toget,$pos+1);

	return $lastext;
}

function replace($o)
{
	$o=str_replace("/","",$o);
	$o=str_replace("\\","",$o);
	$o=str_replace(":","",$o);
	$o=str_replace("*","",$o);
	$o=str_replace("?","",$o);
	$o=str_replace("<","",$o);
	$o=str_replace(">","",$o);
	$o=str_replace("\"","",$o);
	$o=str_replace("|","",$o);

	return $o;
}

?>
<!-- <?=$fum_info_full?> -->

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title><? echo ($title) ? ($title) : ("File Upload Manager"); ?></title>
<link rel="stylesheet" href="<?=$dir_img?>/<?=$style?>.css" type="text/css">
<?
	if ($auth_ReqPass == 1) 
	{ 
  if (isset($login) || isset($logout)) {
 	 echo("<meta http-equiv='refresh' content='2;url=$_SERVER[PHP_SELF]'>");
  }
	}
?>
</head>
<body bgcolor="#F7F7F7"><br><br>
<center>
<?	
	if ($auth_ReqPass != 1 || ($auth_ReqPass == 1 && isset($fum_user) && !isset($logout))) { 
	if ($auth_ReqPass != 1 || ($auth_ReqPass == 1 && authDo($fum_user, $fum_pass))) {
?>
<table width="560" cellspacing="0" cellpadding="0" border="0">
  <tr>
    <td><font size="3"><b><i><? echo ($title) ? ($title) : ("File Upload Manager"); ?></i></b></font> <font style="text-decoration: bold; font-size: 9px;">v<?=$fum_vers?></font> 
<? 
	#--Please do not remove my link/copyright as it is unfair and a breach of the license--#
	echo"<a href=\"http://www.mtnpeak.net\" style=\"text-decoration: none; color: #C0C0C0; font-size: 9px; cursor: default\";>© thepeak</a>"; 
?>
    </td>
   </tr>
</table>
<?
	if (!eregi("777",decoct(fileperms($dir_store))))
	{
  echo"<br><br><b><h4><font color=\"FF0000\">ERROR: cannot access the upload store file directory. please chmod the \"$dir_store\" directory with value 0777 (xrw-xrw-xrw)!</h4></font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">refresh</a>";
	}
	else
	{
  if (!$_FILES[fileupload])
  {
?>
<table width="560" cellspacing="0" cellpadding="0" border="0" class="table_decoration" style="padding-top:5px;padding-left=5px;padding-bottom:5px;padding-right:5px">
  <form method="post" enctype="multipart/form-data">
  <tr>
    <td>file:</td><td><input type="file" name="fileupload" class="textfield" size="30"></td>
  </tr>
  <tr>
    <td>rename to:</td><td><input type="text" name="rename" class="textfield" size="46"></td>
  </tr>
  <tr>
    <td>file types allowed:</td><td>
	<?
	for($i=0;$i<count($file_ext_allow);$i++)
	{
  if (($i<>count($file_ext_allow)-1))$commas=", ";else $commas="";
  list($key,$value)=each($file_ext_allow);
  echo $value.$commas;
	}
	?>
    </td>
  </tr>
  <tr>
    <td>file size limit:</td>
	<td>
  <b><?
 	 if ($file_size_ind >= 1048576) 
 	 {
    $file_size_ind_rnd = round(($file_size_ind/1024000),3) . " MB";
 	 } 
 	 elseif ($file_size_ind >= 1024) 
 	 {	
    $file_size_ind_rnd = round(($file_size_ind/1024),2) . " KB";
 	 } 
 	 elseif ($file_size_ind >= 0) 
 	 {
    $file_size_ind_rnd = $file_size_ind . " bytes";
 	 } 
 	 else 
 	 {
    $file_size_ind_rnd = "0 bytes";
 	 }
 	 
 	 echo "$file_size_ind_rnd";
  ?></b>
	</td>
  </tr>
  <tr>
    <td colspan="2"><input type="submit" value="upload" class="button"> <input type="reset" value="clear" class="button"></td>
  </tr>
  </form>
</table>
<?
  if ((!$_GET[act]||!$_GET[file])&&$_GET[act]!="delall")
  {
 	 $opendir = @opendir($dir_store);

 	 while ($readdir = @readdir($opendir))
 	 {
    if ($readdir<>"." && $readdir<>".." && $readdir != "index.html")
    {
   	 $filearr[] = $readdir;
    }
    $sort=array();
    for($i=1;$i<=count($filearr);$i++)
    {
   	 $key = sizeof($filearr)-$i;
   	 $file = $filearr[$key];

