eventh-.* Event Horizon: uploadfiles.php

"Fossies" - the Fresh Open Source Software Archive

Member "eventh/uploadfiles.php" (26 Jan 2010, 7950 Bytes) of package /linux/privat/old/eventh-1.1.11.tar.gz:

As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) PHP source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "uploadfiles.php" see the Fossies "Dox" file reference documentation.

A hint: This file contains one or more very long lines, so maybe it is better readable using the pure text view mode that shows the contents as wrapped lines within the browser window.

1 <? 2 /* 3 This file is part of Event Horizon (EVH). 4 5 EVH is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License as published by 7 the Free Software Foundation; either version 3 of the License, or 8 (at your option) any later version. 9 10 EVH is distributed in the hope that it will be useful, 11 but WITHOUT ANY WARRANTY; without even the implied warranty of 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 GNU General Public License for more details. 14 15 You should have received a copy of the GNU General Public License 16 along with this program. If not, see <http://www.gnu.org/licenses/>. 17 */ 18 19 include "inc.php"; 20 ?> 21 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 22 <html> 23 <head> 24 <title><?=$appname; ?> - Upload Results</title> 25 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 26 <link href="default.css" rel="stylesheet" type="text/css"> 27 </head> 28 <body> 29 <? 30 // Verify email addresses contain required domains; 31 $YourEmail = addslashes(clean_email_string($YourEmail)); 32 $DestinationEmail = addslashes(clean_email_string($DestinationEmail)); 33 $email_array = explode(",", $YourEmail . "," . $DestinationEmail); 34 if (! preg_array($domains,$email_array)) { 35 $dismsg = 'ERROR 1006: An error has occurred. Please contact the Help Desk for assistance.'; 36 error_log('File upload filed, email addresses were incorrect.'); 37 } 38 else { 39 if (isset($dirname)) { 40 $dnldpass = addslashes($dirname); 41 $filesrc = $fullfile; 42 $filename = utf8_encode(addslashes($File1)); 43 $method = 'ftp'; 44 } 45 else { 46 // Generate a download code 47 $dnldpass = addslashes(substr(md5(uniqid(rand(),1)),0,8)); 48 $filesrc = $_FILES['File1']['tmp_name']; 49 $filename = utf8_encode(addslashes(basename($_FILES['File1']['name']))); 50 $filesize = $_FILES['File1']['size']; 51 $method = 'http'; 52 } 53 54 // Test for failed HTTP upload; 55 if (!isset($dirname) && $_FILES['File1']['error'] != 0) error_log(stripslashes($dnldpass) . ": Upload error (" . $UPLOADERRORS[$_FILES['File1']['error']] . ")"); 56 57 // If transferred via HTTP or if the file is less than 2GB (2000000000 bytes), move the file; 58 $ok=0; 59 if ($method == 'http' || $filesize < 1900000000) { 60 $uploadfile = $fpath . '/' . stripslashes($dnldpass) . '/' . $filename; 61 $tmp = mkdir("$fpath/$dnldpass"); 62 63 error_log($dnldpass . ": Moving $filesrc to $uploadfile"); 64 65 if ($method == 'http' && move_uploaded_file($filesrc, $uploadfile)) $ok=1; 66 elseif ($method == 'ftp' && rename($filesrc,$uploadfile)) { // Move file and remove ftp directory; 67 $ok=1; 68 rmdir($ftppath . stripslashes($dnldpass)); 69 } 70 else { 71 $dismsg = 'An error occurred with your file upload. Please try again.'; 72 if ($method == 'http') $dismsg .= 'Upload error: (' . $UPLOADERRORS[$_FILES['File1']['error']] . ')'; 73 $ok = 0; 74 } 75 $method = 'http'; // Force this to HTTP before database insert so the download URL is correct; 76 } 77 elseif ($method == 'ftp') { // What to do if method was ftp and file larger than 2gb; 78 // Leave file where it is; 79 $ok = 1; 80 } 81 82 // Generate the modification code; 83 $modpass = addslashes(substr(md5(uniqid(rand(),1)),0,8)); 84 85 if ($ok == 1) { 86 error_log(stripslashes($dnldpass) . ": Successfully uploaded file:" . $filename); 87 88 // insert data into sql database; 89 $query = 'insert into Sessions (indate, outdate, avail, srcemail, destemail, dnldcode, modcode) values ("' . $mydate . '", "' . ${'date' . $AvailabilityPeriod} . '", "' . $AvailabilityPeriod . '", "' . $YourEmail . '", "' . $DestinationEmail . '", "' . $dnldpass . '", "' . $modpass . '")'; 90 $res = mysql_query($query,$dbh) or die('A fatal database error occured.