• 0

[PHP] File upload script

Asked by imation2458,

 Share

Question

Mentor

imation2458

Posted
Posted

I have a PHP file upload script working but i want to customize it slightly... Right now after upload it gives you this output to screen:

File Upload Successful!

Successfully Sent: mp3test.exe , a 214528 byte file with the extension type of application/octet-stream

I want it to give you the www url of the file you uploaded. So you could just click on a link given and it would take you right to the file. I dunno how to do this though. I hope someone can give me the php to do this. THanks

Link to comment
https://www.neowin.net/forum/topic/112621-php-file-upload-script/
Share on other sites

10 answers to this question

Recommended Posts

  • 0
Mentor

imation2458

Posted
  • Author
Posted 
<?php

if ($img1_name != "") {
        
        @copy("$img1" , "/home/imation/public_html/upload/files/$img1_name")
               
                or die("Couldn't Upload Your File.");


} else {

       die("No File Specified");

}

?>

<HTML>
<HEAD>
<TITLE>File Upload Successful</TITLE>
</HEAD>

<BODY>

<H1>File Upload Successful!</H1>

<P>Successfully Sent: <?php echo "$img1_name"; ?> , a <?php echo "$img1_size"; ?> byte file with the extension type of <?php echo "$img1_type"; ?> </P>

</BODY>

</HTML>

  • 0
Grand Master

AshMan

Posted
Posted 
<?php

if ($img1_name != "") {
        
        @copy("$img1" , "/home/imation/public_html/upload/files/$img1_name")
               
                or die("Couldn't Upload Your File.");


} else {

       die("No File Specified");

}

?>

<HTML>
<HEAD>
<TITLE>File Upload Successful</TITLE>
</HEAD>

<BODY>

<H1>File Upload Successful!</H1>

<P>Successfully Sent: <?php echo "$img1_name"; ?> , a <?php echo "$img1_size"; ?> byte file with the extension type of <?php echo "$img1_type"; ?> </P>

<A HREF="http://www.YOURSERVER.com/upload/files/<?=$img1_name ?>" Target=_blank><?=$img1_name ?></A>

</BODY>

</HTML>

  • 0
Grand Master

Dessimat0r

Posted
Posted

What kind of file upload script do you need? I made something called CollegeBast*rd while back that gives you a listing of uploaded files, and allows you upload and delete files, etc.

This is from when I didn't know that much about PHP ;)

<?php
set_time_limit(1000);
?>
<body text="#000000" link="#3366CC" vlink="#3333CC" alink="#3333CC">
<div align="left">
  <p align="center"><font size="5" face="Verdana, Arial, Helvetica, sans-serif">University<strong>****** 
    <font size="2">0.94b<br>
    The ****** that brings files from j00r home to college, and vice-versa!</font></strong></font></p>
  <p align="left"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
    <?php

	function zonechange ($current, $target) {
	$current = +5 * $current;
	$zonedate = mktime(date('G'), date('i'), date('s'), date('n'), date('j'), date('Y'), 1) + (($current + $target) * 3600);
	return $zonedate;
	}
    
	$db = mysql_connect("localhost", "n/a", "n/a");
	if($db) {
  $db = mysql_select_db("college******", $db);
  if (($HTTP_GET_VARS['username']) && ($HTTP_GET_VARS['password'])) {
 	 $username = trim($HTTP_GET_VARS['username']);
 	 $password = trim($HTTP_GET_VARS['password']);
 	 if ($users = mysql_fetch_row(mysql_query("SELECT * FROM users WHERE username='$username' AND 

password='$password'"))) {
    ?>
     	 Welcome to College<strong>******</strong>, <?php echo $users[1] ?>.</font> 
      </p>
      </div>
    
<?php 
if (isset($HTTP_GET_VARS['delete'])) {
	$deleteid = $HTTP_GET_VARS['delete'];
	$delfilesql = mysql_query("SELECT * FROM files WHERE id='$deleteid'");
	if ($delfile = mysql_fetch_row($delfilesql)) {
  if ($delfile[5] == $users[0]) {
 	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The file has been 

verified to belong to you.</font></strong>';
 	 ?><BR /><?php
 	 $file = 'downloads/'.$username.'/'.$delfile[1];
 	 if (unlink($file)) {
    echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The file has 

been successfully deleted from the server.</font></strong>';	
 	 } else {
    echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">There was a 

problem in deleting the file from the server!</font></strong>';
 	 }
 	 ?><BR /><?php
 	 mysql_query("DELETE FROM files WHERE id=$deleteid");
 	 if (!mysql_result(mysql_query("SELECT * FROM files WHERE id='$deleteid'"),0)) {
    echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The file 

