-
Notifications
You must be signed in to change notification settings - Fork 1
/
Upload.php
executable file
·125 lines (119 loc) · 4.06 KB
/
Upload.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
/*
Copyright © 2009,2015,2022 Siggi Bjarnason.
Licensed under GNU GPL v3 and later. Check out LICENSE.TXT for details
or see <https://www.gnu.org/licenses/gpl-3.0-standalone.html>
Page to allow for upload of files to the system
*/
require("header.php");
if($WritePriv <= $Priv)
{
$DocRoot = "lib/";
$PageHeader = "File uploads";
$ConfirmationMsg = "The following files were uploaded";
}
else
{
$DocRoot = "upload/";
$PageHeader = "Contribute your photo's here";
$ConfirmationMsg = "Thank you $UsersName for your contribution of the following files";
}
$MaxConLen = return_bytes(ini_get("post_max_size"));
$MaxSize = ini_get("post_max_size");
$MaxFileSize = ini_get("upload_max_filesize");
$MaxFileCount = ini_get("max_file_uploads");
if(isset($_FILES["Docfile"]))
{
$FilesVarCount = count($_FILES["Docfile"]["name"]);
if($FilesVarCount == 1 and $_FILES["Docfile"]["name"][0]=="")
{
printPg("You didn't select any files.","error");
$_POST["btnSubmit"] = "Go Back";
}
}
if(isset($_SERVER["CONTENT_LENGTH"]))
{
$ContLen = $_SERVER["CONTENT_LENGTH"];
if($ContLen > $MaxConLen)
{
$strMsg = "Your upload was " . with_unit($ContLen ) . ". ";
$strMsg .= "This exceeds the content limit of $MaxSize. Please do your upload in smaller chunks.";
printPg($strMsg,"error");
$_POST["btnSubmit"] = "Go Back";
}
}
$dtNow = date('Y-m-d H:i:s');
$PostVarCount = count($_POST);
if(!is_dir($DocRoot))
{
mkdir($DocRoot);
}
if($strReferer != $strPageURL and $PostVarCount > 0)
{
printPg("Invalid operation, Bad Reference!!!","error");
exit;
}
if($PostVarCount == 0 or ($_POST["btnSubmit"] == "Go Back"))
{
printPg("$PageHeader","h1");
printPg("Please note the following limits in place:<br>\n" .
"Total upload limit $MaxSize.<br>\n" .
"Each file limit $MaxFileSize.<br>\n" .
"If you exceed either of those limits you'll be returned to this screen without anything uploaded.<br>\n" .
"In this case try uploading fewer smaller files.<br>\n" .
"If you try to upload more than $MaxFileCount files, only $MaxFileCount of them will be uploaded.</p>\n","note");
print "<form enctype=\"multipart/form-data\" method=\"POST\">\n";
print "<div class=\"MainTextCenter\">File name: \n";
print "<input type=\"file\" name=\"Docfile[]\" size=\"50\" multiple><br><br>\n";
print "<input type=\"Submit\" value=\"Upload\" name=\"btnSubmit\">\n";
print "</form></div>\n";
}
else
{
if($_POST["btnSubmit"] == "Upload")
{
if(isset($_FILES["Docfile"]))
{
$arrRet = FileUpload($_FILES["Docfile"],$DocRoot);
$FileList = $arrRet["Files"];
$SizeTotal = $arrRet["size"];
$arrErrors = $arrRet["err"];
$arrMsg = $arrRet["msg"];
}
else
{
$FileList = "";
$SizeTotal = 0;
$arrErrors = array();
$arrMsg = array();
}
foreach($arrErrors as $strErr)
{
print $strErr;
}
foreach($arrMsg as $strMsg)
{
print $strMsg;
}
print "<div class=\"MainTextCenter\">$ConfirmationMsg. <br>\n";
print $FileList;
print "Total size uploaded " .with_unit($SizeTotal) . "</div>\n";
if($WritePriv > $Priv)
{
$strEmailBody = "$UsersName has submitted the following files for the photo gallary\n";
$strEmailBody .= str_replace("<br>","",$FileList);
$strEmailBody .= "Total size uploaded " .with_unit($SizeTotal) . "\n";
if(EmailText("$SupportEmail","File upload Notification",$strEmailBody,$FromEmail))
{
printPg("We have been notified of your contribution","normal");
}
else
{
printPg("Unable to send notification, please notify us so that we can approve your submission","error");
}
}
print "<div class=\"MainTextCenter\"><form method=\"POST\">\n<input type=\"Submit\" value=\"Go Back\" name=\"btnSubmit\"></form></div>";
}
}
require("footer.php");
?>