PHP קוד:
<?php
/*
Silentum Uploader v1.5.0
Modified February 11, 2009
uploader.php copyright 2005-2009 "HyperSilence"
*/
// Begin options
$file_extensions = array(".doc", ".gif", ".htm", ".html", ".jpg", ".png", ".txt",".avi",".mpg"); // Add or delete the file extensions you want to allow
$file_extensions_list = ".doc, .gif, .htm, .html, .jpg, .png, .txt, .avi, .mpg"; // Type the same as above, without the quotes separating them
$max_length = 30; // The maximum character length for a file name
$maximum_file_size = "51200"; // In bytes
$upload_log_file = "upload_log.txt"; // Change this to the log file you want to use
// End options
// If you're using a different folder name for uploaded files other than "files", change both occurrences of "files" on lines 27 and 28 below
$folder_directory = "http://".$_SERVER["HTTP_HOST"].dirname($_SERVER["PHP_SELF"]);
$message = "";
$set_chmod = 0;
$site_uri = "http://".$_SERVER["HTTP_HOST"].$_SERVER["PHP_SELF"];
$upload_directory = "../files/".$type."/";
$upload_uri = $folder_directory."../files/".$type."/";
$folder_name_length = strlen($upload_directory);
if($_FILES["userfile"]) {
$resource = fopen($upload_log_file,"a");
fwrite($resource,date("F d, Y / h:i:sa")." - ".$_FILES["userfile"]["name"]." "
.$_FILES["userfile"]["type"]." uploaded by ".$_SERVER["REMOTE_ADDR"]."\n");
fclose($resource);
$file_type = $_FILES["userfile"]["type"];
$file_name = $_FILES["userfile"]["name"];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
@chmod($upload_uri."".$file_name, 0755);
if($_FILES["userfile"]["size"] > $maximum_file_size) {
$message = "ERROR: File size cannot be over ".$maximum_file_size." bytes.";
}
elseif($file_name == "") $message = "ERROR: Please select a file to upload.";
elseif(file_exists($upload_directory.$file_name)) $message = "ERROR: A file with that name already exists.";
elseif(strlen($file_name) > $max_length) $message = "ERROR: The maximum length for a file name is ".$max_length." characters.";
elseif(!preg_match("/^[A-Z0-9_.\- ]+$/i",$file_name)) $message = "ERROR: Your file name contains invalid characters.";
elseif(!in_array($file_ext, $file_extensions)) $message = "ERROR: <ins>$file_ext</ins> is not an allowed file extension.";
else $message = upload_file($upload_directory, $upload_uri);
if($type=="photos"){
$query = mysql_query("INSERT INTO photos(src) VALUES('files/photos/".$file_name."')") or die(mysql_error());
}
if($type=="videos"){
$query = mysql_query("INSERT INTO videos(adress) VALUES('files/videos/".$file_name."')") or die(mysql_error());
}
header("Location: index.php?cat=$type&add=1");
}
elseif(!$_FILES["userfile"]);
else $message = "ERROR: Invalid file specified.";
$open = opendir($upload_directory);
$uploaded_files = "";
while($file = readdir($open)) {
if(!is_dir($file) && !is_link($file)) {
$uploaded_files .= " <tr>
<td style=\"background: #fff; color: #000; text-align: left\"><a href=\"$upload_directory$file\" title=\"$file (".filesize($upload_directory.$file)." bytes)\">".$file."</a> (".filesize($upload_directory.$file)." bytes)</td>
</tr>
<tr>
<td style=\"background: #eee; color: #000; text-align: left; text-indent: 20px\">Uploaded <strong>".date("F d, Y / h:ia", filemtime($upload_directory.$file))."</strong></td>";
$uploaded_files .="
</tr>
";
}
}
function upload_file($upload_directory, $upload_uri) {
$file_name = $_FILES["userfile"]["name"];
$file_name = str_replace(" ","_",$file_name);
$file_path = $upload_directory.$file_name;
$temporary = $_FILES["userfile"]["tmp_name"];
$result = move_uploaded_file($temporary, $file_path);
if(!chmod($file_path,0777))
$message = "ERROR: A folder to place the files was not found, or the files need to be CHMODed to 777.";
else $message = ($result)?"File has been uploaded." : "An error has occurred.";
return $message;
}
?>
נסה ככה