View file user/upload.php

World Fastest and Cheapest Hosting
Buy Cheapest Web Domains
File size: 9.16Kb 
<?php
session_start();
include('../includes/lang2.php');
include('../includes/connect.php');
if(!$userid) go($url.'/login.php');
$queryUser = mysql_query("SELECT password,disk,username FROM users WHERE id = '$userid'") or die ( mysql_error());
$info = mysql_fetch_assoc($queryUser);
mysql_free_result($queryUser);

if($rights>0) {

// Import Files
if(isset($_GET['import'])){
include_once('../includes/lang2.php');
$title = $lang["import"];
include('../includes/header.php');
echo '<div class="title"><img src="'.$url.'/images/imprt.png" alt="*"> '.$lang["import"].'</div>';
If(isset($_POST['up'])){
$pas = (strlen($_POST['pas'])>20) ? input(substr($_POST['pas'],0,20)) : input($_POST['pas']) ;
$des = (strlen($_POST['des'])>100) ? input(substr($_POST['des'],0,100)) : input($_POST['des']);
$cat = $_POST['cat'];
$code = addslashes(input($_POST['code']));
$dir = '../data/user'.$userid.'/';
$name = preg_replace('/[^a-zA-Z0-9-_\.]/i','',getWithoutPath(rm20($_POST['url'])));
$sizeall = bytetomb($size)+$info['disk'];
if(!$name){
echo '<div class="news">'.$lang["empty-url-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
} else {
$f = @fopen($_POST['url'], 'r');
if(!$f) {
echo '<div class="news">'.$lang["invalid-url-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
include('../includes/footer.php');
die();
}
$queryCat = mysql_query('SELECT * FROM file_cat WHERE id = '.$cat.'');
while($inf_cat = mysql_fetch_array($queryCat))
{ $cat_ext = strtolower($inf_cat["ext"]);
 if(!empty($cat_ext)) {
$cat_ext = explode(', ', strtolower($inf_cat['ext']));
$cat_ext2 = strtolower($inf_cat['ext']);
} else
{ $cat_ext = explode(', ', strtolower($set['file_ext']));
$cat_ext2 = strtolower($set['file_ext']);
}
}
$ext = explode(".", strtolower($name));
while($c = fread($f, 1024)) $filedata .= $c;
$cat = $_POST['cat'];
$size = strlen($filedata);
$sizeall = bytetomb($size)+$info['disk'];
fclose($f);
if($size<10){
echo '<div class="news">'.$lang["err-size-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif($sizeall>$set['upmax']){
echo '<div class="news">'.$lang["disk-limit-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif(!$cat || $cat == 0){
echo '<div class="news">'.$lang["nocat-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif(!in_array(strtolower($ext[1]), $cat_ext)) {
echo '<div class="news">'.$lang["type-invalid-msg"].': '.$cat_ext2.' <br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif(file_exists("$dir$name")){
echo $lang["file-exist-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a>';
}
elseif($code ==''|| $code != $_SESSION['security_code']){
echo '<div class="news">'.$lang["err"].'<br/>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
 else {
file_put_contents($dir.$name,$filedata);
$idff = insert('files');
mysql_query("insert into files set id = '".$idff."', name = '".$name."', catid = '".$cat."', description = '".$des."', password = '".$pas."', size = '".$size."', time = '".$time."', downloaded = '0', views = '1', userid = '".$userid."', report = '0' ");
mysql_query("update users set disk = '".$sizeall."' where id = '".$userid."'") or die( mysql_error());
mysql_query("UPDATE users SET files = files+1 WHERE id = '".$userid."'");
echo '<div class="menu">'.$lang["import-ok-msg"].'<br/>
<a href="../file.php?id='.$idff.'">'.$lang["view-file"].'</a></div>';
}
}
} else {
echo '<div class="list">
<form method="post" >';
echo $lang["url"].':<br/>
<input type="text" name="url" value="http://" size="15">
<br>'.$lang["file-cat"].':<br>
<select name="cat"><option value="0">'.$lang["select-cat"].'</option>';
$queryCat = mysql_query("SELECT * FROM file_cat order by `name` asc");
while($cat_info = mysql_fetch_array($queryCat))
{ $id = $cat_info["id"];
$name = $cat_info["name"];
echo '<option value="'.$id.'">'.$name.'</option>'; }
echo '</select>
<br>'.$lang["file-desc"].': <br>
<textarea name="des"></textarea>';
if($rights>=1){ 
echo '<br>'.$lang["file-pass"].': <br>
<input type="text" name="pas" size="15">'; }
echo '<br>'.$lang["captcha"].'<br>
<img src="../captcha.php?width=100&height=40&characters=5" alt="security code"><br>
<input type="text" name="code" value="" size="5">';
echo '<input type="submit" name="up" value="'.$lang["btn-import"].'">
</form></div>';
}
include ('../includes/footer.php');
die();
}