linkage was successfully deleted from the database.</font></strong>';
 	 } else {
    echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">The file linkage 

could not be removed from the database! It has possibly been deleted already.</font></strong>';
 	 }	
  } else {
 	 echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">You do not own this file, 

and so therefore you cannot delete it.</font></strong>';
  }
	} else {
  echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">This file does not exist in the 

database.</font></strong>';
	} 	 
} else if ($FrmBtn == 'Upload') {
	if ($file = $HTTP_POST_FILES['userfile']['name']) {
	echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The filename has been retrieved from 

the file that is going to be uploaded.</font></strong><BR />';
  if(is_dir('downloads/'.$username)) {
 	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory that the 

file will be moved to already exists.</font></strong><BR />';
  } else {
 	 echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">The directory that the 

file will be moved to does not exist! Attempting to create directory now.</font></strong><BR />';
 	 if (mkdir('downloads/'.$username)) {
    echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory 

was created successfully.</font></strong><BR />';
 	 }
  }
  if(is_dir('downloads/'.$username)) {
  echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory that the file 

will be moved to has been verified to exist.</font></strong><BR />';  
 	 if (!file_exists('downloads/'.$username.'/'.$file)) {
    echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory 

that the file will be moved to does not contain a file with the same name.</font></strong><BR />';
    if(is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])) {
   	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The 

file was uploaded to the temporary directory successfully.</font></strong><BR />';
   	 $filesize = $HTTP_POST_FILES['userfile']['size'];
   	 $max_id = mysql_result(mysql_query("SELECT MAX(id) FROM files"), 0)+1;
   	 if (copy($HTTP_POST_FILES['userfile']['tmp_name'],"downloads/".$username.'/'.$file)) {
      echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, 

sans-serif">The file was moved from the temporary directory to the final directory successfully.</font></strong><BR />';	
      $dateuploaded = date('d/m/Y');
      echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="green"><b>The 

upload date was aqquired successfully : '.$dateuploaded.'.<BR />';
      $description = trim(nl2br(htmlspecialchars($description)));
      $path_parts = pathinfo($file);
      $extension = $path_parts["extension"];
      if (mysql_query("INSERT INTO files 

(id,name,extension,size,category,userid,description,dateuploaded) VALUES ('$max_id','$file','$extension', 

'$filesize','$category','$users[0]','$description','$dateuploaded')")) {
     	 echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" 

color="green"><b>The file details were entered into the database correctly.<BR />';
     	 echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" 

color="green"><b>The file was uploaded successfully. (/downloads/'.$username.'/'.$file.'</font></b>)';
      } else {
     	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, 

sans-serif">The details of the file could not be entered into the database.</font></strong>';
      }
   	 } else {
      echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, 

sans-serif">The file could not be moved from the temporary directory to the final directory.</font></strong>';
   	 }
    } else {
   	 echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="red"><b>The file could 

not be uploaded for some reason.</font></b><BR />';
    }
 	 } else {
    echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="red"><b>The file already 

exists on the server, or a different file under the same filename. Please rename the file to avoid the conflict, and then try 

again.</font></b>';  
 	 }
  } else {
 	 echo '<strong><font size="2" color="green" face="Verdana, Arial, Helvetica, sans-serif">The directory was 

created successfully.</font></strong>';
  }
	} else {
  echo '<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="red"><b>The filename could not be retrieved 

from the file that is going to be uploaded.</font></b>';  
	}
}

?>

<table width="100%" border="1" cellpadding="1" cellspacing="0" bordercolor="#FFFFFF">
  <tr align="center" bgcolor="#CCCCCC"> 
    <td width="10%" height="18" nowrap><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">id 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=id&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'id') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>) </font></strong></td>
    <td width="20%" height="18" nowrap bgcolor="#999999"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">filename 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=name&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'name') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></td>
    <td width="20%" nowrap bgcolor="#CCCCCC"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">description 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=description&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'description') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></td>
    <td width="10%" height="18" nowrap bgcolor="#999999"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">extension 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=extension&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'extension') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></td>
    <td width="10%" height="18" nowrap bgcolor="#CCCCCC"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">size 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=size&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'size') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></td>
    <td width="10%" height="18" nowrap bgcolor="#999999"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif">category 
      (<a href="?username=<?php echo $users[1] ?>&password=<?php echo $users[2] ?>&order=category&sort=
<?php
  if ($HTTP_GET_VARS['order'] == 'size') {
 	 if ($HTTP_GET_VARS['sort'] == 'ASC') {
      echo 'DESC';
 	 } else {
    echo 'ASC';
 	 }
  } else {
 	 echo 'ASC';
  }
  ?>">order by</a>)</font></strong></font></td>
	<td width="10%" nowrap bgcolor="#CCCCCC"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>upload 

date</strong></font></td>
  
    <td width="10%" nowrap bgcolor="#999999"><font size="2" face="Verdana, Arial, Helvetica, 

sans-serif"><strong>delete?</strong></font></td>
  </tr>
  <?php
    if ($HTTP_GET_VARS['order']) {
   	 $order = $HTTP_GET_VARS['order'];
    } else {
   	 $order = 'id';
    }
    
    if ($HTTP_GET_VARS['sort']) {
   	 $sort = $HTTP_GET_VARS['sort'];
    } else {
   	 $sort = 'ASC';
    }
   	 
