<?php
include("global.php");
include("function.php");
### post.php ###
// takes the uploaded files and places them in the appropriate place
// sets the maximum allowed filesize
ini_set("upload_max_filesize", $UPLOAD_SIZE);
$error_log = array();
// checks each upload slot for values and errors
for($i = 0; $i < sizeof($upfile); $i++) {
if($upfile[$i] == "none") {
// if the file is too large or of 0 byte length
if($upfile_name[$i] != "") {
array_push($error_log, "File <B>$upfile_name[$i]<B> is of 0 byte length or exceeds the allowed upload filesize.</B>");
}
}
// Checks the uploaded file against your filter options to keep
// bogus files from being uploaded.
else if(apply_filter($upfile_name[$i], $upfile[$i]) == 0) {
array_push($error_log, "<B>The file '".$upfile_name[$i]."' is not of the correct file type according to administrator's settings.</B>");
}
else {
// copies the file to the specified name and place
// These lines are ESSENTIAL for the brunhilde server remain secure
// They keep a client from entering "../" to gain access to files
// outside of your web tree
if((substr_count($upfile_name[$i], "../") > 0) || (substr_count($upfile_name[$i], "..\\") > 0)) {
include("security.php");
}
if(move_uploaded_file($upfile[$i], "$mp3_dir$UPLOAD_DIR$upfile_name[$i]")) {
continue;
}
// reports an error if the above clause was not successful
else {
array_push($error_log, "Error uploading file $upfile_name[$i]\n");
}
}
}
if(sizeof($error_log) == 0) {
$cdir_url = rawurlencode("$UPLOAD_DIR");
header("Content Type: text/html");
header("location: index.php?cdir=$cdir_url");
exit;
}
else {
// displays problem files
header("Content Type: text/html");
echo "<html>\n<head><title>Brunhilde - Upload Error</title></head>\n";
echo "<body>Some files did not upload properly:<br>\n<br>";
for($i = 0; $i < sizeof($error_log); $i++) {
echo "$error_log[$i]<br>\n";
}
echo "<br><a href=\"upload.php\">Try Again</a>";
echo " <a href=index.php>Back to Songlist</a>\n";
echo "</body>\n</html>";
exit;
}
?>