PHP-upload script hjälp|Programmering / Grafisk formgivning|Forum|Nordichardware

Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
The forums are currently locked and only available for read only access
sp_Feed sp_TopicIcon
PHP-upload script hjälp
Jon lord
Kommer du hit ofta?
Medlem
Forum Posts: 382
Member Since:
December 8, 2005
sp_UserOfflineSmall Offline
1
September 9, 2007 - 5:24 pm
sp_Permalink sp_Print

Hejsan!

Jag har hittat ett bra upload script som jag hade tänkt använda på min server , men den har ett problem: den skriver över gamla filen om man laddar upp en fil med samma namn.
Så nu skulle jag behöve lite hjälp att lägga till kod som blockerar att inte filer skrivs över.

/Jon Lord

PS. koden:

<?php

//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
// You may change maxsize, and allowable upload file types.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
//Mmaximum file size. You may increase or decrease.
$MAX_SIZE = 4500000;

//Allowable file ext. names. you may add more extension names.
$FILE_EXTS = array('.txt','.doc');

//Allow file delete? no, if only allow upload only
$DELETABLE = false;


//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
// Do not touch the below if you are not confident.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/************************************************************
* Setup variables
************************************************************/
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];

$upload_dir = "files/";
$upload_url = $url_dir."/files/";
$message ="";

/************************************************************
* Create Upload Directory
************************************************************/
if (!is_dir("Files")) {
if (!mkdir($upload_dir))
die ("upload_files directory doesn't exist and creation failed");
if (!chmod($upload_dir,0755))
die ("change permission to 755 failed.");
}

/************************************************************
* Process User's Request
************************************************************/
if ($_REQUEST[del] && $DELETABLE) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]n");
fclose($resource);

if (strpos($_REQUEST[del],"/.")>0); //possible hacking
else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking
else if (substr($_REQUEST[del],0,6)==$upload_dir) {
unlink($_REQUEST[del]);
print "<script>window.location.href='$url_this?message=deleted successfully'</script>";
}
}
else if ($_FILES['userfile']) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
.$_FILES['userfile']['name']." "
.$_FILES['userfile']['type']."n");
fclose($resource);

$file_type = $_FILES['userfile']['type'];
$file_name = $_FILES['userfile']['name'];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));

//File Size Check
if ( $_FILES['userfile']['size'] > $MAX_SIZE)
$message = "The file size is over 4.5MB.";
//File Extension Check
else if (!in_array($file_ext, $FILE_EXTS))
$message = "Sorry, $file_name($file_type) is not allowed to be uploaded.";
else
$message = do_upload($upload_dir, $upload_url);

print "<script>window.location.href='$url_this?message=$message'</script>";
}
else if (!$_FILES['userfile']);
else
$message = "Invalid File Specified.";

/************************************************************
* List Files
************************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist .= "".$file."";
if ($DELETABLE)
$filelist .= " x";
$filelist .= "<sub><small><font color=grey> ".date("d-m H:i", filemtime($upload_dir.$file))
."</font>
</small></sub>";
$filelist .="
";
}
}

function do_upload($upload_dir, $upload_url) {

$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];
$file_name = str_replace("","",$file_name);
$file_name = str_replace("'","",$file_name);
$file_path = $upload_dir.$file_name;

//File Name Check
if ( $file_name =="") {
$message = "Invalid File Name Specified";
return $message;
}

$result = move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0777))
$message = "change permission to 777 failed.";
else
$message = ($result)?"$file_name uploaded successfully." :
"Somthing is wrong with uploading a file.";
return $message;
}

?>
<body bottommargin="0" topmargin="0" rightmargin="0" bgcolor="#0C0C0C" link="#E8BF74" vlink="#E8BF74" alink="#E8BF74" text="#BFB7AE" leftmargin="0" marginwidth="0" marginheight="0">


<style>
<!--
a:link {color:#e8bf74; text-decoration: none}
a:visited {color:#e8bf74; text-decoration: none}
a:active {color:#e8bf74; text-decoration: none}
a:hover {color:#f2e7d3; text-decoration: none; background-color:;}
body
-->
</style>

<center>
<font size=2>
<H2>Free File Uploading</H2>


Here you can upload files for free, notice that files may be removed without notice!


Click Here Click here to see the files, shows also the size and date of the files[/b]</p>
</font size>

<font size=2>
Max file size: 4.5mb


Files allowed: [.Txt] [.Doc] [/b] </font size>





</center>

<center>
<font color=red><?=$_REQUEST[message]?></font>

<form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
Upload File <input type="file" id="userfile" name="userfile">
<input type="submit" name="upload" value="Upload">
</form>

<hr width=100%>



-Files Uploaded-
<hr width=50%>
<?=$filelist?>
<hr width=50%>

<sup>Powered by
TailoredWeb
</sup>

</center>
Jon lord
Kommer du hit ofta?
Medlem
Forum Posts: 382
Member Since:
December 8, 2005
sp_UserOfflineSmall Offline
1155495
September 9, 2007 - 7:44 pm
sp_Permalink sp_Print

Jap så fick ja mycket hjälp av två vänliga själar på nordichardware irc som löste detta och vill tacka dom för deras insats :bgrin:

Om ngn behöver koden:

