/* Simple Upload manager
Script Version 0.4, copyright RRWH.com 2004
This script is distributed under the licence conditions on the website http://rrwh.com/scripts.php
This script is a simple interface to allow you to upload files to a configured directory on your server. It will additionally automatically create sub-directories if you want it to. Additionally, It will let you do a directory listing of the base directory or any specified sub-directory.
You only need to modify the $password and $dir variable and ensure that the directory exists on the server and the permission is set to 777
You may want to modify the $types if you wish to allow other file types to be uploaded - Be careful not to allow dangerous files to be uploaded to your server.
*/
$pw = 'fred';
$dir = "D:/xampplite/htdocs/"; //Change this to the correct dir RELATIVE TO WHERE THIS SCRIPT IS, or /full/path/
//MIME types to allow, Gif, jpeg, zip ::Edit this to your liking
$types = array("text/plain","application/pdf","image/png","image/x-png","audio/wav","image/gif","image/jpeg","image/pjpeg","application/x-zip-compressed");
// Nothing to edit below here.
//Function to do a directory listing
/*function scandir($dirstr) {
echo "
\n";\n";
passthru("ls -l -F $dirstr 2>&1 ");
echo "
}
*/
//Check to determine if the submit button has been pressed
if((isset($_POST['submit'])) and ($_POST['PW'] == $pw)){
//Shorten Variables
$tmp_name = $_FILES['upload']['tmp_name'];
$new_name = $_FILES['upload']['name'];
$path = $_POST['subdir'];
// $fullpath = $_SERVER['DOCUMENT_ROOT'].'/nc/';
$fullpath = $_SERVER['DOCUMENT_ROOT'].'/up_download/';
// $fullpath = "D:/xampplite/htdocs.'/up_download/' ";
$fullpath = str_replace("..", "", str_replace("\.", "", str_replace("//", "/", $fullpath)));
$clean_name = ereg_replace("[^a-z0-9._]", "", str_replace(" ", "_", str_replace("%20", "_", strtolower($new_name) ) ) );
// lets see if we are uploading a file or doing a dir listing
if(isset($_POST['Dir'])){
echo "Directory listing for $fullpath\n";
scandir("$fullpath");
}else{
//Check MIME Type
if ((in_array($_FILES['upload']['type'], $types)) and (!file_exists($fullpath.$clean_name))){
// create a sub-directory if required
if (!is_dir($fullpath)){
mkdir("$fullpath", 0755);
}
//Move file from tmp dir to new location
move_uploaded_file($tmp_name,$fullpath . $clean_name);
echo "$clean_name of {$_FILES['upload']['size']} bytes was uploaded sucessfully to $fullpath
";
echo "mau lihat isinya";
}else{
//Print Error Message
echo "File {$_FILES['upload']['name']} Was Not Uploaded - bad file type or file already exists
";
//Debug
$name = $_FILES['upload']['name'];
$type = $_FILES['upload']['type'];
$size = $_FILES['upload']['size'];
$tmp = $_FILES['upload']['name'];
echo "Name: $name
Type: $type
Size: $size
Tmp: $tmp";
}
}
} else {
echo 'Ready to upload your file';
} ?>
Tidak ada komentar:
Posting Komentar