\n Query: ' . $query . ' \nError: (' . mysql_errno() . ') ' . mysql_error()); 91 92 // get the session id the sql database just created; 93 $sessid = mysql_insert_id(); 94 $query2 = 'insert into Files (name, description, method, sessionid, size) values ("' . $filename. '", "' . utf8_encode(addslashes($File1Description)) . '","' . $method . '", ' . $sessid . ', ' . $filesize . ');'; 95 $res2 = mysql_query($query2,$dbh) or die('A fatal database error occured.\n Query: ' . $query2 . ' \nError: (' . mysql_errno() . ') ' . mysql_error()); 96 97 // get the availability period (nice looking one); 98 $query3="select * from Availability where short=\"$AvailabilityPeriod\""; 99 $res3 = mysql_query($query3,$dbh) or die('A fatal database error occured.\n Query: ' . $query3 . ' \nError: (' . mysql_errno() . ') ' . mysql_error()); 100 $row3 = mysql_fetch_row($res3); 101 $availability = $row3[2]; 102 103 // get the file id the sql database just created; 104 $fileid = mysql_insert_id(); 105 106 if ($savehistory) { 107 // record file upload into History table; 108 insert_history_entry('upload', $fileid, $sessid); 109 } 110 111 $dstheader = $utf8mailhdr . 'From: ' . stripslashes($YourEmail) . "\r\n"; 112 $dstheader .= 'Reply-To: ' . stripslashes($YourEmail); 113 $dstmsg = 'A file has been made available for you to download. '; 114 $dstmsg .= 'Filename: ' . utf8_encode($filename) . ' '; 115 $dstmsg .= 'Size: ' . round($filesize / 1024 / 1024, 2) . ' MB '; 116 $dstmsg .= 'Availability: ' . $availability . ' '; 117 $dstmsg .= 'Description: ' . utf8_encode($File1Description) . ' '; 118 $dstmsg .= 'Download Code: ' . stripslashes($dnldpass) . ' '; 119 120 $dstmsg .= '<a href="' . $proto . '://' . $servername . '/sendfile.php?fid=' . $fileid . '&vercode=' . stripslashes($dnldpass) . '">Click here to download the file</a>'; 121 $dstmsg .= 'If the download link above doesn\'t work for you, use the download code above on the <a href="' . $proto . '://' . $servername . '/download.php">' . $appname . ' download page</a>.'; 122 123 mail(stripslashes($DestinationEmail), utf8_encode($filename) . ' ready for download at ' . $companyname, $dstmsg, $dstheader) or die("Could not send receiver email."); 124 125 $srcheader = $utf8mailhdr . 'From: ' . $ehmailaddr . "\r\n"; 126 $srcheader .= 'Reply-To: ' . $ehmailaddr; 127 $srcmsg = 'The file you uploaded is ready for download. '; 128 $srcmsg .= 'Filename: ' . utf8_encode($filename) . ' '; 129 $srcmsg .= 'Size: ' . round($filesize / 1024 / 1024, 2) . ' MB '; 130 $srcmsg .= 'Availability: ' . $availability . ' '; 131 $srcmsg .= 'Description: ' . utf8_encode($File1Description) . ' '; 132 $srcmsg .= 'Download Code: ' . stripslashes($dnldpass) . ' '; 133 $srcmsg .= 'Modification Code: ' . stripslashes($modpass) . ' '; 134 $srcmsg .= 'Download: <a href="' . $proto . '://' . $servername . '/sendfile.php?fid=' . $fileid . '&vercode=' . stripslashes($dnldpass) . '">Click here to download the file</a> '; 135 $srcmsg .= 'Delete: <a href="' . $proto . '://' . $servername . '/modapply.php?del=1&sessid=' . $sessid . '&vercode=' . stripslashes($dnldpass) . '">Click here to DELETE the file</a> '; 136 137 $srcmsg .= 'To modify the file description, availability period or delete the file, use the modification code above and go to: <a href="' . $proto . '://' . $servername . '/download.php?mod=1">' . $proto . '://' . $servername . '/download.php?mod=1</a>'; 138 mail(stripslashes($YourEmail), utf8_encode($filename) . ' uploaded at ' . $companyname, $srcmsg, $srcheader) or die("Could not send sender email."); 139 $dismsg = 'Your file was uploaded successfully.'; 140 } 141 else { 142 error_log(stripslashes($dnldpass) . ": File upload failed for:" . $filename); 143 } 144 } 145 ?> 146 <?=$titleandmenu; ?> 147 <?=$dismsg; ?> 148 <? 149 print $footer; 150 ?> 151 </body> 152 </html>