    $sqlx = 'SELECT * FROM files WHERE userid='.$users[0].' ORDER BY '.$order.' '.$sort;
    $sql = mysql_query($sqlx);
    
    $sizecounter = 0;
  
    while ($files = mysql_fetch_row($sql)) {
   	 if (!$files[6]) {
      $files[6] = 'A description is not yet available.';
   	 }
   	 
   	 $catssql = mysql_query("SELECT * FROM categories WHERE id='$files[4]' ORDER BY id");
   	 $cats = mysql_fetch_row($catssql);
   	 if ($cats) {
      $files[4] = $cats[1];	
   	 } else {
      $files[4] = 'N/A';
   	 }
   	 
   	 if (!$files[7]) {
      $files[7] = 'N/A';
   	 }
   	 
   	 $sizecounter = ($sizecounter + $files[3]);
    
   	 $ext2 = array("B","KB","MB","GB","TB");
   	 while ($files[3] >= pow(1024,$j)) ++$j;
      $files[3] = round($files[3] / pow(1024,$j-1) * 100) / 100 . $ext2[$j-1];
   	 
   	 print <<<EOT
   	 <tr bgcolor="#CCCCCC" align="center"> 
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[0]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a 

href="downloads/$username/$files[1]"><b>$files[1]</b></a><BR /><font size="1">[<a href="downloads/$username/$files[1]?!">bypass 

proxy</a>]</BR>[ <a href="?username=$users[1]&password=$users[2]&modify=$files[0]&order=$order&sort=$sort">modify</a> 

]</font></font></td>
   	 <td align="left"><font size="1" face="Verdana, Arial, Helvetica, 

sans-serif">$files[6]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[2]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[3]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[4]</font></td>
   	 <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">$files[7]</font></td>
   	 <td><font size="1" face="Verdana, Arial, Helvetica, sans-serif">[ <a 

href="?username=$users[1]&password=$users[2]&delete=$files[0]&order=$order&sort=$sort">Delete</a> ]</font></td>
   	 </tr>
EOT;
   	 $count++;
    }
    if (!$count) {
   	 ?>
  <tr bgcolor="#000000"> 
    <td colspan="8" align="center"><strong><font size="2" face="Verdana, Arial, Helvetica, sans-serif" color="#33FF00">** 
      No files uploaded yet. **</font></strong></td>
  </tr>
  <?php
    } else {
   	 $ext2 = array("B","KB","MB","GB","TB");
   	 while ($sizecounter >= pow(1024,$j)) ++$j;
      $sizecounter = round($sizecounter / pow(1024,$j-1) * 100) / 100 . $ext2[$j-1];
   	 ?>
   	 <font size="2" face="Verdana, Arial, Helvetica, sans-serif">You currently have <?php echo 

$sizecounter ?> of files stored.</font>
    <?php
    }
    ?>
  <tr bgcolor="#999999"> 
    <td height="17" colspan="8" align="right"><font color="#FFFFFF" size="1" face="Verdana, Arial, Helvetica, 

sans-serif">College<strong>******</strong> 
      <font color="#33FF00">>>></font></font></td>
  </tr>
</table>
    
<form name="upload" enctype="multipart/form-data" method="post" action="index.php?username=<?php echo $users[1] ?>&password=<?php echo 

$users[2] ?>&order=<?php echo $order ?>&sort=<?php echo $sort ?>">
  <table width="400" border="1" align="center" cellpadding="2" cellspacing="0" bordercolor="#3366CC">
    <tr> 
      <td bgcolor="#3366CC"> <div align="center"><font color="#FFFFFF" size="2" face="Verdana, Arial, Helvetica, 

