mobilezonez new uploader

ozziemale31

Senior Member

Join Date: Jan 2007

Posts: 861
#1

mobilezonez new uploader

09.02.10, 08:09

ok peeps went thru the uploader code and figured out why ppl could upload php scripts well heres the solution

PHP Code:

<?php include("config.php"); include("core.php"); connectdb(); $sid = $_GET["sid"]; $page = $_GET["page"]; $who = $_GET["who"]; $uid = getuid_sid($sid); $desc = $_POST['desc']; $upload = $_POST['upload']; $superdat = $_FILES['superdat']['tmp_name']; $superdat_name=$_FILES['superdat']['name']; $superdat_size=$_FILES['superdat']['size']; echo("<?xml version=\"1.0\" encoding=\"UTF-8\"?>"); echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD XHTML Mobile 1.0//EN\"". " \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">"; echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">"; ?> <head> <title>Uploader</title> <meta forua="true" http-equiv="Cache-Control" content="no-cache"/> <meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/> <?php echo gettheme($sid); ?> </head> <body> <?php if((islogged($sid)==false)||($uid==0)) { boxstart("Error!"); echo "<center><img src=\"images/notok.gif\" alt=\"\"/><small>You are not logged in<br/>"; echo "or your session has expired.<br/><br/>"; echo " <form action=\"login.php\" method=\"get\"> <img src=\"images/user.gif\" alt=\"\"/>Enter username:<br/> <input id=\"inputText\" name=\"loguid\" maxlength=\"30\"/><br/> <img src=\"images/pass.gif\" alt=\"\"/>Enter password:<br/> <input id=\"inputText\" type=\"password\" format=\"*x\" name=\"logpwd\" maxlength=\"30\"/><br/> <input id=\"inputButton\" type=\"submit\" value=\"Login\"/><br/> </form> <br/><br/><img src=\"images/register.gif\" alt=\"\"/><a href=\"register.php\">Register</a> <br/><img src=\"images/home.gif\" alt=\"\"/><a href=\"index.php\">Home</a> </small></center></div></div></body></html>"; exit(); } if(isbanned($uid)) { boxstart("Error!"); echo "<small><p align=\"center\"><img src=\"images/notok.gif\" alt=\"\"/> You have been <b>BANNED!</b><br/>"; $banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'")); $banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'")); $remain = $banto[0] - time(); $rmsg = gettimemsg($remain); echo "Ban Reason: ".$banres[0]." <br/>You can login again after ".$rmsg." </p></small></div></div> </body> </html>"; exit(); } boxstart("Upload File"); echo "<small><p>"; addonline(getuid_sid($sid),"Uploading a file at Uploads Center",""); if ($upload="upload"&&$superdat_name){ if (!eregi("\.(mid|gif|bmp|midi|3gp|mp3|wav|jar|jad|m4a|jpeg|jpg|mpg|rtf|txt|doc|gif|jpg|jpeg|bmp|Gif|Jpeg|mpeg|sis|mmf|nth|thm|amr|png|wbmp|pdf|mp4|avi|zip|rar|7z|sisx)$",$superdat_name)){ print "<b>Unsupported File Extention! Supported types are </b>"; }else{ $superdat_name = preg_replace( '/[^a-zA-Z0-9\.\$\%\'\`\-\@\{\}\~\!\#\&\_\^]/' ,'',str_replace(array(' ','%20',"'"),array('_','_', ""),$superdat_name)); if(strlen($superdat_name)>53){ print "<b>File Name Is Too Long!</b>"; }else{ if (empty($superdat)) { print "<b>No input file specified!!!</b>"; }else{ $rampagetime = time() + (22 * 60 * 60); $date=date("l, FdS, Y", $rampagetime)." ".date("h:i:s A", $rampagetime); $fsize=round($superdat_size/1024,1); $exi1 = mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM ibwf_uploads WHERE filename='".$superdat_name."' AND filesize='".$fsize." KB'")); if($exi1[0]>0){ print "<b>File already exists with same name and file size!!!</b>"; exit(); } else{ $exi2 = mysql_fetch_array(mysql_query("SELECT COUNT(id), MAX(id) FROM ibwf_uploads WHERE filename='".$superdat_name."' AND filesize!='".$fsize." KB'")); if($exi2[0]>0){ $superdat_name="1".