File "upload.php"
Full Path: /home/analogde/www/filetypes/upload.php
File size: 4.72 KB
MIME-type: text/x-php
Charset: utf-8
<?php
/***************************************************************
* Copyright notice
*
* (c) 2003-2004 Tobias Bender (tobias@phpXplorer.org)
* All rights reserved
*
* This script is part of the phpXplorer project. The phpXplorer project is
* free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* The GNU General Public License can be found at
* http://www.gnu.org/copyleft/gpl.html.
* A copy is found in the textfile GPL.txt distributed with these scripts.
*
* This script is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* This copyright notice MUST APPEAR in all copies of the script!
***************************************************************/
require(dirname(__FILE__) . "/defaultActionHead.php");
if(isset($HTTP_POST_FILES['newFile']['name'])){
$fileName = $HTTP_POST_FILES['newFile']['name'];
}else{
$fileName = "";
}
$submitAction = getRequestVar("submitAction");
$submitOverwrite = getRequestVar("submitOverwrite");
# check for url manipulation
if(!(strpos($fileName, "..") === FALSE))
die($PXP_languages[$PXP_language]['accessDenied'] . " (804)");
$pInfo = checkFilePermissions($fileName);
if(!$pInfo["allowOpen"] or !$pInfo["allowEdit"])
die($PXP_languages[$PXP_language]["accessDenied"] . " (809)");
if($submitAction != ""){
$bCreateFile = false;
if(file_exists($currentDir . "/" . $fileName)){
if($submitOverwrite == "true"){
$bCreateFile = true;
}else{
$error = $PXP_languages[$PXP_language]["fileExists"] . "!";
}
}else{
$bCreateFile = true;
}
if($bCreateFile){
if(!copy($HTTP_POST_FILES['newFile']['tmp_name'], $currentDir . "/" . $fileName))
$error = $PXP_languages[$PXP_language]["canNotCreateFile"] . "!";
}
}
?>
<html>
<head>
<title><?php echo $PXP_languages[$PXP_language]['uploadFile'] ?></title>
<style type="text/css">
<!--
-->
</style>
<link rel="stylesheet" type="text/css" href="<?php echo $PXP_url ?>/styles/<?php echo $PXP_style ?>/main.css"/>
<script language="JavaScript" type="text/javascript">
<!--
function validate(){
var f = document.frm1
if(f.newFile.value == ""){
alert("<?php echo $PXP_languages[$PXP_language]['pleaseInsertValue'] ?>")
f.newFile.focus()
return false
}
return true
}
function send(a){
if(!validate())
return false
switchButton()
var f = document.frm1
f.submitAction.value = a
f.submit()
}
function switchButton(){
var f = document.frm1
f.btnUpload.disabled = !f.btnUpload.disabled
f.btnUploadAndExit.disabled = !f.btnUploadAndExit.disabled
f.btnCancel.disabled = !f.btnCancel.disabled
}
function init(){
document.body.style.overflow = 'hidden'
<?php
switch($submitAction){
case "upload":
if(!isset($error))
echo "opener.refreshDir()\r\n";
break;
case "uploadAndExit":
if(!isset($error)){
echo "opener.refreshDir()\r\n";
echo "window.close()\r\n";
}
break;
}
echo "window.resizeTo(550,240)\r\n";
echo "document.frm1.newFile.focus()\r\n";
?>
}
//-->
</script>
</head>
<body onLoad="init()">
<form name="frm1" action="./upload.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="currentDir" value="<?php echo $currentDir ?>">
<input type="hidden" name="shareId" value="<?php echo $shareId ?>">
<input type="hidden" name="submitAction" value="<?php echo $submitAction ?>">
<?php
if(isset($error))
echo '<span class="error">' . $error . '</span>';
?>
<table style="width:100%"><tr><td>
<table border="1" rules="none" cellspacing="0" bordercolor="#EEEEEE" style="width:100%">
<tr><td class="caption"><?php echo $PXP_languages[$PXP_language]['uploadFile'] ?></td></tr>
<tr><td>
<table style="width:100%">
<tr>
<td> <?php echo $PXP_languages[$PXP_language]['file'] ?> </td>
<td> <input type="file" name="newFile" size="30"> </td>
</tr>
<tr>
<td> </td>
<td><input type="checkbox" name="submitOverwrite" value="true"> <?php echo $PXP_languages[$PXP_language]["overwrite"] ?></td>
</tr>
</table>
</td></tr></table>
</td></tr><tr><td align="right">
<input type="button" name="btnUpload" onClick="send('upload')" value="<?php echo $PXP_languages[$PXP_language]['upload'] ?>">
<input type="button" name="btnUploadAndExit" onClick="send('uploadAndExit')" value="<?php echo $PXP_languages[$PXP_language]['uploadAndExit'] ?>">
<input type="button" name="btnCancel" onClick="window.close()" value="<?php echo $PXP_languages[$PXP_language]['cancel'] ?>">
</td></tr></table>
</form>
</body>
</html>