sans-serif"><strong>Uploader</strong></font></div></td>
    </tr>
    <tr> 
      <td bgcolor="#CCCCCC"> <p><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>File 
          to upload:</strong><br />
          <input name="userfile" type="file" size="40" />
          <br />
          <br />
          <strong>Description:</strong><br />
          <textarea name="description" cols="40" rows="6" id="description"></textarea>
          <br />
          <br />
          <strong>Category:</strong></font><br />
    <select name="category" id="category">
   	 <?php
 	 $catssql = mysql_query("SELECT * FROM categories ORDER BY id");	
 	 while ($cats = mysql_fetch_row($catssql)) {
    if ($cats[0] == 0) {
   	 echo '<option value="'.$cats[0].'" $selected>['.$cats[0].'] - '.$cats[1].'</option>';
    } else {
   	 echo '<option value="'.$cats[0].'">['.$cats[0].'] - '.$cats[1].'</option>';
    }	
 	 }
 	 ?>
          </select>
        </p>
        <p align="center"> 
          <input name="FrmBtn" type="submit" id="FrmBtn" value="Upload" />
        </p></td>
    </tr>
  </table>
</form>
  <?php
 	 } else {
    echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">The username and 

password entered is invalid.</font></strong>';
 	 }
  } else {
 	 echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">You did not specify a 

username and password!</font></strong>';
  }   	 
	} else if(!$db) {
  echo '<strong><font size="2" color="red" face="Verdana, Arial, Helvetica, sans-serif">Could not connect to the MySQL 

database!</font></strong>';
	}

?>

  • 0
Mentor

imation2458

Posted
  • Author
Posted

WEll, heres what i am trying to do. I have a guest user name & pass in order to access upload privalges. But when you get access your able to also delete files. Is there anyway i can maybe add a admin user name that only has those "delete" prviagles? Thanks if you can tell me the code i neeed.

################## configurations ####################

# header & title of this file
$title = "File Upload Manager";

# individual file size limit - in bytes (102400 bytes = 100KB)
$file_size_ind = "1024000";

# the upload store directory (chmod 777)
$dir_store= "store";

# the images directory
$dir_img= "img";

# the style-sheet file to use (located in the "img" directory, excluding .css)
$style = "style-def";

# the file type extensions allowed to be uploaded
$file_ext_allow = array("gif","jpg","jpeg","png","txt","nfo","doc","rtf","htm","dmg","zip","rar","gz","exe");

# option to display the file list
# to enable/disable, enter '1' to ENABLE or '0' to DISABLE (without quotes)
$file_list_allow = 1;

# option to allow file deletion
# to enable/disable, enter '1' to ENABLE or '0' to DISABLE (without quotes)
$file_del_allow = 1;

# option to password-protect this script [-part1]
# to enable/disable, enter '1' to ENABLE or '0' to DISABLE (without quotes)
$auth_ReqPass = 1;

# option to password-protect this script [-part2]
# if "$auth_ReqPass" is enabled you must set the username and password
$auth_usern = "uploader";
$auth_passw = "upload";

################ end of configurations ###############


# DO NOT ALTER OR EDIT BELOW THIS LINE UNLESS YOU ARE AN ADVANCED PHP PROGRAMMER

?>
<?
if (@phpversion() < '4.1.0') {
    $_FILE = $HTTP_POST_FILES;
    $_GET = $HTTP_GET_VARS;
    $_POST = $HTTP_POST_VARS;
}
clearstatcache();
error_reporting(E_ALL & ~E_NOTICE);
$fum_vers = "1.3"; # do not edit this line, the script will not work!!!
$fum_info_full = "File Upload Manager v$fum_vers";

function authDo($auth_userToCheck, $auth_passToCheck) 
{
	global $auth_usern, $auth_passw;
	$auth_encodedPass = md5($auth_passw);

	if ($auth_userToCheck == $auth_usern && $auth_passToCheck == $auth_encodedPass) {
	$auth_check = TRUE;
	} else {
	$auth_check = FALSE;
	} 
	return $auth_check;
	}

	if (isset($logout)) {
	setcookie ('fum_user', "",time()-3600); 
	setcookie ('fum_pass', "",time()-3600);
	}
  
	if (isset($login)) {
	$auth_password_en = md5($auth_formPass); 
	$auth_username_en = $auth_formUser;

	if (authDo($auth_username_en, $auth_password_en)) { 
	setcookie ('fum_user', $auth_username_en,time()+3600); 
	setcookie ('fum_pass', $auth_password_en,time()+3600); 
	$auth_msg = "<b>Authentication successful!</b> The cookies have been set.<br><br>".
	$auth_msg . "Your password (MD5 encrypted) is: $auth_password_en";
	} else { 
	$auth_msg = "<b>Authentication error!</b>";
	}
}

if (($_GET[act]=="dl")&&$_GET[file]) 
{
	if ($auth_ReqPass != 1 || ($auth_ReqPass == 1 && isset($fum_user) && !isset($logout))) { 
	if ($auth_ReqPass != 1 || ($auth_ReqPass == 1 && authDo($fum_user, $fum_pass))) {

