<?php
include("config.php");
include("core.php");
connectdb();
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$uid = getuid_sid($sid);
$desc = $_POST['desc'];
$upload = $_POST['upload'];
$superdat = $_FILES['superdat']['tmp_name'];
$superdat_name=$_FILES['superdat']['name'];
$superdat_size=$_FILES['superdat']['size'];
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
echo("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD XHTML Mobile 1.0//EN\"". " \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";
?>
<head>
<title>File Uploader</title>
<meta forua="true" http-equiv="Cache-Control" content="no-cache"/>
<meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/>
</head>
<body>
<?php
if((islogged($sid)==false)||($uid==0))
{
boxstart("Error!");
echo "<center><img src=\"images/notok.gif\" alt=\"\"/><small>You are not logged in<br/>";
echo "or your session has expired.<br/><br/>";
echo "
<form action=\"login.php\" method=\"get\">
<img src=\"images/user.gif\" alt=\"\"/>Enter username:<br/>
<input id=\"inputText\" name=\"loguid\" maxlength=\"30\"/><br/>
<img src=\"images/pass.gif\" alt=\"\"/>Enter password:<br/>
<input id=\"inputText\" type=\"password\" format=\"*x\" name=\"logpwd\" maxlength=\"30\"/><br/>
<input id=\"inputButton\" type=\"submit\" value=\"Login\"/><br/>
</form>
<br/><br/><img src=\"images/register.gif\" alt=\"\"/><a href=\"register.php\">Register</a>
<br/><img src=\"images/home.gif\" alt=\"\"/><a href=\"index.php\">Home</a>
</small></center></div></div></body></html>";
exit();
}
if(isbanned($uid))
{
boxstart("Error!");
echo "<small><p align=\"center\"><img src=\"images/notok.gif\" alt=\"\"/>
You have been <b>BANNED!</b><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
$remain = $banto[0] - time();
$rmsg = gettimemsg($remain);
echo "Ban Reason: ".$banres[0]." <br/>You can login again after ".$rmsg."
</p></small></div></div>
</body>
</html>";
exit();
}
("Upload a File");
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "<small><p>";
addonline(getuid_sid($sid),"Uploading a file at File Exchange","");
if ($upload="upload"&&$superdat_name){
if (!eregi("\.(mid|gif|bmp|midi|3gp|mp3|wav|jar|jad|m4a|jpeg|mpg|mpeg|sis|mmf|thm|amr|png|wbmp|mp4|avi)$",$superdat_name)){
print "<b>Unsupported File Extention! Supported types are mid, gif, bmp, midi, 3gp, mp3, wav, jar, jad, jpeg, jpg, sis, mmf, amr, dat, mpg, png, wbmp, mp4, avi</b>";
}else{
$superdat_name = preg_replace(
'/[^a-zA-Z0-9\.\$\%\'\`\-\@\{\}\~\!\#\(\)\&\_\^]/'
,'',str_replace(array(' ','%20',"'"),array('_','_', ""),$superdat_name));
if(strlen($superdat_name)>53){ print "<b>File Name Is Too Long!</b>";
}else{
if (empty($superdat)) {
print "<b>No input file specified!!!</b>";
}else{
$indiatime = time() + (12.5 * 60 * 60);
$date=date("l, FdS, Y", $indiatime)." ".date("h:i:s A", $indiatime);
$fsize=round($superdat_size/1024,1);
$exi1 = mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM ibwf_uploads WHERE filename='".$superdat_name."' AND filesize='".$fsize." KB'"));
if($exi1[0]>0){
print "<b>File already exists with same name and file size!!!</b>";
exit();
}
else{
$exi2 = mysql_fetch_array(mysql_query("SELECT COUNT(id), MAX(id) FROM ibwf_uploads WHERE filename='".$superdat_name."' AND filesize!='".$fsize." KB'"));
if($exi2[0]>0){
$superdat_name="1".$superdat_name;
$flag1="<br/>Filename already existed but file didnt match so it was renamed and prefixed witha 1";
}
}
echo mysql_error();
$ext = explode(".", strrev($superdat_name));
switch(strtolower($ext[0])){
case "dim":
$type="audio";
break;
case "idim":
$type="audio";
break;
case "3pm":
$type="audio";
break;
case "vaw":
$type="audio";
break;
case "fmm":
$type="audio";
break;
case "rma":
$type="audio";
break;
case "a4m":
$type="audio";
break;
case "fig":
$type="image";
break;
case "gnp":
$type="image";
break;
case "gpj":
$type="image";
break;
case "gepj":
$type="image";
break;
case "pmb":
$type="image";
break;
case "pmbw":
$type="image";
break;
case "pg3":
$type="video";
break;
case "iva":
$type="video";
break;
case "4pm":
$type="video";
break;
case "gpm":
$type="video";
break;
case "gepm":
$type="video";
break;
case "cod":
$type="document";
break;
case "ftr":
$type="document";
break;
case "txt":
$type="document";
break;
case "fdp":
$type="document";
break;
case "piz":
$type="archive";
break;
case "z7":
$type="archive";
break;
case "rar":
$type="archive";
break;
case "raj":
$type="apps";
break;
case "daj":
$type="apps";
break;
case "sis":
$type="apps";
break;
case "xsis":
$type="apps";
break;
case "exe":
$type="apps";
break;
case "htn":
$type="apps";
break;
case "mht":
$type="apps";
break;
}
move_uploaded_file("$superdat", "$ucdir/$superdat_name") or
die("Couldn't copy file.");
$mysql=mysql_query("INSERT INTO ibwf_uploads SET id='', uid='".$uid."', mime='".$type."', filename='".$superdat_name."', filesize='".$fsize." KB', description='".$desc."', date='".$date."', device='".$HTTP_USER_AGENT."', number='".$HTTP_MSISDN.$HTTP_X_MSISDN.$HTTP_X_NOKIA_MSISDN.$HTTP_X_NETWORK_INFO."', uip='".$REMOTE_ADDR."'");
$upplsel=mysql_fetch_array(mysql_query("SELECT plusses from ibwf_users WHERE id='".$uid."'"));
$afuppl=$upplsel[0]+10;
mysql_query("UPDATE ibwf_users SET plusses='".$afuppl."' WHERE id='".$uid."'");
echo "<b>$superdat_name</b> has successfully been uploaded to the Uploads Center!$flag1";
}
}
}
}
?>
<?php
echo "<form align=\"center\" action=\"upload1.php?sid=$sid\" method=\"post\" enctype=\"multipart/form-data\">";
?><b>Read Site Rules before uploading a file<b/><br/>
Upload file size limit is 2MB<br/><br/>
<b>File description(Maximum 500 chars):</b><br/>
<input id="inputText" align="center" type="text" name="desc" maxlength="500"/><br/>
<b>Select file to be uploaded :</b><br/>
<input id="inputText" align="center" type="file" name="superdat"/><br/>
<input id="inputText" align="center" type="hidden" name="upload" value="upload"/>
<input id="inputButton" align="center" type="submit" name="submit" value="Upload"/><br/><br/> <b><u>You can upload files with the following extentions:</u></b><br/>
Audio: mid, midi, mp3, wav, mmf, amr<br/>Image: gif, bmp, jpeg, jpg, png, wbmp<br/>Video: 3gp, mpg, avi, mp4 <br/>
Applications: jar, jad, sis, sisx, thm<br/>
<hr/>
<?php
echo "<br/><a href=\"share.php?sid=$sid\">Browse uploaded files</a>";
?>
</form>
<?php
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
?>
</p></small>
</body></html>