<?php
//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
// You may change maxsize, and allowable upload file types.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
//Mmaximum file size. You may increase or decrease.
$MAX_SIZE = 20000000;
//Allowable file Mime Types. Add more mime types if you want
$FILE_MIMES = array('image/jpeg','image/jpg','image/gif'
,'image/png','application/msword','video/mpg','video/avi','video/mov','text/plain');
//Allowable file ext. names. you may add more extension names.
$FILE_EXTS = array('.zip','.jpg','.png','.gif','.rar','.mov','.avi','.mpg','.exe','.doc'.'.psd','.dbs','.html','.php','.divx','.zip','.txt','.ppt');
//Allow file delete? no, if only allow upload only
$DELETABLE = false;
//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
// Do not touch the below if you are not confident.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/************************************************************
* Setup variables
************************************************************/
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$upload_dir = "files/";
$upload_url = $url_dir."/files/";
$message ="";
/************************************************************
* Create Upload Directory
************************************************************/
if (!is_dir("files")) {
if (!mkdir($upload_dir))
die ("upload_files directory doesn't exist and creation failed");
if (!chmod($upload_dir,0755))
die ("change permission to 755 failed.");
}
/************************************************************
* Process User's Request
************************************************************/
if ($_REQUEST[del] && $DELETABLE) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n");
fclose($resource);
if (strpos($_REQUEST[del],"/.")>0); //possible hacking
else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking
else if (substr($_REQUEST[del],0,6)==$upload_dir) {
unlink($_REQUEST[del]);
print "<script>window.location.href='$url_this?message=deleted successfully'</script>";
}
}
else if ($_FILES['userfile']) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
.$_FILES['userfile']['name']." "
.$_FILES['userfile']['type']."\n");
fclose($resource);
$file_type = $_FILES['userfile']['type'];
$file_name = $_FILES['userfile']['name'];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
//File Size Check
if ( $_FILES['userfile']['size'] > $MAX_SIZE)
$message = "The file size is over 2MB.";
//File Type/Extension Check
else if (!in_array($file_type, $FILE_MIMES)
&& !in_array($file_ext, $FILE_EXTS) )
$message = "Sorry, $file_name($file_type) is not allowed to be uploaded.";
else
$message = do_upload($upload_dir, $upload_url);
print "<script>window.location.href='$url_this?message=$message'</script>";
}
else if (!$_FILES['userfile']);
else
$message = "Invalid File Specified.";
/************************************************************
* List Files
************************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist .= "<a href='$upload_dir$file'>".$file."</a>";
if ($DELETABLE)
$filelist .= " <a href='?del=$upload_dir".urlencode($file)."' title='delete'>x</a>";
$filelist .= "<sub><small><small><font color=grey> ".date("d-m H:i", filemtime($upload_dir.$file))
."</font></small></small></sub>";
$filelist .="<br>";
}
}
function do_upload($upload_dir, $upload_url) {
$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];
$file_name = str_replace("\\","",$file_name);
$file_name = str_replace("'","",$file_name);
$file_path = $upload_dir.$file_name;
//File Name Check
if ( $file_name =="") {
$message = "Invalid File Name Specified, name it properly u silly noob";
return $message;
}
$result = move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0777))
$message = "change permission to 777 failed.";
else
$message = ($result)?"$file_name uploaded successfully." :
"Somthing is wrong with uploading a file, or your just stupid !";
return $message;
}
?><title>UPDOWN SHEEP LOVERS !!!</title>
<center>
<font color=red><?=$_REQUEST[message]?></font>
<br>
<form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
Upload File <input type="file" id="userfile" name="userfile">
<input type="submit" name="upload" value="Upload">
</form>
<br><b>My Sheep</b>
<hr width=70%>
<?=$filelist?>
<hr width=70%>
<small><sup>Developed By
<a style="text-decoration:none" href="http://fluffysheep.com">MADE BY SHEEP LOVERS</a>
</sup></small>
</center>
geiogunn said:I have a simple one. You can see what its like here
