| | |
| Stránka: 1 z 1
| [ Príspevkov: 4 ] | |
Autor | Správa |
---|
Registrovaný: 27.05.09 Prihlásený: 28.03.10 Príspevky: 9 Témy: 5 |
Prosím Vás našiel som tento script a skúšal som ho ošetriť aby nešli uploadovať php scripty, niako mi to nejde,
prosím nemohli by ste mi ho ošetriť?
Tu je:
Kód: <center> <form method="post" enctype="multipart/form-data" action="#"> <input type="hidden" name="odoslany" value="" /> <input type="file" name="subor" /> <input type="submit" value="Nahrať" /> <br> Do akej zlosky chces uploadnut subor? (dostupne su: upload)
<b> </b> <input name="cmd">
</form>
<?php if (isset($_POST["odoslany"])) { if (is_uploaded_file($_FILES["subor"]["tmp_name"])) { $name = $_FILES["subor"]["name"]; $copy = move_uploaded_file($_FILES["subor"]["tmp_name"], "$_POST[cmd]/$name"); if ($copy) { echo "<p>Súbor bol <b>úspesne</b> nahratý.</p>"; echo "<p><strong>Názov:</strong> $name</p>"; echo "<p><strong>Ulozený do zlosky:</strong> $_POST[cmd]</p>"; echo "<p><strong>Download link:</strong>http://shadows-tools.over.cz/$_POST[cmd]/$name</p>"; } else { echo "Súbor <b>$name</b> nebol nahratý na server."; } } } ?> </center>
Ďakujem
|
|
Registrovaný: 26.12.06 Prihlásený: 16.11.19 Príspevky: 3971 Témy: 181 Bydlisko: Nitra / Bra... | |
Registrovaný: 14.12.08 Prihlásený: 10.06.09 Príspevky: 13 Témy: 4 |
Caute , nasiel som tu taky to upload script, funguje mi 100%
Citácia: <?php $MAX_SIZE = 2000000; $FILE_EXTS = array('.zip','.rar','.exe','.gif','.doc');
$DELETABLE = true;
$site_name = $_SERVER['HTTP_HOST']; $url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); $url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$upload_dir = "files/"; $upload_url = $url_dir."/files/"; $message ="";
if (!is_dir("files")) { if (!mkdir($upload_dir)) die ("upload_files directory doesn't exist and creation failed"); if (!chmod($upload_dir,0755)) die ("change permission to 755 failed."); }
if ($_REQUEST[del] && $DELETABLE) { $resource = fopen("log.txt","a"); fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n"); fclose($resource); if (strpos($_REQUEST[del],"/.")>0); else if (strpos($_REQUEST[del],$upload_dir) === false); else if (substr($_REQUEST[del],0,6)==$upload_dir) { unlink($_REQUEST[del]); print "<script>window.location.href='$url_this?message=deleted successfully'</script>"; } } else if ($_FILES['userfile']) { $resource = fopen("log.txt","a"); fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]" .$_FILES['userfile']['name']." " .$_FILES['userfile']['type']."\n"); fclose($resource);
$file_type = $_FILES['userfile']['type']; $file_name = $_FILES['userfile']['name']; $file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
if ( $_FILES['userfile']['size'] > $MAX_SIZE) $message = "The file size is over 2MB."; else if (!in_array($file_ext, $FILE_EXTS)) $message = "Sorry, $file_name($file_type) is not allowed to be uploaded."; else $message = do_upload($upload_dir, $upload_url); print "<script>window.location.href='$url_this?message=$message'</script>"; } else if (!$_FILES['userfile']); else $message = "Invalid File Specified.";
