Location: PHPKode > projects > Daddy's File Host > dfh/upload.php
<?php
/////////////////////////////////////////////////////////////////////////
//  Product: Daddy's File Host						 //
//  Version: 1.0								 //
//										 //
// by DaddyScripts.com							 //
//										 //
// original source code by Jim (j-fx.ws) and Steven (galaxyscripts.com)//
/////////////////////////////////////////////////////////////////////////

error_reporting(0);
require_once("./config.php");
if ($_GET['method'] <> "flash") {
include("./header.php");
}
if(in_array($language, $LANGUAGE_LIST)) {
  include('./lang/'.$language.'.php');
} else {
  include('./lang/'.$LANGUAGE_LIST[0].'.php');
}

$file_types_check = substr(strrchr($_FILES['upfile']['name'], '.'), 1);
$file_types = str_replace(".",'',"$file_types");
$file_types2 = $file_types;
$file_types = str_replace("*",'',"$file_types");

if ($file_types == $file_types_check || $file_types2 == "*") {

$junk = array('.' , ',' , '/' , '\\' , '`' , ';' , '[' , ']' , '-', "'", '*', '&', '^', '%', '$', '@', '!', '~', '+', '(', ')', '|', '{', '}', ' ', '?', ':', '"', '=', "<", ">", " &");
$multi = array('__', '___', '____', '_____', '______');

$filename = $_FILES['upfile']['name'];
$filename = str_replace("'",'',"$filename");
$filename = str_replace("&",'',"$filename");
//$filename = str_replace(" ",'%20',"$filename");
$filename = stripslashes("$filename");
$filesize = $_FILES['upfile']['size'];
$fancyurl=rand('1','999');
$rand2=("$fancyurl$filename");
$m=$shourturl;
if ($m=="true")
  $short= "";
else
  $short= "download.php?file=";

$bans=file("./secure/bans.dfh");
foreach($bans as $line)
{
  if ($line==$rand2."\n"){
?> <center><table style="margin-top:0px;width:auto;height:auto;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top>
<?
    echo "$lang[noallow]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
    include("./footer.php");
    die();
  }
  if ($line==$_SERVER['REMOTE_ADDR']."\n"){
?><center><table style="margin-top:0px;width:auto;height:auto;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top>
   <? echo "$lang[nallow]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
    include("./footer.php");
    die();
  }
}

if(isset($categorylist)){
$validcat = 0;
foreach($categories as $cat) {
  if($_POST['category']==$cat || $_POST['category'] = ""){ $validcat = 1; }
}
if($validcat==0) {
?><center><table style="margin-top:0px;width:auto;height:auto;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top><?
   echo "$lang[icat]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
   include("./footer.php");
   die();
}
$cat = $_POST['category'];
} else { $cat = ""; }

if($filesize==0) {
if ($_GET['method'] <> "flash") {
?>
<script type="text/javascript">
<!--
window.location = "./index.php?error=nofile"
//-->
</script>
<?php
}
?>
<center><table style="margin-top:0px;width:790px;height:400px;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top><?
echo "$lang[dpick]";
?>
</center></td></tr></table><p style="margin:3px;text-align:center"><?
die();
}

$filesize = $filesize / 1048576;

if($filesize > $maxfilesize) {
?><center><table style="margin-top:0px;width:790px;height:400px;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top>
<?php
if ($_GET['method'] <> "flash") {
?>
<script type="text/javascript">
<!--
window.location = "./index.php?error=too_large"
//-->
</script>
<?
}
?>
<?
echo "$lang[tlarge]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
die();
}

$userip = $_SERVER['REMOTE_ADDR'];
$time = time();

if($filesize > $nolimitsize)
{
$newfile = "./uploader/".$userip.".dfh";
$f=fopen($newfile, "w");
fwrite ($f,$userip."|".$time."|");
fclose($f);
chmod($newfile,0777);
}

$passkey = rand(100000, 999999);

if($emailoption && isset($_POST['myemail']) && $_POST['myemail']!="") {
$rand2 = urlencode($rand2);
$uploadmsg = "$lang[ufile] (".$filename.") $lang[wup].\n  ". $lang[udownfile] . ":" . $scripturl . "$short" . $rand2 . "\n ". $lang[udeletefile] . ":" . $scripturl . "$short" . $rand2 . "&del=" . $passkey . "&ignore=" . "\n $lang[thank]";
mail($_POST['myemail'],"Your Uploaded File",$uploadmsg,"From: ". $email ."\n");
$rand2 = urldecode($rand2);
}

if($passwordoption && isset($_POST['pprotect'])) {
  $passwerd = md5($_POST['pprotect']);
} else { $passwerd = md5(""); }

if($descriptionoption && isset($_POST['descr'])) {
  $description = strip_tags($_POST['descr']);
} else { $description = ""; }

$filelist = fopen("./files/".$rand2.".dfh","w");
fwrite($filelist, $rand2 ."|". basename($_FILES['upfile']['name']) ."|". $passkey ."|". $userip ."|". $time."|0|".$description."|".$passwerd."|".$cat."|".$_POST['pprotect']."|\n");

$movefile = "./storage/" . $rand2;
move_uploaded_file($_FILES['upfile']['tmp_name'], $movefile);
?>
<?php
if ($_GET['method'] <> "flash") {
?>
<center><table style="margin-top:0px;width:790px;height:400px;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top>
<?php
}else{
?>
<center><table style="margin-top:0px;width:auto;height:auto;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top>
<?
}
echo "<center><b> $lang[yupfile] </b></center><br />";
echo "<center> $lang[udownfile] </center> <p><center> <a href=\"" . $scripturl . "$short" . $rand2 . "\">". $scripturl . "$short" . $rand2 . "</a><br />";
echo "<p><center> $lang[udeletefile] </center> <p><center> <a href=\"" . $scripturl . "$short" . $rand2 . "&del=" . $passkey . "&ignore=" . " \">". $scripturl . "$short" . $rand2 . "&del=" . $passkey . "&ignore=" . "</a><br />";
echo "<p><center> $lang[uremfile]."; ?><p>
 </center></td></tr></table><p style="margin:3px;text-align:center">
<?
} else {
?>
<center><table style="margin-top:0px;width:790px;height:400px;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top>
<?php
echo $lang[itype];
if ($_GET['method'] <> "flash") {
?>
<script type="text/javascript">
<!--
window.location = "./index.php?error=invalid_filetype"
//-->
</script>
</center></td></tr></table><p style="margin:3px;text-align:center">
<?
}
}
if ($_GET['method'] <> "flash") {
include("./footer.php");
}
?>
  </td></tr></table></center>
Web-based Email Marketing Software for sending email newsletters
Return current item: Daddy's File Host