	$value_de=base64_decode($_GET[file]);
	$dl_full=$dir_store."/".$value_de;
	$dl_name=$value_de;

	if (!file_exists($dl_full))
	{ 
	echo"ERROR: Cannot download file, it does not exist.<br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";  
	exit();
	} 

	header("Content-Type: application/octet-stream");
	header("Content-Disposition: attachment; filename=$dl_name");
	header("Content-Length: ".filesize($dl_full));
	header("Accept-Ranges: bytes");
	header("Pragma: no-cache");
	header("Expires: 0");
	header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
	header("Content-transfer-encoding: binary");
 	 
	@readfile($dl_full);

	exit();

	}
	}
}

function getlast($toget)
{
	$pos=strrpos($toget,".");
	$lastext=substr($toget,$pos+1);

	return $lastext;
}

function replace($o)
{
	$o=str_replace("/","",$o);
	$o=str_replace("\\","",$o);
	$o=str_replace(":","",$o);
	$o=str_replace("*","",$o);
	$o=str_replace("?","",$o);
	$o=str_replace("<","",$o);
	$o=str_replace(">","",$o);
	$o=str_replace("\"","",$o);
	$o=str_replace("|","",$o);

	return $o;
}

?>
<!-- <?=$fum_info_full?> -->

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title><? echo ($title) ? ($title) : ("File Upload Manager"); ?></title>
<link rel="stylesheet" href="<?=$dir_img?>/<?=$style?>.css" type="text/css">
<?
	if ($auth_ReqPass == 1) 
	{ 
  if (isset($login) || isset($logout)) {
 	 echo("<meta http-equiv='refresh' content='2;url=$_SERVER[PHP_SELF]'>");
  }
	}
?>
</head>
<body bgcolor="#F7F7F7"><br><br>
<center>
<?	
	if ($auth_ReqPass != 1 || ($auth_ReqPass == 1 && isset($fum_user) && !isset($logout))) { 
	if ($auth_ReqPass != 1 || ($auth_ReqPass == 1 && authDo($fum_user, $fum_pass))) {
?>
<table width="560" cellspacing="0" cellpadding="0" border="0">
  <tr>
    <td><font size="3"><b><i><? echo ($title) ? ($title) : ("File Upload Manager"); ?></i></b></font> <font style="text-decoration: bold; font-size: 9px;">v<?=$fum_vers?></font> 
<? 
	#--Please do not remove my link/copyright as it is unfair and a breach of the license--#
	echo"<a href=\"http://www.mtnpeak.net\" style=\"text-decoration: none; color: #C0C0C0; font-size: 9px; cursor: default\";>© thepeak</a>"; 
?>
    </td>
   </tr>
</table>
<?
	if (!eregi("777",decoct(fileperms($dir_store))))
	{
  echo"<br><br><b><h4><font color=\"FF0000\">ERROR: cannot access the upload store file directory. please chmod the \"$dir_store\" directory with value 0777 (xrw-xrw-xrw)!</h4></font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">refresh</a>";
	}
	else
	{
  if (!$_FILES[fileupload])
  {
?>
<table width="560" cellspacing="0" cellpadding="0" border="0" class="table_decoration" style="padding-top:5px;padding-left=5px;padding-bottom:5px;padding-right:5px">
  <form method="post" enctype="multipart/form-data">
  <tr>
    <td>file:</td><td><input type="file" name="fileupload" class="textfield" size="30"></td>
  </tr>
  <tr>
    <td>rename to:</td><td><input type="text" name="rename" class="textfield" size="46"></td>
  </tr>
  <tr>
    <td>file types allowed:</td><td>
	<?
	for($i=0;$i<count($file_ext_allow);$i++)
	{
  if (($i<>count($file_ext_allow)-1))$commas=", ";else $commas="";
  list($key,$value)=each($file_ext_allow);
  echo $value.$commas;
	}
	?>
    </td>
  </tr>
  <tr>
    <td>file size limit:</td>
	<td>
  <b><?
 	 if ($file_size_ind >= 1048576) 
 	 {
    $file_size_ind_rnd = round(($file_size_ind/1024000),3) . " MB";
 	 } 
 	 elseif ($file_size_ind >= 1024) 
 	 {	
    $file_size_ind_rnd = round(($file_size_ind/1024),2) . " KB";
 	 } 
 	 elseif ($file_size_ind >= 0) 
 	 {
    $file_size_ind_rnd = $file_size_ind . " bytes";
 	 } 
 	 else 
 	 {
    $file_size_ind_rnd = "0 bytes";
 	 }
 	 
 	 echo "$file_size_ind_rnd";
  ?></b>
	</td>
  </tr>
  <tr>
    <td colspan="2"><input type="submit" value="upload" class="button"> <input type="reset" value="clear" class="button"></td>
  </tr>
  </form>
</table>
<?
  if ((!$_GET[act]||!$_GET[file])&&$_GET[act]!="delall")
  {
 	 $opendir = @opendir($dir_store);

 	 while ($readdir = @readdir($opendir))
 	 {
    if ($readdir<>"." && $readdir<>".." && $readdir != "index.html")
    {
   	 $filearr[] = $readdir;
    }
    $sort=array();
    for($i=1;$i<=count($filearr);$i++)
    {
   	 $key = sizeof($filearr)-$i;
   	 $file = $filearr[$key];