   	 $sort[$i]=$file;
    }
    asort($sort);
 	 }
?>
<br>
<table width="560" cellspacing="0" cellpadding="0" border="0" class="table_decoration" style="padding-left:5px">
  <tr>
    <td><b>admin tools:</b>
<? 
	if ($file_del_allow != 1 && $auth_ReqPass != 1)
	{
  echo"<i>none</i>";
	}

	if ($file_del_allow == 1 && $file_list_allow == 1 && (count($filearr) >= 1)) 
	{ 
  echo"<a href=\"javascript:;\" onClick=\"cf=confirm('Are you sure you want to delete ALL FILES?');if (cf)window.location='?act=delall'; return false;\" style=\"font-size: 9px;\"><delete all files></a>";
	}

	if ($auth_ReqPass == 1) 
	{ 
  echo" <a href=\"$_SERVER[PHP_SELF]?logout=1\" style=\"font-size: 9px;\"><log-out><a>";
	}
?>
    </td>
  </tr>
</table>
<br>
<?	
 	 if ($file_list_allow == 1 && (count($filearr) >= 1)) 
 	 {
?>
<table width="560" cellspacing="0" cellpadding="0" border="0" class="table_decoration" style="padding-left:6px">
  <tr bgcolor="#DBDBDB">
    <td align="left" width="46%">FILE NAME</td>
    <td align="center" width="12%">FILE TYPE</td>
    <td align="center" width="12%">FILE SIZE</td>
    <td align="center" width="30%">FUNCTIONS</td>
  </tr>
<?
    for($i=1;$i<=count($sort);$i++)
    {
   	 list($key,$value)=each($sort);

   	 if ($value)
   	 {
      $value_en = base64_encode($value);
      $value_view=$value;
      
     	 if (strlen($value) >= 48) 
     	 { 
        $value_view = substr($value_view, 0, 45) . '...';
     	 }
?>
<tr>
    <td width="30%"><?="<a href=\"?act=view&file=$value_en\">$value_view</a>"?></td>
    <td align="center" width="5%"><? echo strtoupper(getlast($value)); ?></td>
    <td align="center" width="5%"><?

   	 $value_full = $dir_store."/".$value;
   	 $file_size = filesize($value_full);
  
  if ($file_size >= 1048576) 
  {
 	 $show_filesize = number_format(($file_size / 1048576),2) . " MB";
  } 
  elseif ($file_size >= 1024) 
  {
 	 $show_filesize = number_format(($file_size / 1024),2) . " KB";
  } 
  elseif ($file_size >= 0) 
  {
 	 $show_filesize = $file_size . " bytes";
  } 
  else 
  {
 	 $show_filesize = "0 bytes";
  }

  echo "$show_filesize";
  
?></td>
    <td align="center" width="5%"><?="<a title=\"View File\" href=\"?act=view&file=$value_en\"><view></a>"?> | 
<?
	if ($file_del_allow == 1) 
	{ 
  echo"<a title=\"Download file\" href=\"?act=dl&file=$value_en\"><dl></a>";
  } 
	else 
	{ 
  echo"<a title=\"Download file\" href=\"?act=dl&file=$value_en\"><download></a>"; 
	} 

	if ($file_del_allow == 1) 
	{ 
  echo" | <a title=\"Delete file\" href=\"javascript:;\" onClick=\"cf=confirm('Are you sure you want to delete this file?');if (cf)window.location='?act=del&file=$value_en'; return false;\"><delete></a>";
	} 
	else 
	{ 
  echo" "; 
	} 
?>
    </td>
</tr>
<?
    }
    else
    {
   	 echo"<br>";
    }
    }
?>
</table></center>
<?
 	 }
  }
  elseif (($_GET[act]=="view")&&$_GET[file])
  {
 	 $value_de = base64_decode($_GET[file]);
 	 echo"<script language=\"javascript\">\nViewPopup = window.open(\"$dir_store/$value_de\", \"fum_viewfile\", \"toolbar=no,status=no,menubar=no,scrollbars=yes,resizable=yes,location=no,width=640,height=480\")\nViewPopup.document.bgColor=\"#F7F7F7\"\nViewPopup.document.close()\n</script>";
 	 echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">file opened!</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a><br><br><br>If the file did not display, you must <b>disable</b> your popup manager, or enable javascript in your browser.";
  }
  elseif (($_GET[act]=="del")&&$_GET[file])
  {
 	 $value_de = base64_decode($_GET[file]);
 	 @unlink($dir_store."/$value_de");
 	 echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">file has been deleted!</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
  }
  if ($_GET[act]=="delall")
  {
 	 $handle = opendir($dir_store);
 	 while($file=readdir($handle))
 	 if (($file != ".")&&($file != ".."))
 	 @unlink($dir_store."/".$file);
 	 closedir($handle);

 	 echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">all files have been deleted!</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
  }