Code://vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv // You may change maxsize, and allowable upload file types. //^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ //Mmaximum file size. You may increase or decrease. $MAX_SIZE = 20000000; //Allowable file Mime Types. Add more mime types if you want $FILE_MIMES = array('image/jpeg','image/jpg','image/gif' ,'image/png','application/msword','video/mpg','video/avi','video/mov','text/plain'); //Allowable file ext. names. you may add more extension names. $FILE_EXTS = array('.zip','.jpg','.png','.gif','.rar','.mov','.avi','.mpg','.exe','.doc'.'.psd','.dbs','.html','.php','.divx','.zip','.txt','.ppt'); //Allow file delete? no, if only allow upload only $DELETABLE = false; //vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv // Do not touch the below if you are not confident. //^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ /************************************************************ * Setup variables ************************************************************/ $site_name = $_SERVER['HTTP_HOST']; $url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); $url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']; $upload_dir = "files/"; $upload_url = $url_dir."/files/"; $message =""; /************************************************************ * Create Upload Directory ************************************************************/ if (!is_dir("files")) { if (!mkdir($upload_dir)) die ("upload_files directory doesn't exist and creation failed"); if (!chmod($upload_dir,0755)) die ("change permission to 755 failed."); } /************************************************************ * Process User's Request ************************************************************/ if ($_REQUEST[del] && $DELETABLE) { $resource = fopen("log.txt","a"); fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n"); fclose($resource); if (strpos($_REQUEST[del],"/.")>0); //possible hacking else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking else if (substr($_REQUEST[del],0,6)==$upload_dir) { unlink($_REQUEST[del]); print "<script>window.location.href='$url_this?message=deleted successfully'</script>"; } } else if ($_FILES['userfile']) { $resource = fopen("log.txt","a"); fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]" .$_FILES['userfile']['name']." " .$_FILES['userfile']['type']."\n"); fclose($resource); $file_type = $_FILES['userfile']['type']; $file_name = $_FILES['userfile']['name']; $file_ext = strtolower(substr($file_name,strrpos($file_name,"."))); //File Size Check if ( $_FILES['userfile']['size'] > $MAX_SIZE) $message = "The file size is over 2MB."; //File Type/Extension Check else if (!in_array($file_type, $FILE_MIMES) && !in_array($file_ext, $FILE_EXTS) ) $message = "Sorry, $file_name($file_type) is not allowed to be uploaded."; else $message = do_upload($upload_dir, $upload_url); print "<script>window.location.href='$url_this?message=$message'</script>"; } else if (!$_FILES['userfile']); else $message = "Invalid File Specified."; /************************************************************ * List Files ************************************************************/ $handle=opendir($upload_dir); $filelist = ""; while ($file = readdir($handle)) { if(!is_dir($file) && !is_link($file)) { $filelist .= "<a href='$upload_dir$file'>".$file."</a>"; if ($DELETABLE) $filelist .= " <a href='?del=$upload_dir".urlencode($file)."' title='delete'>x</a>"; $filelist .= "<sub><small><small><font color=grey> ".date("d-m H:i", filemtime($upload_dir.$file)) ."</font></small></small></sub>"; $filelist .="<br>"; } } function do_upload($upload_dir, $upload_url) { $temp_name = $_FILES['userfile']['tmp_name']; $file_name = $_FILES['userfile']['name']; $file_name = str_replace("\\","",$file_name); $file_name = str_replace("'","",$file_name); $file_path = $upload_dir.$file_name; //File Name Check if ( $file_name =="") { $message = "Invalid File Name Specified, name it properly u silly noob"; return $message; } $result = move_uploaded_file($temp_name, $file_path); if (!chmod($file_path,0777)) $message = "change permission to 777 failed."; else $message = ($result)?"$file_name uploaded successfully." : "Somthing is wrong with uploading a file, or your just stupid !"; return $message; } ?><title>UPDOWN SHEEP LOVERS !!!</title> <center> <font color=red><?=$_REQUEST[message]?></font> <br> <form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post"> Upload File <input type="file" id="userfile" name="userfile"> <input type="submit" name="upload" value="Upload"> </form> <br><b>My Sheep</b> <hr width=70%> <?=$filelist?> <hr width=70%> <small><sup>Developed By <a style="text-decoration:none" href="http://fluffysheep.com">MADE BY SHEEP LOVERS</a> </sup></small> </center>
//Allowable file Mime Types. Add more mime types if you want
$FILE_MIMES = array('image/jpeg','image/jpg','image/gif'
,'image/png','application/msword','video/mpg','video/avi','video/mov','text/plain','image/bmp');
//Allowable file ext. names. you may add more extension names.
$FILE_EXTS = array('.zip','.jpg','.png','.gif','.rar','.mov','.avi','.mpg','.exe','.doc'.'.psd','.dbs','.html','.php','.divx','.zip','.txt','.ppt','.bmp');
Thanks! I wonderd why it wasnt workinjstgermain said:you forgot one very important part of the code, even in the demo. the <? before all the code so that it knows it is php and starting to define the variables. then it should work.:biggrin2:
geiogunn said:Thanks! I wonderd why it wasnt workin
brotherhewd said:
lebanese said:guys ...i need it free ...the script i need will allow me to upload files , and files uploaded can't be shown , and link will be given to the uploaded ...
thats all