PHP Code:
<?php
include("../web/config.php");
include("../web/core.php");
connectdb();
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$uid = getuid_sid($sid);
$desc = $_POST['desc'];
$upload = $_POST['upload'];
$superdat = $_FILES['superdat']['tmp_name'];
$superdat_name=$_FILES['superdat']['name'];
$superdat_size=$_FILES['superdat']['size'];
echo("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD XHTML Mobile 1.0//EN\"". " \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";
?>
<head>
<title>Uploader</title>
<link rel=\"StyleSheet\" type=\"text/css\" href=\"../themes/cx.css\" />
<meta forua="true" http-equiv="Cache-Control" content="no-cache"/>
<meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/>
<?php
?>
</head>
<body>
<?php
if((islogged($sid)==false)||($uid==0))
{
echo "<center><img src=\"images/notok.gif\" alt=\"\"/><small>You are not logged in<br/>";
echo "or your session has expired.<br/><br/>";
echo "
<form action=\"login.php\" method=\"get\">
<img src=\"images/user.gif\" alt=\"\"/>Enter username:<br/>
<input id=\"inputText\" name=\"loguid\" maxlength=\"30\"/><br/>
<img src=\"images/pass.gif\" alt=\"\"/>Enter password:<br/>
<input id=\"inputText\" type=\"password\" format=\"*x\" name=\"logpwd\" maxlength=\"30\"/><br/>
<input id=\"inputButton\" type=\"submit\" value=\"Login\"/><br/>
</form>
<br/><br/><img src=\"images/register.gif\" alt=\"\"/><a href=\"register.php\">Register</a>
<br/><img src=\"images/home.gif\" alt=\"\"/><a href=\"index.php\">Home</a>
</small></center></div></div></body></html>";
exit();
}
if(isbanned($uid))
{
echo "<small><p align=\"center\"><img src=\"images/notok.gif\" alt=\"\"/>
You have been <b>BANNED!</b><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM cx_penalties WHERE uid='".$uid."' AND penalty='1'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM cx_users WHERE id='".$uid."'"));
$remain = $banto[0] - time();
$rmsg = gettimemsg($remain);
echo "Ban Reason: ".$banres[0]." <br/>You can login again after ".$rmsg."
</p></small></div></div>
</body>
</html>";
exit();
}
echo "<small><p>";
echo "<link rel=\"StyleSheet\" type=\"text/css\" href=\"../themes/cx.css\" />";
addonline(getuid_sid($sid),"Uploading a file at Uploads Center","");
if ($upload="upload"&&$superdat_name){
if (!eregi("\.(mid|gif|bmp|midi|3gp|mp3|wav|jar|jad|m4a|jpeg|jpg|mpg|rtf|txt|doc|gif|jpg|jpeg|bmp|Gif|Jpeg|mpeg|sis|mmf|nth|thm|amr|png|wbmp|pdf|mp4|avi|zip|rar|7z|sisx)$",$superdat_name)){
if (!eregi("\.(php.jpg|php.jad|php.jar|php.gif)$",$superdat_name)){
print "<b>Sorry, Your Attempt to upload PHP files and hack the site has been blocked, staff have also been informed of your attempt.</b>";
$sqlstaff=mysql_query("SELECT * FROM cx_users WHERE perm>0");
while($row=mysql_fetch_array($sqlstaff))
{
$user=getnick_sid($sid);
$msg="A user has just attempted to Upload a file classed as a hacking tool. please deal with the user, their nick is ".$user." Thanks, Rampage";
autopm($msg, $row["id"]);
}
$sid = $_GET["sid"];
$who = $_GET["who"];
$uid = getuid_sid($sid);
$who = $_GET["who"];
$uid = getuid_sid($sid);
$brws = explode(" ",$HTTP_USER_AGENT);
$uip = getip();
$time = time() + (17 * 60 * 60);
$newtime = date("H:i",$time);
$date = strtotime('+17 hours');
$newdate = date('D jS M y',$date);
$master = getnick_uid(getuid_sid($sid));
mysql_query("INSERT INTO cx_mlog SET action='Invallid File Upload', details='<br/><u><b>$master</b></u><br/><b>File Name:</b>$superdat_name<br/> <b>Browser:</b> $brws<br/> <b>IP:</b> $uip<br/>', actdt='".time()."'");
print "<b>This attempt has been logged .</b><br/>";
print "<b>Unsupported File Extention! </b>";
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$superdat_name = preg_replace(
'/[^a-zA-Z0-9\.\$\%\'\`\-\@\{\}\~\!\#\(\)\&\_\^]/'
,'',str_replace(array(' ','%20',"'","php"),array('_','_', "","imahackeridiotwhotriedtouploadaphpfile"),$superdat_name));
