Example #1
0
//Upload Directory, ends with slash & make sure folder exist
// replace with your mysql database details
include "../config/prop.php";
$u = mysql_query("SELECT * FROM `Empresa` WHERE `idEmpresa`='" . $_SESSION['idEmpresa'] . "'") or die(mysql_error());
$user = mysql_fetch_array($u);
if (!@file_exists($UploadDirectory)) {
    die("Make sure Upload directory exist!");
}
if ($_POST) {
    if (!isset($_FILES['mFile'])) {
        //required variables are empty
        die("<div id='divisor3'>Casilla de la imagen vacia.</div>");
    }
    if ($_FILES['mFile']['error']) {
        //File upload error encountered
        die(upload_errors($_FILES['mFile']['error']));
    }
    $FileName = strtolower($_FILES['mFile']['name']);
    //uploaded file name
    $FileTitle = $_SESSION['nick'];
    // file title
    $ImageExt = substr($FileName, strrpos($FileName, '.'));
    //file extension
    $FileType = $_FILES['mFile']['type'];
    //file type
    $FileSize = $_FILES['mFile']["size"];
    //file size
    $RandNumber = rand(0, 9999999999.0);
    //Random number to make each filename unique.
    $uploaded_date = date("Y-m-d H:i:s");
    switch (strtolower($FileType)) {
    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
    FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
    IN THE SOFTWARE.
*/
//Upload Directory, ends with slash
$uploadDirectory = 'uploads/';
if (!isset($_FILES['file1'])) {
    die("File is empty!");
}
if ($_FILES['file1']['error']) {
    die(upload_errors($_FILES['file1']['error']));
}
//uploaded file name, extension, type, size and a random number
$filename = strtolower($_FILES['file1']['name']);
$fileBase = substr($filename, 0, strrpos($filename, '.'));
$fileExt = substr($filename, strrpos($filename, '.'));
$fileType = $_FILES['file1']['type'];
$fileSize = $_FILES['file1']["size"];
$randomNumber = rand(0, 9999999999.0);
switch (strtolower($fileType)) {
    //allowed file types
    case 'image/png':
    case 'image/gif':
    case 'image/jpeg':
    case 'application/pdf':
    case 'application/msword':
Example #3
0
    die;
}
$result = mysql_query("SELECT * FROM users WHERE user_id=" . current_user_id());
$userdata = mysql_fetch_assoc($result);
$sid = session_id();
$local_key = sha1($sid . $userdata['activation_code'] . $userdata['email']);
if ($local_key != $_POST['submit_key']) {
    die('Bad submission key found.');
}
// Uncomment the following line to turn off new submissions.
$errors[] = "Nuh-uh. The contest is over. No more submissions.";
if (count($errors) == 0) {
    if (has_recent_submission()) {
        $errors[] = "Sorry your last submission was too recent.";
    } else {
        $errors = upload_errors($errors);
    }
}
if (count($errors) == 0) {
    if (!setup_submission_directory($submission_directory)) {
        $errors[] = "Problem while creating submission directory.";
    }
}
if (count($errors) == 0) {
    $destination_folder = $submission_directory . current_submission_id();
    $filename = basename($_FILES['uploadedfile']['name']);
    if (ends_with($filename, ".zip")) {
        $filename = "entry.zip";
    }
    if (ends_with($filename, ".tar.gz")) {
        $filename = "entry.tar.gz";