$superdat_name; $flag1="<br/>Filename already existed but file didnt match so it was renamed and prefixed witha 1"; } } echo mysql_error(); $ext = explode(".", strrev($superdat_name)); switch(strtolower($ext[0])){ case "dim": $type="audio"; break; case "idim": $type="audio"; break; case "3pm": $type="audio"; break; case "vaw": $type="audio"; break; case "fmm": $type="audio"; break; case "rma": $type="audio"; break; case "a4m": $type="audio"; break; case "fig": $type="image"; break; case "gnp": $type="image"; break; case "gpj": $type="image"; break; case "gepj": $type="image"; break; case "pmb": $type="image"; break; case "pmbw": $type="image"; break; case "pg3": $type="video"; break; case "iva": $type="video"; break; case "4pm": $type="video"; break; case "gpm": $type="video"; break; case "gepm": $type="video"; break; case "cod": $type="document"; break; case "ftr": $type="document"; break; case "txt": $type="document"; break; case "fdp": $type="document"; break; case "piz": $type="archive"; break; case "z7": $type="archive"; break; case "rar": $type="archive"; break; case "raj": $type="apps"; break; case "daj": $type="apps"; break; case "sis": $type="apps"; break; case "xsis": $type="apps"; break; case "exe": $type="apps"; break; case "htn": $type="apps"; break; case "mht": $type="apps"; break; } move_uploaded_file("$superdat", "$ucdir/$superdat_name") or die("Couldn't copy file."); $mysql=mysql_query("INSERT INTO ibwf_uploads SET id='', uid='".$uid."', mime='".$type."', filename='".$superdat_name."', filesize='".$fsize." KB', description='".$desc."', date='".$date."', device='".$HTTP_USER_AGENT."', number='".$HTTP_MSISDN.$HTTP_X_MSISDN.$HTTP_X_NOKIA_MSISDN.$HTTP_X_NETWORK_INFO."', uip='".$REMOTE_ADDR."'"); $upplsel=mysql_fetch_array(mysql_query("SELECT plusses from ibwf_users WHERE id='".$uid."'")); $afuppl=$upplsel[0]+10; mysql_query("UPDATE ibwf_users SET plusses='".$afuppl."' WHERE id='".$uid."'"); echo "<b>$superdat_name</b> has successfully been uploaded to the Uploads Center!$flag1"; } } } } ?> <?php echo "<form align=\"center\" action=\"upload.php?sid=$sid\" method=\"post\" enctype=\"multipart/form-data\">"; ?>»Uploading porn material will lead to your permanent banning from the site!<br/> »Upload file size limit is 2MB<br/> <b>Enter file description(Maximum 255 chars):</b><br/> <input id="inputText" align="center" type="text" name="desc" maxlength="255"/><br/> <b>Select File To Be Uploaded :</b><br/> <input id="inputText" align="center" type="file" name="superdat"/><br/> <input id="inputText" align="center" type="hidden" name="upload" value="upload"/> <input id="inputButton" align="center" type="submit" name="submit" value="Upload File!"/><br/><br/> <b><u>You can upload files with folowing extentions:</u></b><br/> Audio: mid, midi, mp3, wav, mmf, amr<br/>Image: gif, bmp, jpeg, jpg, png, wbmp<br/>Video: 3gp, mpg, avi, mp4 <br/> Applications: jar, jad, sis, sisx, exe, nth, thm<br/>Archives: zip, 7z, rar<br/>Documents: rtf, doc, txt, pdf<br/> <hr/> <?php echo "<br/><a href=\"share.php?sid=$sid\">Browse uploaded files</a>"; ?> </form> </p></small> <?php boxend(); echo getfooter($sid); ?> </body></html>

make a htacess page for share folder and put in it the following

PHP Code:

<Files .htaccessl> Order Deny,Allow Deny from all </Files> RemoveType .pl .cgi .php .php3 .php4 .php5 .xml .phtml .phtm .html .htm .wml .shtm .shtml RemoveHandler .pl .cgi .php .php3 .php4 .php5 .xml .phtml .phtm .html .htm .wml .shtm .shtml

let me know how u guys go

Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free
Tags: None
bjayz

Member

Join Date: Nov 2009

Posts: 94
#2

20.03.10, 18:55

whatz the code...? or the name i will put with that code? EG config.php genproc.php core.php? lol
Comment
slcash

Member

Join Date: Mar 2010

Posts: 75
#3

08.11.11, 09:42

Put this upload.php
Comment

Previous template Next

mobilezonez new uploader

mobilezonez new uploader

Comment

Comment