Need help |
Need help |
qwardak |
Mar 19 2007, 02:46 PM
Post
#1
|
Group: Members Posts: 1 Joined: 19-March 07 Member No.: 2,256 |
ok i am trying to make it so the visitors to my site can upload theirfiles to my directory of my site (named files) i have created a .php file that looks like this
<!--p //vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv // You may change maxsize, and allowable upload file types. //^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ //Mmaximum file size. You may increase or decrease. $MAX_SIZE = 2000000; //Allowable file ext. names. you may add more extension names. $FILE_EXTS = array('.zip','.jpg','.png','.gif','.doc'); //Allow file delete? no, if only allow upload only $DELETABLE = true; //vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv // Do not touch the below if you are not confident. //^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ /************************************************************ * Setup variables ************************************************************/ $site_name = $_SERVER['HTTP_HOST']; $url_dir = "http://qwardak.my10gb.com/files".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); $url_this = "http://qwardak.my10gb.com/index.html".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']; $upload_dir = "files/"; $upload_url = $url_dir."/files/"; $message =" thank you for uploading your image"; /************************************************************ * Create Upload Directory ************************************************************/ if (!is_dir("files")) { if (!mkdir($upload_dir)) die ("upload_files directory doesn't exist and creation failed"); if (!chmod($upload_dir,0755)) die ("change permission to 755 failed."); } /************************************************************ * Process User's Request ************************************************************/ if ($_REQUEST[del] && $DELETABLE) { $resource = fopen("log.txt","a"); fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]n"); fclose($resource); if (strpos($_REQUEST[del],"/.-->0); //possible hacking else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking else if (substr($_REQUEST[del],0,6)==$upload_dir) { unlink($_REQUEST[del]); print "<script>window.location.href='$url_this?message=deleted successfully'</script>"; } } else if ($_FILES['userfile']) { $resource = fopen("log.txt","a"); fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]" .$_FILES['userfile']['name']." " .$_FILES['userfile']['type']."n"); fclose($resource); $file_type = $_FILES['userfile']['type']; $file_name = $_FILES['userfile']['name']; $file_ext = strtolower(substr($file_name,strrpos($file_name,"."))); //File Size Check if ( $_FILES['userfile']['size'] > $MAX_SIZE) $message = "The file size is over 2MB."; //File Extension Check else if (!in_array($file_ext, $FILE_EXTS)) $message = "Sorry, $file_name($file_type) is not allowed to be uploaded."; else $message = do_upload($upload_dir, $upload_url); print "<script>window.location.href='$url_this?message=$message'</script>"; } else if (!$_FILES['userfile']); else $message = "Invalid File Specified."; /************************************************************ * List Files ************************************************************/ $handle=opendir($upload_dir); $filelist = ""; while ($file = readdir($handle)) { if(!is_dir($file) && !is_link($file)) { $filelist .= "<a href="$upload_dir$file">".$file."</a> - URL: <strong>$upload_url$file</strong>"; if ($DELETABLE) $filelist .= " Added at ".date("d-m H:i", filemtime($upload_dir.$file)) .""; $filelist .= " <a title="delete" style="FONT-WEIGHT: bold; TEXT-DECORATION: none" href="?del=$upload_dir".urlencode($file)."">x</a>"; $filelist .="<br /> "; } } function do_upload($upload_dir, $upload_url) { $temp_name = $_FILES['userfile']['tmp_name']; $file_name = $_FILES['userfile']['name']; $file_name = str_replace("","",$file_name); $file_name = str_replace("'","",$file_name); $file_path = $upload_dir.$file_name; //File Name Check if ( $file_name =="") { $message = "Invalid File Name Specified"; return $message; } $result = move_uploaded_file($temp_name, $file_path); if (!chmod($file_path,0777)) $message = "change permission to 777 failed."; else $message = ($result)?"$file_name was uploaded successfully." : "Something is wrong with uploading the file."; return $message; } ?> i bit messy but anyway my .html file looks like this.... <link href="style.css" rel="stylesheet" /><br /> <br /> <center><font color="#ff0000"><!--_REQUEST[message--></font><br /> <form id="upload" action="http://qwardak.my10gb.com/upload.php" method="post" enctype="multipart/form-data" name="upload"> Upload File <input id="userfile" type="file" name="userfile" /> <input type="submit" name="upload" value="Upload" /> </form> <br /> <strong><u>Uploaded files:</u><br /> <br /> <!--filelis--><br /> </strong></center> i dont know what i am doing wrong when i remove the " action="http://qwardak.my10gb.com/upload.php" it process like it were uploading but it doesnt show in my directory afterwards and when i add that it does not work at all. it would please me greatly if som1 could fix my code up for me, btw i know that u have to change permissions in the folder which i have no idea how to do, and i use my10gb.com as my provider so if u can tell me how to do so it would be greatly appreciated, thank you in advance qwardak |
Lo-Fi Version | Time is now: 6th June 2024 - 09:41 PM |