Location: PHPKode > projects > WebArchive > phparchive.0.1.82.beta/upload.php
<?php
/**
 * @version $Id: upload.php,v 1.5 2003/12/14 01:42:32 freedev Exp $
 * @author Vincenzo D'Amore <hide@address.com>
 * @package wa_tools
*/

/**
 *
 */

require_once("./wacommon.inc.php");

CheckSession();

function HandleUpload($sKeyField, $userfile, &$sDestPath)
{
	$bRC = False;
	if (isset($userfile))
	{
		if (is_uploaded_file($userfile['tmp_name']))
		{
			$sUserDir = $GLOBALS['WA_UPLOAD_DIR'].$_SESSION["giIdUser"];
			$path_parts = pathinfo($userfile['name']);
			$unique_dir = time();
			$sUserFile = $path_parts["basename"];
			if (!is_dir($sUserDir))
			{
//				echo $sUserDir;
				mkdir ($sUserDir, 0700);
			}
			if (!is_dir($sUserDir."/".$unique_dir))
			{
//				echo $unique_dir;
				mkdir ($sUserDir."/".$unique_dir, 0700);
			}
			if (is_dir($sUserDir."/".$unique_dir))
			if (move_uploaded_file($userfile['tmp_name'], $sUserDir."/".$unique_dir."/".$sUserFile))
			{
				$sDestPath = $_SESSION["giIdUser"]."/".$unique_dir."/".$sUserFile;
				$bRC = True;
			}
		}
		else
		{
		    echo "Possible file upload attack: filename '".$userfile['tmp_name']."'.";
		}
	}
	return $bRC;
}

	PrintHTMLHeader("Upload", "");

//	echo '<script type="text/javascript" Language="JavaScript1.2" src="'.$GLOBALS['WA_ABSOLUTE_URI'].'javascripts/handleform.js"></script>';
	echo '<script type="text/javascript" Language="JavaScript1.2" src="javascripts/handleform.js"></script>';

	?>

<Script type="text/javascript" Language="JavaScript">
<!--
function CloseWindow()
{
	window.opener.focus();
	window.close();
}

function StartUpload(sMessage)
{

//	if (window.document.all["userfile"].value != "")
	if (getFormElementByName(document.forms["uploadForm"], "userfile").value != "")
		document.uploadForm.submit();
	else
//		alert("Nessun file selezionato.");
		alert(sMessage);
}

function CopyUploadInfo(IdForm, Field, filepath, filename)
{
	var formName = "formBuild_" + IdForm;
	var textObj = "text" + Field;
	var dispObj = "disp" + Field;
	getFormElementByName(window.opener.document.forms[formName], textObj).value = filepath;
	getFormElementByName(window.opener.document.forms[formName], dispObj).value = filename;
	getFormElementByName(window.opener.document.forms[formName], dispObj).focus();
//	window.opener.document.all[textObj].value = filepath;
//	window.opener.document.all[dispObj].value = filename;
	return null;
}
-->
</Script>
	<?php

if (isset($_GET["KeyField"]) || isset($_POST["KeyField"]))
{
	if (isset($_GET["KeyField"]))
		$KeyField = $_GET["KeyField"];
	else
		$KeyField = $_POST["KeyField"];

	if (isset($_GET["IdForm"]))
		$IdForm = $_GET["IdForm"];
	else
		$IdForm = $_POST["IdForm"];

	if (isset($_FILES["userfile"]))
	{
		$sDestPath = "";
		if (HandleUpload($_GET["KeyField"], $_FILES["userfile"], $sDestPath))
		{
			echo "<body class='BodyStandard' onload=\"javascript:CopyUploadInfo('".$IdForm."','".$KeyField."','".$sDestPath."','".basename($sDestPath)."');\">";
			echo WA_MSG_UPLOAD_SUCCESS . " (".$_FILES["userfile"]['name']." byte (".$_FILES["userfile"]['size'].")";
		}
		else
		{
			echo "<body class='BodyStandard'>";
			echo WA_MSG_UPLOAD_ERROR;
		}
		echo "<p><input class='Buttons' type='Button' value='".WA_CMD_CLOSE."' onclick='javascript:CloseWindow();'>";
	}
	else
	{
?>
	<body class="BodyStandard">
	<form method="post" enctype="multipart/form-data" name="uploadForm" onsubmit="return setSubmitFired();" action="">
<?PHP
	if ($GLOBALS['WA_PRIVATE_SESSIONS'])
		echo '<INPUT type="hidden" name="'. WA_SESSION_NAME.'" value="'.session_id().'" >';
?>
	<p>
	<?php echo WA_MSG_UPLOAD_MESSAGE; ?><input class='Inputs' name="userfile" type="file">
	<p>
	<input type="hidden" name="KeyField" value="<?php echo $_GET["KeyField"] ?>">
	<input type="hidden" name="IdForm" value="<?php echo $_GET["IdForm"] ?>">
	<input class='Buttons' type="button" value="<?php echo WA_CMD_UPLOAD; ?>"
	onclick="javascript:StartUpload('<?php echo WA_MSG_UPLOAD_NOFILESELECTED; ?>');">
	&nbsp;
	<input class='Buttons' type="button" value="<?php echo WA_CMD_CLOSE; ?>" onclick="javascript:CloseWindow();">
	</form>
<?php
	}
}
else
	echo "Errore!";
?>
</body>
</html>
Return current item: WebArchive