"Fossies" - the Fresh Open Source Software Archive

Member "eventh/uploadfiles.php" (26 Jan 2010, 7950 Bytes) of package /linux/privat/old/eventh-1.1.11.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) PHP source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "uploadfiles.php" see the Fossies "Dox" file reference documentation.

    1 <?
    2 /*
    3     This file is part of Event Horizon (EVH).
    4 
    5     EVH is free software; you can redistribute it and/or modify
    6     it under the terms of the GNU General Public License as published by
    7     the Free Software Foundation; either version 3 of the License, or
    8     (at your option) any later version.
    9 
   10     EVH is distributed in the hope that it will be useful,
   11     but WITHOUT ANY WARRANTY; without even the implied warranty of
   12     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   13     GNU General Public License for more details.
   14 
   15     You should have received a copy of the GNU General Public License
   16     along with this program.  If not, see <http://www.gnu.org/licenses/>.
   17 */
   18 
   19     include "inc.php";
   20 ?>
   21 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
   22 <html>
   23 <head>
   24 <title><?=$appname; ?> - Upload Results</title>
   25 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
   26 <link href="default.css" rel="stylesheet" type="text/css">
   27 </head>
   28 <body>
   29 <?
   30     // Verify email addresses contain required domains;
   31     $YourEmail = addslashes(clean_email_string($YourEmail));
   32     $DestinationEmail = addslashes(clean_email_string($DestinationEmail));
   33     $email_array = explode(",", $YourEmail . "," . $DestinationEmail);
   34     if (! preg_array($domains,$email_array)) {
   35         $dismsg = '<font color=red>ERROR 1006: An error has occurred.  Please contact the Help Desk for assistance.</font>';
   36         error_log('File upload filed, email addresses were incorrect.');
   37     }
   38     else {
   39         if (isset($dirname)) {
   40             $dnldpass = addslashes($dirname);
   41             $filesrc = $fullfile;
   42             $filename = utf8_encode(addslashes($File1));
   43             $method = 'ftp';
   44         }
   45         else {
   46             // Generate a download code
   47             $dnldpass = addslashes(substr(md5(uniqid(rand(),1)),0,8));
   48             $filesrc = $_FILES['File1']['tmp_name'];
   49             $filename = utf8_encode(addslashes(basename($_FILES['File1']['name'])));
   50             $filesize = $_FILES['File1']['size'];
   51             $method = 'http';
   52         }
   53         
   54         // Test for failed HTTP upload;
   55         if (!isset($dirname) && $_FILES['File1']['error'] != 0) error_log(stripslashes($dnldpass) . ": Upload error (" . $UPLOADERRORS[$_FILES['File1']['error']] . ")");
   56 
   57         // If transferred via HTTP or if the file is less than 2GB (2000000000 bytes), move the file;       
   58         $ok=0;
   59         if ($method == 'http' || $filesize < 1900000000) {
   60             $uploadfile = $fpath . '/' . stripslashes($dnldpass) . '/' . $filename;
   61             $tmp = mkdir("$fpath/$dnldpass");
   62             
   63             error_log($dnldpass . ": Moving $filesrc to $uploadfile");
   64             
   65             if ($method == 'http' && move_uploaded_file($filesrc, $uploadfile)) $ok=1;
   66             elseif ($method == 'ftp' && rename($filesrc,$uploadfile)) {  // Move file and remove ftp directory;
   67                 $ok=1;
   68                 rmdir($ftppath . stripslashes($dnldpass));
   69             }
   70             else {
   71                 $dismsg = '<font color=red>An error occurred with your file upload.  Please try again.</font>';
   72                 if ($method == 'http') $dismsg .= '<p>Upload error: (' . $UPLOADERRORS[$_FILES['File1']['error']] . ')';
   73                 $ok = 0;
   74             }
   75             $method = 'http';  // Force this to HTTP before database insert so the download URL is correct;
   76         }
   77         elseif ($method == 'ftp') {   // What to do if method was ftp and file larger than 2gb;
   78             // Leave file where it is;
   79             $ok = 1;
   80         }
   81         
   82         // Generate the modification code;
   83         $modpass = addslashes(substr(md5(uniqid(rand(),1)),0,8));
   84         
   85         if ($ok == 1) {
   86             error_log(stripslashes($dnldpass) . ": Successfully uploaded file:" . $filename);
   87             
   88             // insert data into sql database;
   89             $query = 'insert into Sessions (indate, outdate, avail, srcemail, destemail, dnldcode, modcode) values ("' . $mydate . '", "' . ${'date' . $AvailabilityPeriod} . '", "' . $AvailabilityPeriod . '", "' . $YourEmail . '", "' . $DestinationEmail . '", "' . $dnldpass . '", "' . $modpass . '")';
