trygve.me/filopplasting/upload.php

<?php
session_start();
  ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);

  if(isset($_FILES['file'])) {
    $file = $_FILES['file'];

    //file properties
    $fileName = $_FILES['file']['name'];
    $file_name = $file['name'];
    $file_tmp = $file['tmp_name'];
    $file_size = $file['size'];
    $file_error = $file['error'];
    $fileError = $_FILES['file']['error'];
    $fileNewName = $fileName;

    $file_destination = 'filer/' . $file_name;

    $fileExt = explode('.', $fileName);
    $fileActualExt = strtolower(end($fileExt));

    $banned = array('php', 'js', 'php5', 'pht', 'phtml', 'shtml', 'asa', 'cer', 'asax', 'swf');
    $allowed = array('zip', 'gz', 'tar', 'png', 'jpg', 'bmp', 'html', 'htm');

    //if(in_array($fileActualExt, $banned))
    //{
      //$fileError = 2;
    //}

    foreach ($banned as $url) {
        if (strpos($fileActualExt, $url) !== FALSE) {
            $fileError = 2;
        }
    }

    if ($file_name === 'index.htm' || $file_name === 'index.html') {
        $fileError = 2;
    }

//      require "fileLogger.php";


    if($fileError == 0) 
    {
      if(move_uploaded_file($file_tmp, $file_destination))
      {
        $path = 'https://trygve.me/filopplasting/' . $file_destination;
        $filLink = '<a href=" ' . $path . '" class="alert-link">' . $path . '</a>';
        //echo $fillink;()
        $buttonData = 'Filen ble lastet opp! <a href="' . $filLink . '" class="btn btn-info">Kopier lenke</a>';
        $_SESSION['linkData'] = 'Filen ble lastet opp! ' . $filLink;
        $_SESSION['link'] = $path;
        $_SESSION['fileupload-response'] = 'success';
      }
    }
    elseif($fileError === 2)
    {
      $_SESSION['fileupload-response'] = 'banned';
    }
    else
    {
      $_SESSION['fileupload-response'] = 'failed';
    }
}

header("location:../filopplasting");
?>