<?php

//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
// You may change maxsize, and allowable upload file types.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
//Mmaximum file size. You may increase or decrease.
$MAX_SIZE = 4500000;

//Allowable file ext. names. you may add more extension names.
$FILE_EXTS = array('.txt','.doc');

//Allow file delete? no, if only allow upload only
$DELETABLE = false;


//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
// Do not touch the below if you are not confident.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/************************************************************
* Setup variables
************************************************************/
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];

$upload_dir = "files/";
$upload_url = $url_dir."/files/";
$message ="";

/************************************************************
* Create Upload Directory
************************************************************/
if (!is_dir("Files")) {
if (!mkdir($upload_dir))
die ("upload_files directory doesn't exist and creation failed");
if (!chmod($upload_dir,0755))
die ("change permission to 755 failed.");
}

/************************************************************
* Process User's Request
************************************************************/
if ($_REQUEST[del] && $DELETABLE) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]n");
fclose($resource);

if (strpos($_REQUEST[del],"/.")>0); //possible hacking
else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking
else if (substr($_REQUEST[del],0,6)==$upload_dir) {
unlink($_REQUEST[del]);
print "<script>window.location.href='$url_this?message=deleted successfully'</script>";
}
}
else if ($_FILES['userfile']) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
.$_FILES['userfile']['name']." "
.$_FILES['userfile']['type']."n");
fclose($resource);

$file_type = $_FILES['userfile']['type'];
$file_name = $_FILES['userfile']['name'];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));

//File Size Check
if ( $_FILES['userfile']['size'] > $MAX_SIZE)
$message = "The file size is over 4.5MB.";
//File Extension Check
else if (!in_array($file_ext, $FILE_EXTS))
$message = "Sorry, $file_name($file_type) is not allowed to be uploaded.";
else
$message = do_upload($upload_dir, $upload_url);

print "<script>window.location.href='$url_this?message=$message'</script>";
}
else if (!$_FILES['userfile']);
else
$message = "Invalid File Specified.";

/************************************************************
* List Files
************************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist .= "".$file."";
if ($DELETABLE)
$filelist .= " x";
$filelist .= "<sub><small><font color=grey> ".date("d-m H:i", filemtime($upload_dir.$file))
."</font>
</small></sub>";
$filelist .="
";
}
}

function do_upload($upload_dir, $upload_url) {


$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];
$folder=dir($upload_dir);
while($folderEntry=$folder->read()) {
if ($folderEntry == $file_name) {
$message = "A file with that name already exists!";
return $message;
}
}$file_name = str_replace("","",$file_name);
$file_name = str_replace("'","",$file_name);
$file_path = $upload_dir.$file_name;

//File Name Check
if ( $file_name =="") {
$message = "Invalid File Name Specified";
return $message;
}

$result = move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0777))
$message = "change permission to 777 failed.";
else
$message = ($result)?"$file_name uploaded successfully." :
"Somthing is wrong with uploading a file.";
return $message;
}

?>
<body bottommargin="0" topmargin="0" rightmargin="0" bgcolor="#0C0C0C" link="#E8BF74" vlink="#E8BF74" alink="#E8BF74" text="#BFB7AE" leftmargin="0" marginwidth="0" marginheight="0">


<style>
<!--
a:link {color:#e8bf74; text-decoration: none}
a:visited {color:#e8bf74; text-decoration: none}
a:active {color:#e8bf74; text-decoration: none}
a:hover {color:#f2e7d3; text-decoration: none; background-color:;}
body
-->
</style>

<center>
<font size=2>
<H2>Free File Uploading</H2>


Here you can upload files for free, notice that files may be removed without notice!


Click Here Click here to see the files, shows also the size and date of the files[/b]</p>
</font size>

<font size=2>
Max file size: 4.5mb


Files allowed: [.Txt] [.Doc] [/b] </font size>





</center>

<center>
<font color=red><?=$_REQUEST[message]?></font>

<form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
Upload File <input type="file" id="userfile" name="userfile">
<input type="submit" name="upload" value="Upload">
</form>

<hr width=100%>



-Files Uploaded-
<hr width=50%>
<?=$filelist?>
<hr width=50%>

<sup>Powered by
TailoredWeb
</sup>

</center>
Forum Timezone: Europe/Stockholm
Most Users Ever Online: 1030
Currently Online:
Guest(s) 62
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Andreas Galistel: 16287
Jonas Klar: 15897
ilg@dd: 10810
Nyhet: 10607
Mind: 10550
Ctrl: 10355
Gueno: 9881
Guest: 9344
Snorch: 8881
Callister: 8468
Newest Members:
PetrbonFU PetrbonFU
Karine Bembry
Dolores Mcdaniels
Anibal McLeish
Francisca Alt
Alfie Everhart
Lester Huitt
Orlando Jorgensen
Mikki Lundgren
Dakota Kozlowski
Forum Stats:
Groups: 11
Forums: 59
Topics: 146630
Posts: 1300967

 

Member Stats:
Guest Posters: 2
Members: 79425
Moderators: 0
Admins: 11
Administrators: nordicadmin, Henrik Berntsson, Anton Karmehed, Carl Holmberg, Joel Oscarsson, Mikael Linnér, Mikael Schwartz, Andreas Paulsson, Nickebjrk, Mattias Pettersson, EmxL