if(strlen($superdat_name)>255){ print "<b>File Name Is Too Long!</b>";
}
else{
if (empty($superdat)) {
print "<b>No input file specified!!!</b>";
}else{
$rampagetime = time() + (22 * 60 * 60);
$date=date("l, FdS, Y", $rampagetime)." ".date("h:i:s A", $rampagetime);
$fsize=round($superdat_size/1024,1);
$exi1 = mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM cx_uploads WHERE filename='".$superdat_name."' AND filesize='".$fsize." KB'"));
if($exi1[0]>0){
print "<b>File already exists with same name and file size!!!</b>";
exit();
}
else{
$exi2 = mysql_fetch_array(mysql_query("SELECT COUNT(id), MAX(id) FROM cx_uploads WHERE filename='".$superdat_name."' AND filesize!='".$fsize." KB'"));
if($exi2[0]>0){
$superdat_name="1".$superdat_name;
$flag1="<br/>Filename already existed but file didnt match so it was renamed and prefixed witha 1";
}
}
echo mysql_error();
$ext = explode(".", strrev($superdat_name));
switch(strtolower($ext[0])){
case "dim":
$type="audio";
break;
case "idim":
$type="audio";
break;
case "3pm":
$type="audio";
break;
case "vaw":
$type="audio";
break;
case "fmm":
$type="audio";
break;
case "rma":
$type="audio";
break;
case "a4m":
$type="audio";
break;
case "fig":
$type="image";
break;
case "gnp":
$type="image";
break;
case "gpj":
$type="image";
break;
case "gepj":
$type="image";
break;
case "pmb":
$type="image";
break;
case "pmbw":
$type="image";
break;
case "pg3":
$type="video";
break;
case "iva":
$type="video";
break;
case "4pm":
$type="video";
break;
case "gpm":
$type="video";
break;
case "gepm":
$type="video";
break;
case "cod":
$type="document";
break;
case "ftr":
$type="document";
break;
case "txt":
$type="document";
break;
case "fdp":
$type="document";
break;
case "piz":
$type="archive";
break;
case "z7":
$type="archive";
break;
case "rar":
$type="archive";
break;
case "raj":
$type="apps";
break;
case "daj":
$type="apps";
break;
case "sis":
$type="apps";
break;
case "xsis":
$type="apps";
break;
case "exe":
$type="apps";
break;
case "htn":
$type="apps";
break;
case "mht":
$type="apps";
break;
}
move_uploaded_file("$superdat", "../dload/$superdat_name") or
die("Couldn't copy file.");
$mysql=mysql_query("INSERT INTO cx_uploads SET id='', uid='".$uid."', mime='".$type."', filename='".$superdat_name."', filesize='".$fsize." KB', description='".$desc."', date='".$date."', device='".$HTTP_USER_AGENT."', number='".$HTTP_MSISDN.$HTTP_X_MSISDN.$HTTP_X_NOKIA_MSISDN.$HTTP_X_NETWORK_INFO."', uip='".$REMOTE_ADDR."'");
$upplsel=mysql_fetch_array(mysql_query("SELECT plusses from cx_users WHERE id='".$uid."'"));
$afuppl=$upplsel[0]+10;
mysql_query("UPDATE cx_users SET plusses='".$afuppl."' WHERE id='".$uid."'");
echo "<b>$superdat_name</b> has successfully been uploaded to the Uploads Center!$flag1";
}
}
}
}
}
?>
<?php
echo "<form align=\"center\" action=\"upload.php?sid=$sid\" method=\"post\" enctype=\"multipart/form-data\">";
?>»Uploading porn material will lead to your permanent banning from the site!<br/>
»Upload file size limit is 2MB<br/>
<b>Enter file description(Maximum 255 chars):</b><br/>
<input id="inputText" align="center" type="text" name="desc" maxlength="255"/><br/>
<b>Select File To Be Uploaded :</b><br/>
<input id="inputText" align="center" type="file" name="superdat"/><br/>
<input id="inputText" align="center" type="hidden" name="upload" value="upload"/>
<input id="inputButton" align="center" type="submit" name="submit" value="Upload File!"/><br/><br/> <b><u>You can upload files with folowing extentions:</u></b><br/>
Audio: mid, midi, mp3, wav, mmf, amr<br/>Image: gif, bmp, jpeg, jpg, png, wbmp<br/>Video: 3gp, mpg, avi, mp4 <br/>
Applications: jar, jad, sis, sisx, exe, nth, thm<br/>Archives: zip, 7z, rar<br/>Documents: rtf, doc, txt, pdf<br/>
<hr/>
<?php
echo "<br/><a href=\"share.php?sid=$sid\">Browse uploaded files</a>";
?>
</form>
</p></small>
<?php
?>
</body></html>
Comment