   	 $sort[$i]=$file;
    }
    asort($sort);
 	 }
?>
<br>
<table width="560" cellspacing="0" cellpadding="0" border="0" class="table_decoration" style="padding-left:5px">
  <tr>
    <td><b>admin tools:</b>
<? 
	if ($file_del_allow != 1 && $auth_ReqPass != 1)
	{
  echo"<i>none</i>";
	}

	if ($file_del_allow == 1 && $file_list_allow == 1 && (count($filearr) >= 1)) 
	{ 
  echo"<a href=\"javascript:;\" onClick=\"cf=confirm('Are you sure you want to delete ALL FILES?');if (cf)window.location='?act=delall'; return false;\" style=\"font-size: 9px;\"><delete all files></a>";
	}

	if ($auth_ReqPass == 1) 
	{ 
  echo" <a href=\"$_SERVER[PHP_SELF]?logout=1\" style=\"font-size: 9px;\"><log-out><a>";
	}
?>
    </td>
  </tr>
</table>
<br>
<?	
 	 if ($file_list_allow == 1 && (count($filearr) >= 1)) 
 	 {
?>
<table width="560" cellspacing="0" cellpadding="0" border="0" class="table_decoration" style="padding-left:6px">
  <tr bgcolor="#DBDBDB">
    <td align="left" width="46%">FILE NAME</td>
    <td align="center" width="12%">FILE TYPE</td>
    <td align="center" width="12%">FILE SIZE</td>
    <td align="center" width="30%">FUNCTIONS</td>
  </tr>
<?
    for($i=1;$i<=count($sort);$i++)
    {
   	 list($key,$value)=each($sort);

   	 if ($value)
   	 {
      $value_en = base64_encode($value);
      $value_view=$value;
      
     	 if (strlen($value) >= 48) 
     	 { 
        $value_view = substr($value_view, 0, 45) . '...';
     	 }
?>
<tr>
    <td width="30%"><?="<a href=\"?act=view&file=$value_en\">$value_view</a>"?></td>
    <td align="center" width="5%"><? echo strtoupper(getlast($value)); ?></td>
    <td align="center" width="5%"><?

   	 $value_full = $dir_store."/".$value;
   	 $file_size = filesize($value_full);
  
  if ($file_size >= 1048576) 
  {
 	 $show_filesize = number_format(($file_size / 1048576),2) . " MB";
  } 
  elseif ($file_size >= 1024) 
  {
 	 $show_filesize = number_format(($file_size / 1024),2) . " KB";
  } 
  elseif ($file_size >= 0) 
  {
 	 $show_filesize = $file_size . " bytes";
  } 
  else 
  {
 	 $show_filesize = "0 bytes";
  }

  echo "$show_filesize";
  
?></td>
    <td align="center" width="5%"><?="<a title=\"View File\" href=\"?act=view&file=$value_en\"><view></a>"?> | 
<?
	if ($file_del_allow == 1) 
	{ 
  echo"<a title=\"Download file\" href=\"?act=dl&file=$value_en\"><dl></a>";
  } 
	else 
	{ 
  echo"<a title=\"Download file\" href=\"?act=dl&file=$value_en\"><download></a>"; 
	} 

	if ($file_del_allow == 1) 
	{ 
  echo" | <a title=\"Delete file\" href=\"javascript:;\" onClick=\"cf=confirm('Are you sure you want to delete this file?');if (cf)window.location='?act=del&file=$value_en'; return false;\"><delete></a>";
	} 
	else 
	{ 
  echo" "; 
	} 
?>
    </td>
</tr>
<?
    }
    else
    {
   	 echo"<br>";
    }
    }
?>
</table></center>
<?
 	 }
  }
  elseif (($_GET[act]=="view")&&$_GET[file])
  {
 	 $value_de = base64_decode($_GET[file]);
 	 echo"<script language=\"javascript\">\nViewPopup = window.open(\"$dir_store/$value_de\", \"fum_viewfile\", \"toolbar=no,status=no,menubar=no,scrollbars=yes,resizable=yes,location=no,width=640,height=480\")\nViewPopup.document.bgColor=\"#F7F7F7\"\nViewPopup.document.close()\n</script>";
 	 echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">file opened!</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a><br><br><br>If the file did not display, you must <b>disable</b> your popup manager, or enable javascript in your browser.";
  }
  elseif (($_GET[act]=="del")&&$_GET[file])
  {
 	 $value_de = base64_decode($_GET[file]);
 	 @unlink($dir_store."/$value_de");
 	 echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">file has been deleted!</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
  }
  if ($_GET[act]=="delall")
  {
 	 $handle = opendir($dir_store);
 	 while($file=readdir($handle))
 	 if (($file != ".")&&($file != ".."))
 	 @unlink($dir_store."/".$file);
 	 closedir($handle);