// upload file
if(isset($_GET['upload'])){
include_once('../includes/lang2.php');
$title = $lang["upload"];
include('../includes/header.php');
echo '<div class="title"><img src="'.$url.'/images/upl.png" alt="*"> '.$lang["upload"].'</div>';
If(isset($_POST['up'])){
$pas = (strlen($_POST['pas'])>20) ? input(substr($_POST['pas'],0,20)) : input($_POST['pas']) ;
$des = (strlen($_POST['des'])>100) ? input(substr($_POST['des'],0,100)) : input($_POST['des']);
$cat = $_POST['cat'];
$code = addslashes(input($_POST['code']));
$dir = '../data/user'.$userid.'/';
$name = preg_replace('/[^a-zA-Z0-9-_\.]/i','',$_FILES['file']['name']);
$size = $_FILES['file']['size'];
$sizeall = bytetomb($size)+$info['disk'];
$queryCat = mysql_query('SELECT * FROM file_cat WHERE id = '.$cat.'');
while($inf_cat = mysql_fetch_array($queryCat))
{ $cat_ext = strtolower($inf_cat["ext"]);
 if(!empty($cat_ext)) {
$cat_ext = strtolower(explode(', ', strtolower($inf_cat['ext'])));
$cat_ext2 = strtolower($inf_cat['ext']);
} else
{ $cat_ext = strtolower(explode(', ', $set['file_ext']));
$cat_ext2 = strtolower($set['file_ext']);
}
}
$ext = strtolower(explode(".", $name));
if(!$name) {
echo '<div class="news">'.$lang["nofiles"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif(!$cat || $cat == 0){
echo '<div class="news">'.$lang["nocat-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>'; }
elseif($size<10){
echo '<div class="news">'.$lang["err-size-msg"].'<br/>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif($size>(1048576*$set['filemax'])){
echo '<div class="news">'.$lang["toolarge"].': '.$set['filemax'].' <br:>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif(!in_array(strtolower($ext[1]), $cat_ext)) {
echo '<div class="news">'.$lang["type-invalid-msg"].': '.$cat_ext2.' <br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif($sizeall>$set['upmax']){
echo '<div class="news">'.$lang["disk-limit-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
} elseif(file_exists($dir.$name)){
echo '<div class="news">'.$lang["file-exist-msg"].'<br>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
}
elseif($code ==''|| $code != $_SESSION['security_code']){
echo '<div class="news">'.$lang["err"].'<br/>
<a href="javascript:history.go(-1)">'.$lang["back"].'</a></div>';
} else {
copy($_FILES['file']['tmp_name'],$dir.$name);
$idff = insert('files');
mysql_query("insert into files set id = '".$idff."', name = '$name', catid = '$cat', description = '$des', password = '$pas', size = '$size', time = '$time', downloaded = '0', views = '1', userid = '$userid', report = '0' ");
mysql_query("update users set disk = '$sizeall' where id = '$userid'") or die( mysql_error());
mysql_query("UPDATE users SET files = files+1 WHERE id = '$userid'");
echo '<div class="box">'.$lang["upload-ok-msg"].'<br>
<a href="/file.php?id='.$idff.'">'.$lang["view-file"].'</a></div>';
}
} else {
echo '<div class="list">
<form method="post" enctype="multipart/form-data" >';
echo $lang["choose-file"].' ('.$set['filemax'].'MB):<br>
<input type="file" name="file">
<br>'.$lang["file-cat"].':<br>
<select name="cat"><option value="0">'.$lang["select-cat"].'</option>';
$queryCat = mysql_query("SELECT * FROM file_cat order by `name` asc");
while($cat_info = mysql_fetch_array($queryCat))
{ $id = $cat_info["id"];
$name = $cat_info["name"];
echo '<option value="'.$id.'">'.$name.'</option>'; }
echo '</select>
<br>'.$lang["file-desc"].': <br><textarea name="des"></textarea>';
if($rights>=1){ 
echo '<br>'.$lang["file-pass"].': <br>
<input type="text" name="pas" size="15">'; }
echo '<br>'.$lang["captcha"].'<br>
<img src="../captcha.php?width=100&height=40&characters=5" alt="security code"><br>
<input type="text" name="code" value="" size="5">';
echo '<input type="submit" name="up" value="'.$lang["btn-upload"].'"></form></div>';
}
include ('../includes/footer.php');
die();
}

// Default
$title = $lang["upload"];
include_once('../includes/lang2.php');
include('../includes/header.php');
echo '<div class="title"><img src="'.$url.'/images/comp.png" alt="*"> '.$lang["mymenu"].'</div>
<div class="list"><img src="../images/upl.png" alt="*"> <a href="?upload">'.$lang["upload"].'</a></div>
<div class="list"><img src="../images/imprt.png" alt="*"> <a href="?import">'.$lang["import"].'</a></div>
<div class="list"><img src="../images/flz.png" alt="*"> <a href="'.$url.'/user/?files">'.$lang["myfile"].'</a> ('.mysql_result(mysql_query('SELECT COUNT(id) FROM files WHERE userid = '.$userid.''),0).')</div>';
}
else
{
// Banned Users
$title = $lang["ban-title"];
include('../includes/header.php');
include_once('../includes/lang2.php');
echo '<div class="title">'.$lang["ban-title"].'</div>
<div class="news">'.$lang["ban-msg"].'</div>';
}
include('../includes/footer.php');
?>