if (is_file(TEMP_PATH . DS . $infos[0] . $i)) { unlink(TEMP_PATH . DS . $infos[0] . $i); } } unlink(TEMP_PATH . DS . $guid); } } else { //remove file if ($file = uploadHelper::getVar('r')) { if (is_file($file = uploadHelper::decrypt($file))) { //$file = realpath($file); if (is_file(TEMP_PATH . DS . basename($file))) { unlink($file); } //remove file if ($guid = uploadHelper::getVar('guid')) { if (preg_match('/[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}/', $guid) && is_file(TEMP_PATH . DS . $guid)) { //remove chunks $infos = file(TEMP_PATH . DS . $guid); $infos[0] = trim($infos[0]); for ($i = 0; $i < $infos[1]; $i++) { if (is_file(TEMP_PATH . DS . $infos[0] . $i)) { unlink(TEMP_PATH . DS . $infos[0] . $i); } } unlink(TEMP_PATH . DS . $guid); } } } } }
<?php /** * @package mycms * @copyright bela, http://tbela.net/ * * cms upload handler, cross-browser ajax file upload * feel free to use and/or modify */ defined('_JEXEC') or die('Acces denied'); header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date du passé parse_str($_SERVER['QUERY_STRING'], $match); if (is_file($file = uploadHelper::decrypt(array_shift(array_keys($match))))) { if (realpath($file) == TEMP_PATH . DS . basename($file)) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment;filename="' . uploadHelper::safe_name(uploadHelper::getVar('filename', basename($file))) . '"'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } } header('HTTP/1.0 404 Not Found'); exit;
/** * @package mycms * @copyright bela, http://tbela.net/ * * cms upload handler, cross-browser ajax file upload * feel free to use and/or modify */ defined('_JEXEC') or die('Acces denied'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $filename = uploadHelper::create_filename(basename($headers['Filename']), TEMP_PATH); $path = uploadHelper::encrypt($filename); file_put_contents($filename, file_get_contents('php://input')); $size = filesize($filename); $self = basename($_SERVER['PHP_SELF']); header('Content-Type: application/x-json'); echo json_encode(array('file' => basename($headers['Filename']), 'path' => $path, 'size' => $size, 'remove' => $self . '?r=' . urlencode($path))); if ($size == 0) { unlink($filename); } //remove file } else { if ($file = uploadHelper::getVar('r')) { if (is_file($file = uploadHelper::decrypt($file))) { $file = realpath($file); if (is_file(TEMP_PATH . DS . basename($file))) { unlink($file); } } } }