<?php
define('WCS',true);
include('../core/main.inc');
header_type();
cleardata();
if(ipbanned(ip(),browser())){
if(!shield(getuid_sid($sid))){
echo head_tag("Ip Blocked!!!",0,0);
echo ipbanned_msg();
echo foot_tag();
exit();
}
}
if(!islogged($sid)){
echo head_tag("Error!!!",0,0);
echo session_expired();
echo foot_tag();
exit();
}
if(banned(getuid_sid($sid))){
echo head_tag("Error!!!",1,getnick_sid($sid));
echo banned_msg($sid);
echo foot_tag();
exit();
}
mysql_query("UPDATE users SET browser='".browser()."', ipaddress='".ip()."', host='".subno()."' WHERE id='".getuid_sid($sid)."'");
/////////////////////////////UPLOAD/////////////////////////////
addonline(getuid_sid($sid),"Upload Files","");
echo head_tag(getnick_sid($sid)."@Upload Files",1,getnick_sid($sid));
$title="<u><i><b>Upload Files</b></i></u><br/>";
$main="<p align=".align().">\n";
$size_bytes=10485760;
$main.="Max <b>".round($size_bytes/1048576,1)."</b> Mb
</p>
<div class=".align().">
<form method=\"post\" enctype=\"multipart/form-data\" action=\"./upload.php?upload=yes&sid=$sid\">
<b>Description:</b><br/>
<input name=\"description\" maxlength=\"100\" value=\"\"/><br/>
<b>Category:</b><br/>
<select name=\"cat\">\n";
$items=mysql_query("SELECT id, name FROM download_categories");
while($item=mysql_fetch_array($items)){
$main.="<option value=\"".$item[0]."\">$item[1]</option>\n";
}
$main.="</select><br/>
<b>File:</b><br/>
<input type=\"file\" name=\"filetoupload\"/><br>
<input type=\"submit\" name=\"uploadform\" value=\"Upload\"/>
</form>
</div>
<p align=".align().">\n";
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png",".mid",".mp3",".wma",".amr",".sis",".thm",".sisx",".jar",".jad",".3gp",".mp4",".avi",".mov",".wmv",".mpg",".mpeg");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
if($upload=="yes"){
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
$main.="<img src=\"../images/error.gif\" alt=\"[x]\"/>No file selected!<br/>\n";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
$main.="<img src=\"../images/error.gif\" alt=\"[x]\"/>Invalid file type!<br/>\n";
}
else if($file_size>$size_bytes){
$main.="<img src=\"../images/error.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>\n";
}
else if(file_exists("./$file_name")){
$main.="<img src=\"../images/error.gif\" alt=\"[x]\"/>Filename already exists!<br/>\n";
}
else if(file_exists("./".getnick_sid($sid)."(5)".$ext)){
$main.="<img src=\"../images/error.gif\" alt=\"[x]\"/><br/><b>Error!!!</b><br/>5 pics hav already been uploaded...<br/>\n";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
mysql_query("INSERT INTO download_files SET uid='".getuid_sid($sid)."', filename='".$filename[0]."', path='http://".$_SERVER['SERVER_NAME']."/downloads/".$file_name2."', description='".$description."', category='".$cat."', active='0', date='".time()."'");
//move_uploaded_file($file_tmp, "./$file_name2");
move_uploaded_file($file_tmp, "./".md5($filename[0]).$ext);
$main.="$file_name2<br/>
successfully uploaded!<br/>\n";
}
else{
$main.="<img src=\"../images/error.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>\n";
}
}
$main.="$fivekey<a $key5 href=\"./downloads.php?sid=$sid\">Back</a>
</p>\n";
$L1="$sixkey<a $key6 href=\"../inbox/inbox.php?sid=$sid\">Inbox</a>";
$L2="$sevenkey<a $key7 href=\"../buds/buds.php?sid=$sid\">BuddyList</a>";
$L3="$eightkey<a $key8 href=\"../chat/public.php?sid=$sid\">Chat</a>";
$L4="$ninekey<a $key9 href=\"../forums/forums.php?sid=$sid\">Forums</a>";
$L5="$zerokey<a $key0 href=\"../main.php?sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo xhtml($sid,$title,1,$L1,$L2,$L3,$L4,$L5,0,0,0,$main);
echo foot_tag();
?>