	}
	else
	{
  echo"<br><br>";
  $uploadpath=$dir_store."/";
  $source=$_FILES[fileupload][tmp_name];
  $fileupload_name=$_FILES[fileupload][name];
  $weight=$_FILES[fileupload][size];

  for($i=0;$i<count($file_ext_allow);$i++)
  {
 	 if (getlast($fileupload_name)!=$file_ext_allow[$i])
    $test.="~~";
  }
  $exp=explode("~~",$test);

  if (count($exp)==(count($file_ext_allow)+1))
  {
 	 echo"<br><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">ERROR: your file type is not allowed (".getlast($fileupload_name).")</font>, or you didn't specify a file to upload.</b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
  }
  else
  {

 	 if ($weight>$file_size_ind)
 	 {
    echo"<br><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">ERROR: please get the file size less than ".$file_size_ind." BYTES  (".round(($file_size_ind/1024),2)." KB)</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
 	 }
 	 else
 	 {

    foreach($_FILES[fileupload] as $key=>$value)
    {
   	 echo"<font color=\"#3399FF\">$key</font> : $value <br>";
    }

    echo "<br>";

    $dest = ''; 

    if (($source != 'none') && ($source != '' ))
    {
   	 $dest=$uploadpath.$fileupload_name;
   	 if ($dest != '')
   	 {
      if (file_exists($uploadpath.$fileupload_name))
      {
     	 echo"<br><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">ERROR: that file has already been uploaded before, please choose another file</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
      }
      else
      {
     	 if (copy($source,$dest))
     	 {
        if ($_POST[rename])
        {
       	 $_POST[rename]=replace($_POST[rename]);
       	 $exfile=explode(".",$fileupload_name);
       	 
       	 if (@rename("$dir_store/$fileupload_name","$dir_store/$_POST[rename].".getlast($fileupload_name))) 
       	 {
          echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">file has been renamed to $_POST[rename].".getlast($fileupload_name)."!</font></b></font><br>";
       	 }
        }
        echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">file has been uploaded!</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
     	 }
     	 else
     	 {
        echo"<br><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">ERROR: cannot upload, please chmod the dir to 777</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
     	 }
      }
   	 }
    }
 	 }
  }
	}
}

#/# end of main script, start authentication code IF user not logged in IF $auth_ReqPass is enabled

	} 
	else 
	{
  echo("<p><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> Authentication error</p>" .
"<p><a href='$_SERVER[PHP_SELF]?logout=1'>Delete cookies and login again<a></p>");
	}
	} 
	else 
	{

	if (!isset($login) || isset($relogin)) {
?>
<font size="3"><b><i><? echo ($title) ? ($title) : ("File Upload Manager"); ?></i> - Authentication</b></font><br><br>
<table class="table_auth"><tr><td><center>
Please enter the username and password to enter the restricted area.<br>
You must have cookies enabled in your browser to continue.
</center></td></tr></table>
<form action="<?=$_SERVER[PHP_SELF]?>?login=1" method="POST"><p>
Username: <input type="text" name="auth_formUser" size="20"><br>
Password: <input type="password" name="auth_formPass" size="20">
<p><input type="submit" name="submit" class="button" value="Log-In"></p>
</form></center>
<?
	} 
	elseif (isset($login)) 
	{
  echo("<p>$auth_msg</p>" . "<p>You'll be redirected in 2 seconds!</p>");
	}
	}
?>
</body>
</html>

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Playground Games confirms Forza Horizon 6 save wipe bug

      By RejZoR · Posted

      Wow, imagine you dump hundreds of hours into completing things and unlocking stuff and you lose it all. Back in the day when cheats were built into games, you could at least unlock things again that way without spending hundreds of hours again. But those days are long gone for some reason as no one builds cheats into games anymore. So it's even more painful that studio that's on its 6th installment **** it up so badly.
    • Spotify finally removes the disco ball app icon in the latest update