   90             $res = mysql_query($query,$dbh) or die('<p><b>A fatal database error occured</b>.\n<br />Query: ' . $query . '<br />\nError: (' . mysql_errno() . ') ' . mysql_error());
   91     
   92             // get the session id the sql database just created;
   93             $sessid = mysql_insert_id();
   94             $query2 = 'insert into Files (name, description, method, sessionid, size) values ("' . $filename. '", "' . utf8_encode(addslashes($File1Description)) . '","' . $method . '", ' . $sessid . ', ' . $filesize . ');';
   95             $res2 = mysql_query($query2,$dbh) or die('<p><b>A fatal database error occured</b>.\n<br />Query: ' . $query2 . '<br />\nError: (' . mysql_errno() . ') ' . mysql_error());
   96     
   97             // get the availability period (nice looking one);
   98             $query3="select * from Availability where short=\"$AvailabilityPeriod\"";
   99             $res3 = mysql_query($query3,$dbh) or die('<p><b>A fatal database error occured</b>.\n<br />Query: ' . $query3 . '<br />\nError: (' . mysql_errno() . ') ' . mysql_error());
  100             $row3 = mysql_fetch_row($res3);
  101             $availability = $row3[2];
  102     
  103             // get the file id the sql database just created;
  104             $fileid = mysql_insert_id();
  105             
  106             if ($savehistory) {
  107                 // record file upload into History table;
  108                 insert_history_entry('upload', $fileid, $sessid);
  109             }
  110 
  111             $dstheader = $utf8mailhdr . 'From: ' . stripslashes($YourEmail) . "\r\n";
  112             $dstheader .= 'Reply-To: ' . stripslashes($YourEmail);
  113             $dstmsg  = 'A file has been made available for you to download.<br><br>';
  114             $dstmsg .= 'Filename: ' . utf8_encode($filename) . '<br>';
  115             $dstmsg .= 'Size: ' . round($filesize / 1024 / 1024, 2) . ' MB<br>';
  116             $dstmsg .= 'Availability: ' . $availability . '<br>';
  117             $dstmsg .= 'Description: ' . utf8_encode($File1Description) . '<br>';
  118             $dstmsg .= 'Download Code: ' . stripslashes($dnldpass) . '<br><br>';
  119             
  120             $dstmsg .= '<a href="' . $proto . '://' . $servername . '/sendfile.php?fid=' . $fileid . '&vercode=' . stripslashes($dnldpass) . '">Click here to download the file</a><p>';
  121             $dstmsg .= 'If the download link above doesn\'t work for you, use the download code above on the <a href="' . $proto . '://' . $servername . '/download.php">' . $appname . ' download page</a>.';
  122             
  123             mail(stripslashes($DestinationEmail), utf8_encode($filename) . ' ready for download at ' . $companyname, $dstmsg, $dstheader) or die("Could not send receiver email.");
  124             
  125             $srcheader = $utf8mailhdr . 'From: ' . $ehmailaddr . "\r\n";
  126             $srcheader .= 'Reply-To: ' . $ehmailaddr;
  127             $srcmsg  = 'The file you uploaded is ready for download.<br><br>';
  128             $srcmsg .= 'Filename: ' . utf8_encode($filename) . '<br>';
  129             $srcmsg .= 'Size: ' . round($filesize / 1024 / 1024, 2) . ' MB<br>';
  130             $srcmsg .= 'Availability: ' . $availability . '<br>';
  131             $srcmsg .= 'Description: ' . utf8_encode($File1Description) . '<br>';
  132             $srcmsg .= 'Download Code: ' . stripslashes($dnldpass) . '<br>';
  133             $srcmsg .= 'Modification Code: ' . stripslashes($modpass) . '<br><br>';
  134             $srcmsg .= 'Download: <a href="' . $proto . '://' . $servername . '/sendfile.php?fid=' . $fileid . '&vercode=' . stripslashes($dnldpass) . '">Click here to download the file</a><br>';
  135             $srcmsg .= 'Delete: <a href="' . $proto . '://' . $servername . '/modapply.php?del=1&sessid=' . $sessid . '&vercode=' . stripslashes($dnldpass) . '">Click here to DELETE the file</a><br>';
  136 
  137             $srcmsg .= 'To modify the file description, availability period or delete the file, use the modification code above and go to: <a href="' . $proto . '://' . $servername . '/download.php?mod=1">' . $proto . '://' . $servername . '/download.php?mod=1</a>';
  138             mail(stripslashes($YourEmail), utf8_encode($filename) . ' uploaded at ' . $companyname, $srcmsg, $srcheader) or die("Could not send sender email.");
  139             $dismsg = 'Your file was uploaded successfully.';
  140         } 
  141         else {
  142             error_log(stripslashes($dnldpass) . ": File upload failed for:" . $filename);
  143         }
  144     }
  145 ?>
  146 <?=$titleandmenu; ?>
  147 <p align="center"><span class="content-text"><strong><?=$dismsg; ?></strong></span></p>
  148 <?
  149 print $footer;
  150 ?>
  151 </body>
  152 </html>