 	 echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">all files have been deleted!</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
  }

	}
	else
	{
  echo"<br><br>";
  $uploadpath=$dir_store."/";
  $source=$_FILES[fileupload][tmp_name];
  $fileupload_name=$_FILES[fileupload][name];
  $weight=$_FILES[fileupload][size];

  for($i=0;$i<count($file_ext_allow);$i++)
  {
 	 if (getlast($fileupload_name)!=$file_ext_allow[$i])
    $test.="~~";
  }
  $exp=explode("~~",$test);

  if (count($exp)==(count($file_ext_allow)+1))
  {
 	 echo"<br><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">ERROR: your file type is not allowed (".getlast($fileupload_name).")</font>, or you didn't specify a file to upload.</b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
  }
  else
  {

 	 if ($weight>$file_size_ind)
 	 {
    echo"<br><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">ERROR: please get the file size less than ".$file_size_ind." BYTES  (".round(($file_size_ind/1024),2)." KB)</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
 	 }
 	 else
 	 {

    foreach($_FILES[fileupload] as $key=>$value)
    {
   	 echo"<font color=\"#3399FF\">$key</font> : $value <br>";
    }

    echo "<br>";

    $dest = ''; 

    if (($source != 'none') && ($source != '' ))
    {
   	 $dest=$uploadpath.$fileupload_name;
   	 if ($dest != '')
   	 {
      if (file_exists($uploadpath.$fileupload_name))
      {
     	 echo"<br><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">ERROR: that file has already been uploaded before, please choose another file</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
      }
      else
      {
     	 if (copy($source,$dest))
     	 {
        if ($_POST[rename])
        {
       	 $_POST[rename]=replace($_POST[rename]);
       	 $exfile=explode(".",$fileupload_name);
       	 
       	 if (@rename("$dir_store/$fileupload_name","$dir_store/$_POST[rename].".getlast($fileupload_name))) 
       	 {
          echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">file has been renamed to $_POST[rename].".getlast($fileupload_name)."!</font></b></font><br>";
       	 }
        }
        echo"<br><img src=\"$dir_img/info.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">file has been uploaded!</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
     	 }
     	 else
     	 {
        echo"<br><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> <b><font size=\"2\">ERROR: cannot upload, please chmod the dir to 777</font></b><br>?<a href=\"$_SERVER[PHP_SELF]\">back</a>";
     	 }
      }
   	 }
    }
 	 }
  }
	}
}

#/# end of main script, start authentication code IF user not logged in IF $auth_ReqPass is enabled

	} 
	else 
	{
  echo("<p><img src=\"$dir_img/error.gif\" width=\"15\" height=\"15\"> Authentication error</p>" .
"<p><a href='$_SERVER[PHP_SELF]?logout=1'>Delete cookies and login again<a></p>");
	}
	} 
	else 
	{

	if (!isset($login) || isset($relogin)) {
?>
<font size="3"><b><i><? echo ($title) ? ($title) : ("File Upload Manager"); ?></i> - Authentication</b></font><br><br>
<table class="table_auth"><tr><td><center>
Please enter the username and password to enter the restricted area.<br>
You must have cookies enabled in your browser to continue.
</center></td></tr></table>
<form action="<?=$_SERVER[PHP_SELF]?>?login=1" method="POST"><p>
Username: <input type="text" name="auth_formUser" size="20"><br>
Password: <input type="password" name="auth_formPass" size="20">
<p><input type="submit" name="submit" class="button" value="Log-In"></p>
</form></center>
<?
	} 
	elseif (isset($login)) 
	{
  echo("<p>$auth_msg</p>" . "<p>You'll be redirected in 2 seconds!</p>");
	}
	}
?>
</body>
</html>

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Spotify finally removes the disco ball app icon in the latest update

      By Xerxes · Posted

      Same, never saw it on Android or iOS. Guess only some people got it *shrugs*
    • Anthropic pulls Fable 5 and Mythos 5 after US export control order

