70 lines
1.8 KiB
PHP
Executable File
70 lines
1.8 KiB
PHP
Executable File
<?php
|
|
session_start();
|
|
ini_set('display_errors', '1');
|
|
ini_set('display_startup_errors', '1');
|
|
|
|
$public_url = 'https://filer.trygve.net/';
|
|
|
|
if(isset($_FILES['file'])) {
|
|
$file = $_FILES['file'];
|
|
$fileName = $_FILES['file']['name'];
|
|
$file_name = $file['name'];
|
|
$file_tmp = $file['tmp_name'];
|
|
$file_size = $file['size'];
|
|
$file_error = $file['error'];
|
|
$fileError = $_FILES['file']['error'];
|
|
$_SESSION['filename'] = $fileName;
|
|
|
|
|
|
$fileExt = explode('.', $fileName);
|
|
$fileActualExt = strtolower(end($fileExt));
|
|
|
|
$banned = array('php', 'js', 'php5', 'pht', 'phtml', 'shtml', 'asa', 'cer', 'asax', 'swf');
|
|
$allowed = array('zip', 'gz', 'tar', 'png', 'jpg', 'bmp', 'html', 'htm');
|
|
|
|
foreach ($banned as $url) {
|
|
if (strpos($fileActualExt, $url) !== FALSE) {
|
|
$fileError = 2;
|
|
}
|
|
}
|
|
|
|
if ($file_name === 'index.htm' || $file_name === 'index.html') {
|
|
$fileError = 2;
|
|
}
|
|
|
|
if (!empty($_POST['new_filename'])) {
|
|
$file_name = $_POST['new_filename'] . '.' .$fileActualExt;
|
|
}
|
|
|
|
if ($_POST['public'] == True) {
|
|
$file_destination = 'offentlig/' . $file_name;
|
|
}
|
|
else {
|
|
$file_destination = 'privat/' . $file_name;
|
|
}
|
|
|
|
if($fileError == 0)
|
|
{
|
|
if(move_uploaded_file($file_tmp, $file_destination))
|
|
{
|
|
$path = $public_url . $file_destination;
|
|
$filLink = '<a href=" ' . $path . '">' . $path . '</a>';
|
|
$buttonData = 'Filen ble lastet opp! <a href="' . $filLink . '" class="btn btn-info">Kopier lenke</a>';
|
|
$_SESSION['linkData'] = 'Filen ble lastet opp! ' . $filLink;
|
|
$_SESSION['link'] = $path;
|
|
$_SESSION['fileupload-response'] = 'success';
|
|
}
|
|
}
|
|
elseif($fileError === 2)
|
|
{
|
|
$_SESSION['fileupload-response'] = 'banned';
|
|
}
|
|
else
|
|
{
|
|
$_SESSION['fileupload-response'] = 'failed';
|
|
}
|
|
}
|
|
|
|
header("location:/");
|
|
?>
|