$handle=opendir($upload_dir); $filelist = ""; while ($file = readdir($handle)) { if(!is_dir($file) && !is_link($file)) { $filelist .= "<a href='$upload_dir$file'>".$file."</a> - URL: <b>$upload_url$file</b>"; if ($DELETABLE) $filelist .= " Added at ".date("d-m H:i", filemtime($upload_dir.$file)) .""; $filelist .= " <a style='text-decoration:none; font-weight:bold' href='?del=$upload_dir".urlencode($file)."' title='delete'>x</a>"; $filelist .="<br>"; } }
function do_upload($upload_dir, $upload_url) {
$temp_name = $_FILES['userfile']['tmp_name']; $file_name = $_FILES['userfile']['name']; $file_name = str_replace("\\","",$file_name); $file_name = str_replace("'","",$file_name); $file_path = $upload_dir.$file_name;
if ( $file_name =="") { $message = "Invalid File Name Specified"; return $message; }
$result = move_uploaded_file($temp_name, $file_path); if (!chmod($file_path,0777)) $message = "change permission to 777 failed."; else $message = ($result)?"$file_name was uploaded successfully." : "Something is wrong with uploading the file."; return $message; }
?>
<html> <head> <title>Mr-mobil uploader</title> <link rel=stylesheet href=style.css> </head> <body> <br><br> <center> <font color=red><?=$_REQUEST[message]?></font> <br> <form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post"> Upload File <input type="file" id="userfile" name="userfile"> <input type="submit" name="upload" value="Upload"> </form> <br><b><u>Uploaded files:</b></u><br><br>
<?=$filelist?> </sup></small> </center>
Ale potrebujem , aby sa mi upload zapisal aj do DB, pls pomozte
|
|
Registrovaný: 16.07.07 Prihlásený: 31.07.22 Príspevky: 1225 Témy: 92 | Napísal sedlák: 30.05.2009 3:01 | |
|
omg a čo na tom nevieš? musiš si rozmysliet co vsetko chces davat do databaty a podla toho ... co tak pohladat na fore??
|
|
| Stránka: 1 z 1
| [ Príspevkov: 4 ] | |
Podobné témy | Témy | Odpovede | Zobrazenia | Posledný príspevok |
---|
| upload script v PHP, ASP | 8 | 638 | 31.07.2008 9:34 rooobertek | | Upload script v PHP, ASP | 7 | 1895 | 21.08.2006 16:33 wlacho | | Script na upload v PHP, ASP | 3 | 1268 | 25.07.2006 21:56 beks | | Upload script - pomoc v PHP, ASP | 3 | 612 | 07.10.2007 19:54 FreeOnlineGames | | Image Upload PHP script v PHP, ASP | 0 | 1768 | 30.09.2005 23:01 JanoF | | upload script pre Mobil v PHP, ASP | 3 | 514 | 29.07.2011 0:50 Slappy | | upload script a zrušenie diaktitiky v PHP, ASP | 5 | 660 | 15.08.2008 13:22 Unlink | | Image Upload Script z Resizeom v PHP, ASP | 2 | 728 | 22.10.2009 19:07 DonPC | | hľadám jQuery File upload script v JavaScript, VBScript, Ajax | 3 | 473 | 14.04.2011 18:35 emer | | Nefunguje mi script na upload suborov v PHP, ASP | 9 | 718 | 22.02.2008 20:44 vl4kn0 | | script na upload fotiek ako ma facebook v JavaScript, VBScript, Ajax | 3 | 708 | 31.10.2009 3:02 lama2d | | Script v Ostatné | 8 | 1025 | 01.09.2007 14:15 qacer | | script v Assembler, C, C++, Pascal, Java | 10 | 1019 | 13.03.2008 21:12 buslo | | Script v JavaScript, VBScript, Ajax | 0 | 435 | 04.06.2012 16:54 GooderSvk | | Script v JavaScript, VBScript, Ajax | 13 | 511 | 15.05.2014 17:28 shaggy | | event script v JavaScript, VBScript, Ajax | 1 | 593 | 24.11.2010 18:40 shaggy |
| Nemôžete zakladať nové témy v tomto fóre Nemôžete odpovedať na témy v tomto fóre Nemôžete upravovať svoje príspevky v tomto fóre Nemôžete mazať svoje príspevky v tomto fóre
|
|