      By pradeepviswav · Posted

      Anthropic pulls Fable 5 and Mythos 5 after US export control order by Pradeep Viswanathan In April this year, Anthropic launched the Claude Mythos Preview frontier model with state-of-the-art cyber and coding capabilities for a select set of companies around the world. After preparing appropriate guardrails, early this week, Anthropic launched Claude Fable 5 and Mythos 5, its most capable AI models. Claude Fable 5 is for general users and comes with strict safeguards, while Mythos 5 is designed with fewer safeguards for cybersecurity and biology use cases. Today, Anthropic abruptly suspended access to its Fable 5 and Mythos 5 AI models for all customers after receiving an export control directive from the US government. The company received the directive from the government today at 5:21 p.m. ET, and the received letter did not provide any details regarding the national security concern. Anthropic understands that the government became aware of a method to bypass, or “jailbreak,” Fable 5, which might be the reason behind the directive. The order was issued under national security authorities and requires the company to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether they are inside or outside the United States. The restriction also applies to foreign national employees working at Anthropic. As a result, the company has disabled both models for all customers to ensure compliance. Access to previous Anthropic models like Opus and Sonnet is not affected by this government order. The company highlighted that it had developed strong safeguards to reduce the possibility that Fable is misused for tasks related to cybersecurity. In fact, many developers are complaining that the safeguards are going overboard. Additionally, the company worked with the US government, the UK AISI, multiple private third-party organizations, and internal teams to red-team Fable’s safeguards for thousands of hours. Finally, Anthropic noted that no testers have yet been able to find a universal jailbreak on Fable 5. As expected, Anthropic disagrees that a narrow potential jailbreak should lead to the recall of a commercial model used by hundreds of millions of people. It warned that applying this standard across the AI industry could effectively halt new frontier model deployments. Anthropic concluded by mentioning that it is working to restore access to Fable 5 and Mythos 5 as soon as possible and plans to share more details within the next 24 hours.
    • Brave Browser 1.91.172

      By Copernic · Posted

      Brave Browser 1.91.172 is out.
    • Any Video Converter Free 9.2.3

      By Copernic · Posted

      Any Video Converter Free 9.2.3 by Razvan Serea Any Video Converter is an All-in-One video converting tool with an easy-to-use graphical interface, fast converting speed and excellent video quality. Any Video Converter supports all popular video formats and converts your videos to different video formats including MP4, MOV, MKV, M2TS, M4V, MPEG, AVI, WMV, ASF, OGV, WEBM, and more. It supports converting videos to customized percent (50%, 100%, 200%, and more) or resolution (480p, 720p, 1080p, 4K, and more); It supports encoding videos into x264, x265, h263p, xvid, mpeg, wmv, and more. Any Video Converter Free key features: Compatible with Windows 11/10/8.1/8/7 (32-64bit) User interface are available in 14 languages Convert all kinds of video formats including high-definition videos Extract audio from any videos and save as MP3/WMA for your mp3 player Take snapshot from any videos and build your own picture collection Support high-definition for both input and output Batch add videos from hard drive and batch convert Customize output parameters completely as you like Manage your output videos files by group or output profile Merge several video files into a single and long one Clip a video into segments Free Audio Filter: Adjust audio volume and add audio effects Crop frame size to remove black bars and retain what you want only Adjust the brightness, contrast, saturation Rotate or flip or add noise/sharpen effects Produce output video with subtitles of your own dialogue and much, much more... Any Video Converter Free 9.2.3 changelog: Fixed video download engine auto-update failures. Added custom speed control support in the speed change tool. Added support for downloading YouTube AI-generated subtitles. Added support for preserving original audio stream in the format convert tool (e.g., Dolby Atmos, DTS:X). Fixed other bugs and improved overall performance. Download: Any Video Converter Free 9.2.3 | 7.6 MB (Freeware) View: Any Video Converter Free Home Page | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Lethal fake phone chargers are still being sold on Amazon and eBay, UK watchdog warns

      By ZipZapRap · Posted

      Not sure what country you’re in but in many countries you can absolutely jail the sellers behind businesses… in fact I’d say in most countries you can do that

  • Recent Achievements

    • Contributor
      MarkHughes4096 went up a rank
      Contributor
    • Dedicated
      jordanspringer earned a badge
      Dedicated
    • Rookie
      Rimplesnort went up a rank
      Rookie
    • One Year In
      Markus94287 earned a badge
      One Year In
    • One Month Later
      Markus94287 earned a badge
      One Month Later

  • Popular Contributors

    1. 1
      +primortal
      505
    2. 2
      +Edouard
      176
    3. 3
      PsYcHoKiLLa
      148
    4. 4
      ATLien_0
      92
    5. 5
      Steven P.
      79
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!