PHP Code:
<?php
include 'head.php';
include 'db.php';
//$user=$_SESSION['uid'];
$ip = getenv("REMOTE_ADDR") ;
//if(isset($_SESSION['uid']))
//{
$user=$_POST['user'];
$useremail=$_POST['useremail'];
$category=$_POST['category'];
$filename=$_POST['filename'];
$name=$_FILES["file"]["name"];
$type=$_FILES["file"]["type"];
$size=($_FILES["file"]["size"] / 1024);
$comments=$_POST['comments'];
$tdate=date("d/m/y");
$blacklist = array(".php", ".phtml", ".php3", ".php4", ".php5", ".php6", ".cgi", ".fcgi", ".htaccess", ".js", ".shtml", ".pl", ".py", ".exe", ".bat", ".sh");
$filename = $_FILES['file']['name'];
foreach ($blacklist as $type) {
if(preg_match("/$type\$/i", $_FILES['file']['name'])) {
echo "We do not allow uploading PHP files - protected by optical pigion\n";
exit;
}
}
//$sql = mysql_query("SELECT * FROM users WHERE userid='$user'");
//$row = mysql_fetch_array($sql);
//include 'header.php';
//echo "Name: " . $_FILES["file"]["name"] . "<br />";
//echo "Extension: " . $type . "<br />";
//echo "Size: " . $size . " Kb<br />";
if (file_exists("files/$category/" . $_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists please try another or change the file name.<br><br>";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"files/$category/" . $_FILES["file"]["name"]);
//echo "Stored in: " . "files/$category/" . $_FILES["file"]["name"];
$url2="files/".$category."/". $_FILES["file"]["name"];
$url3="files/".$category."-Thumb/". $_FILES["file"]["name"];
//table entry
if ($category=='Applications' || $category=='Games' || $category=='Videos' || $category=='Themes' || $category=='Other' || $category=='E-Books' || $category=='Scripts')
{
$thumb='images/application.gif';
}
elseif ($category=='Ringtones' || $category=='Music')
{
$thumb='images/sound.gif';
}
elseif ($category=='Wallpapers' || $category=='Screensavers')
{
//start thumbnail
function thumbnail_image($original_file_path, $new_width, $new_height, $save_path="",$name2)
{
$imgInfo = getimagesize($original_file_path);
$imgExtension = "";
switch ($imgInfo[2])
{
case 1:
$imgExtension = '.gif';
break;
case 2:
$imgExtension = '.jpg';
break;
case 3:
$imgExtension = '.png';
break;
}
if ($save_path=="") $save_path = "files/Pictures-Thumb/".$name2.$imgExtension ;
// Get new dimensions
list($width, $height) = getimagesize($original_file_path);
// Resample
$imageResample = imagecreatetruecolor($new_width, $new_height);
if ( $imgExtension == ".jpg" )
{
$image = imagecreatefromjpeg($original_file_path);
}
else if ( $imgExtension == ".gif" )
{
$image = imagecreatefromgif($original_file_path);
}
else if ( $imgExtension == ".png" )
{
$image = imagecreatefrompng($original_file_path);
}
imagecopyresampled($imageResample, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
if ( $imgExtension == ".jpg" )
{
imagejpeg($imageResample, $save_path);
}
else if ( $imgExtension == ".gif" )
{
imagegif($imageResample, $save_path);
}
else if ( $imgExtension == ".png" )
{
imagepng($imageResample, $save_path);
}
}
//end thumbnail
$name2=explode(".",$_FILES["file"]["name"]);
thumbnail_image("files/Pictures/$name", "40", "40", "", $name2[0]);
$thumb=$url3;
}
elseif ($category=='Pictures18' || $category=='Videos18' || $category=='Other18')
{
$thumb='images/adult.gif';
}
$url="files/".$category."/". $_FILES["file"]["name"];
mysql_query("insert into downloads (filename, type, size, category, comments, url, uploadedby, date, ip, thumb, useremail)
values('$name', '$type', '$size', '$category', '$comments', '$url', '$user', now(), '$ip', '$thumb', '$useremail')") or die (mysql_error());
echo "<br><font color='#80ff00'>Your file has been uploaded successfully, please upload more below: </font>";
include 'upload.htm';
//echo "<br><a href=".$url.">".$url."</a>";
}
include 'foot.php';
?>
In upload.htm this the code I'm using
PHP Code:
<form action="fileupload.php" method="POST" enctype="multipart/form-data">
<b>URL of file:</b><br/>
<input type="text" name="furl"><br/>
<b>File Name:</b><br/>
<input type="text" name="name"><br/>
<b>Your Name:</b> (optional)<br/>
<input type='text' name='user'>
<br/><b>Your Email:</b> (optional)<br/><input type='text' name='useremail'><br/>
<b>Please Select Category:</b><br/>
<select size="1" name="category"><option value="Applications">Applications</option><option value="Games">Games</option><option value="Wallpapers">Wallpapers</option><option value="E-Books">E-Books</option><option value="Videos">Videos</option><option value="Music">Music</option><option value="Ringtones">Ringtones</option><option value="Themes">Themes</option><option value="Scripts">Scripts</option><option value="Other">Other</option></select><br/>You can only upload files with following extensions: *.swf *.mid *.gif *.bmp *.midi *.3gp *.mp4 *.avi *.mp3 *.m4a *.aac *.wav *.mpn *.nth *.mpc *.jar *.jpeg *.jpg *.sis *.sisx *.mmf *.amr *.thm *.png *.wbmp (max file size 20MB)
<br/><b>Description:</b><br/><textarea rows="5" name="comments" cols="25"></textarea><br/>
<input type="submit" name="submit" value="Upload">
<br>!!WARNING!! We have a zero tolerance policy on people uploading illegal files, we save all information about you in our database. If we recognize that you have uploaded illegal content we will report it immediately to the appropriate authorities.</form>