      By Ivan Jenic · Posted

      Spotify finally removes the disco ball app icon in the latest update by Ivan Jenic Image: Spotify Spotify has just released an update that removes its now infamous disco ball icon. The update reverts the app icon to the familiar flat green logo after weeks of mixed reactions online. The icon arrived on May 13 as part of the company's 20th anniversary celebration and was always intended to be temporary, though Spotify only confirmed that after the backlash started. The disco ball took the internet by storm, as the reception was split. A vocal group of users called it ugly and disorienting, with some iOS users noting that the 3D glowing effect made the app look like it was stuck mid-update. On the other end, the icon picked up a following of its own. Its retro, three-dimensional look immediately stood out against the flat, minimalist aesthetic that has dominated app design for years. It even started a small movement, spawning what people started calling "discomorphism," a mashup of disco and skeuomorphism. Other brands started posting disco ball versions of their own logos, probably in an effort to ride the wave of memes that flooded the internet during late May. Spotify has had a turbulent relationship with its user base lately. Besides the disco ball icon, which certainly wasn't appreciated by everyone, the company has also received backlash for its willingness to include AI-generated music on its platform. On May 17, Spotify promised the old icon would return “in a few weeks.” And now it looks like that time has finally arrived. So, whether you liked the disco ball or it made you uncomfortable, it’s now gone for good. The next time you update the Spotify app on your phone, the old, flat-design icon will return.
    • The official Funny Pictures thread

      By +primortal · Posted

    • Playground Games confirms Forza Horizon 6 save wipe bug

      By TarasBuria · Posted

      Playground Games confirms Forza Horizon 6 save wipe bug by Taras Buria Forza Horizon 6 was launched last month to critical acclaim (check out our review here), and it became a smash hit in an instant. Now, weeks into the launch, with die-hard fans clocking hundreds of hours, Forza Horizon 6 is facing a serious issue: save wipes. After multiple complaints on Reddit and social media, the studio issued a statement. The problem with missing saves came shortly after Playground Games promised the initial batch of gameplay tweaks and improvements. Unfortunately, there seems to be no temporary fixes for those affected by unexpected save wipes. However, the studio published a new support document with a few important steps users should try. First, affected gamers should open a support ticket immediately (go here to file one) so that the support team can try recovering the lost progress by reverting to an earlier save. Playground Games says this should be done the same day the issue occurs. Meanwhile, gamers are urged not to start new play sessions or create new saves. The studio also published a few things gamers should try to avoid to prevent potential progress loss: Ensure your Gaming Services app on PC or XBOX Series X|S console is fully up to date. On XBOX Series X|S consoles, disable Quick Resume for Forza Horizon 6: To disable Forza Horizon 6 from using Quick Resume, highlight the game box art anywhere in the console experience (Home, My Games & Apps, Pins, etc) and then press the Menu button, then go to Manage game and add-ons > Quick Resume settings > Disable Quick Resume. Ensure you are online when ‘quitting’ the game. Give your saved time to sync to the cloud before powering off or switching devices. Do not force quit the game during save screens. Do not power off the device during gameplay. Always "Quit" (console) or "Exit to desktop" (PC) once you've finished your play session, ensuring the save icon is not visible when you’re closing the game. Before turning off your console, shutting down your PC, or force-closing the Steam app, give your devices or clients at least a few minutes to ensure your latest progress has been synchronized with the cloud. This will reduce the risk of progress reversions as you switch between different platforms. XBOX Series X|S consoles, Steam, and the XBOX app on PC all include game save indicators that confirm your progress has been synced. You can read more about the bug in the official support document here. Forza Horizon 6 is currently available on PC (Steam and the Microsoft Store), Xbox Series X|S, and Game Pass. The game is also coming to PlayStation 5 later this year.
    • The official Funny Pictures thread

      By +primortal · Posted

  • Recent Achievements

    • One Year In
      slackerzz earned a badge
      One Year In
    • One Year In
      highriskpaym earned a badge
      One Year In
    • One Month Later
      highriskpaym earned a badge
      One Month Later
    • Week One Done
      highriskpaym earned a badge
      Week One Done
    • Week One Done
      FBSPL earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      520
    2. 2
      PsYcHoKiLLa
      198
    3. 3
      +Edouard
      158
    4. 4
      Steven P.
      84
    5. 5
      ATLien_0
      75
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!