<br><input type="file" name="files[]" style="width:170px;"> <br><input type="file" name="files[]" style="width:170px;"> <br><input type="file" name="files[]" style="width:170px;"> <br><input type="file" name="files[]" style="width:170px;"> <br><input type="file" name="files[]" style="width:170px;"> <br><input type="file" name="files[]" style="width:170px;"> <br><input type="file" name="files[]" style="width:170px;"> <br><input type="file" name="files[]" style="width:170px;"> <br><br>Notice: The maximum filesize for upload - <b>'.show_size(false,true,return_bytes(ini_get('upload_max_filesize'))).'</b>.<br> <br><input type="submit" value="upload"> </form>'); }else { $nomain=false; $success = upload_files(); if($success) light_message('Files were successfully uploaded to server'); else light_message('There were some errors while uploading.'); } break; case 'upload-new': case 'download-new': if( ($mess=update_dolphin('light_message')) !== NEED_UPLOAD && $mess === true) { light_message('Update completed successfully.'); }else if( $mess === NEED_UPLOAD ) { light_message('<form action="index.php?act=upload-new" method="POST" enctype="multipart/form-data"> To upload new version of '.SNAME.', you need to <a href="'.MASTER_SITE.'/files/dolphin-current.zip">download the latest version of '.SNAME.'</a> and upload it here. All required operations will be done automatically.
$action = "unknown"; } else { $action = $_GET["action"]; } switch ($action) { case "showposition": downfile($info["gdir"] . "/position.txt"); break; case "showreadme": downfile($info["gdir"] . "/readme.txt"); break; case "showsynonim": downfile($info["gdir"] . "/synonim.txt"); break; case "update": upload_files($info); header("Location: genome.php?action=menu&id=" . $info["gid"]); break; case "delete": delete_genome($info); clus_head(); show_menu(); echo "Genome number " . $info["gid"] . " with code " . $info["gcode"]; echo " deleted<br />"; echo "<a href=\"..\">"; echo "Go to main page</a>"; clus_end(); break; case "menu": clus_head(); show_menu();
} $i++; } echo "<success/>\n </upload_files>\n "; } if (0) { $r = simplexml_load_string("<query_files>\n<batch_id>0</batch_id>\n <md5>80bf244b43fb5d39541ea7011883b7e0</md5>\n <md5>a6037b05afb05f36e6a85a7c5138cbc1</md5>\n</query_files>\n "); submit_batch($r); exit; } if (0) { $r = simplexml_load_string("<upload_files>\n<authenticator>157f96a018b0b2f2b466e2ce3c7f54db</authenticator>\n<batch_id>1</batch_id>\n<md5>80bf244b43fb5d39541ea7011883b7e0</md5>\n<md5>a6037b05afb05f36e6a85a7c5138cbc1</md5>\n</upload_files>"); upload_files($r); exit; } xml_header(); $req = $_POST['request']; $r = simplexml_load_string($req); if (!$r) { xml_error(-1, "can't parse request message: {$req}", __FILE__, __LINE__); } switch ($r->getName()) { case 'query_files': query_files($r); break; case 'upload_files': upload_files($r); break; default: xml_error(-1, "no such action"); }
function ftp_sync_callback($data) { global $ftpHost, $ftpPort, $ftpUser, $ftpPass, $activeMode, $local_media_dir, $remote_media_dir, $local_theme_dir, $remote_theme_dir, $local_plugin_dir, $remote_plugin_dir; // start session session_start(); $type = sanitize_text_field($_POST['type']); switch ($type) { case "theme": $name = "Theme"; $local_dir = $local_theme_dir; $remote_dir = $remote_theme_dir; break; case "media": $name = "Media"; $local_dir = $local_media_dir; $remote_dir = $remote_media_dir; break; case "plugin": $name = "Plugin"; $local_dir = $local_plugin_dir; $remote_dir = $remote_plugin_dir; break; default: break; } $step = sanitize_text_field($_POST['step']); switch ($step) { case 1: $html = "<p><strong>{$name} Files</strong></p>Testing FTP Connection... "; $step++; break; case 2: $result = get_ftp_connection($ftpHost, $ftpPort, $ftpUser, $ftpPass, $activeMode, true); $html = $result[1]; if ($result[0]) { $step++; } else { $step = false; } break; case 3: $html = "Verifying remote {$type} directory... "; $step++; break; case 4: $verified = verify_remote_dir($remote_dir); if ($verified) { $html = "OK<br/>"; $step++; $step = 7; } else { $html = "<br/>ERROR: <strong>{$remote_dir}</strong> does not exist on the server<br/>"; $step = false; } break; case 5: // this is being skipped for now $html = "Syncing Timezones... "; $step++; break; case 6: // this is being skipped for now $ftp = get_ftp_connection($ftpHost, $ftpPort, $ftpUser, $ftpPass, $activeMode, false); $html = sync_timezones($ftp, $local_dir, $remote_dir); ftp_close($ftp); $step++; break; case 7: $html = "Scanning local {$type} files... "; $step++; break; case 8: $html = scan_local_files($local_dir . "/"); $step++; break; case 9: $html = "Scanning remote {$type} files... "; $step++; break; case 10: $ftp = get_ftp_connection($ftpHost, $ftpPort, $ftpUser, $ftpPass, $activeMode, false); $html = scan_remote_files($ftp, $remote_dir); ftp_close($ftp); $step++; break; case 11: $html = "Comparing {$type} files... "; $step++; break; case 12: $html = compare_files($local_dir, $remote_dir); $step++; break; case 13: $local_files = $_SESSION['local_files_to_upload']; if ($local_files) { $total = 0; foreach ($local_files as $file) { $total += filesize($file); } $html = "Uploading " . ceil(count($local_files)) . " newer {$type} files (" . round($total / 1024 / 1024, 2) . " MB)... \r\n\t\t\t\t\t<span id='upload'>(est. <span>\r\n\t\t\t\t\t\t<script type='text/javascript'>\r\n\t\t\t\t\t\t\tvar sec = " . ceil($total / 1024 / 15) . "\r\n\t\t\t\t\t\t\tvar timer = setInterval(function() { \r\n\t\t\t\t\t\t\t jQuery('#upload span').text(sec--);\r\n\t\t\t\t\t\t\t if (sec === -1) {\r\n\t\t\t\t\t\t\t clearInterval(timer);\r\n\t\t\t\t\t\t\t } \r\n\t\t\t\t\t\t\t}, 1000);\r\n\t\t\t\t\t\t</script>\r\n\t\t\t\t\t</span> seconds)... </span> "; $step++; } else { $html = "No local {$type} files to upload.<br/>"; $step = 15; } break; case 14: $local_files = $_SESSION['local_files_to_upload']; $ftp = get_ftp_connection($ftpHost, $ftpPort, $ftpUser, $ftpPass, $activeMode, false); $html = upload_files($ftp, $remote_dir, $local_dir, $local_files, $activeMode); ftp_close($ftp); $html = "OK<br/>"; $step++; break; case 15: $html = "<script type='text/javascript'>jQuery('#upload').fadeOut('fast');</script>"; $remote_files = $_SESSION['remote_files_to_download']; if ($remote_files) { $total = 0; $ftp = get_ftp_connection($ftpHost, $ftpPort, $ftpUser, $ftpPass, $activeMode, false); foreach ($remote_files as $file) { $total += ftp_size($ftp, $file); } ftp_close($ftp); $html .= "Downloading " . ceil(count($remote_files)) . " newer {$type} files (" . round($total / 1024 / 1024, 2) . " MB)... \r\n\t\t\t\t\t<span id='download'>(est. <span>\r\n\t\t\t\t\t\t<script type='text/javascript'>\r\n\t\t\t\t\t\t\tvar sec2 = " . ceil($total / 1024 / 64) . "\r\n\t\t\t\t\t\t\tvar timer2 = setInterval(function() { \r\n\t\t\t\t\t\t\t jQuery('#download span').text(sec2--);\r\n\t\t\t\t\t\t\t if (sec2 === -1) {\r\n\t\t\t\t\t\t\t clearInterval(timer2);\r\n\t\t\t\t\t\t\t } \r\n\t\t\t\t\t\t\t}, 1000);\r\n\t\t\t\t\t\t</script>\r\n\t\t\t\t\t</span> seconds)... </span> "; $step++; } else { $html .= "No remote {$type} files to download.<br/>"; $step = 17; // all done } break; case 16: $remote_files = $_SESSION['remote_files_to_download']; $local_dir_fixed = str_replace('/', '\\', $local_dir); // correct slashes in localRoot $ftp = get_ftp_connection($ftpHost, $ftpPort, $ftpUser, $ftpPass, $activeMode, false); $html = download($ftp, $remote_dir, $local_dir, $remote_files, $activeMode); ftp_close($ftp); $html = "OK<br/>"; $step++; break; case 17: $html = "<script type='text/javascript'>jQuery('#download').fadeOut('fast');</script>"; $step++; break; default: $_SESSION = array(); // get rid of all session data for next sync $step = false; break; } echo json_encode(array('step' => $step, 'html' => $html, 'type' => $type)); die; // this is required to return a proper result }
/** * update_dolphin is a system function for Dolphin.php . You need to specify the function to print errors, if they happen. update_dolphin requires $_REQUEST['act'] to be set to 'upload-new' or 'download-new', and returns NEED_UPLOAD if it needs to show the upload form (it happens if it cannot download the archive from site). The upload form must contain an input field with name "files[]". If all is ok, returns TRUE, otherwise returns string, containing error description or special NEED_UPLOAD. You need to check for TRUE using === operator. * * @param string $print_err_func * @return mixed */ function update_dolphin($print_err_func) { if(IS_DEVELOPER) return 'This operation is not permitted for you'; ini_set('display_errors', 'On'); /* disable attempts to download the archive with Dolphin.php by itself */ if(!CAN_SELFUPDATE) $_REQUEST['act'] = 'upload-new'; $tmp =get_tmp_dir(); if(!$tmp) return 'No suitable temp directory found'; $tmp = abs_path($tmp); $root = abs_path(ROOT); if(!$tmp || $tmp == $root || substr($tmp, 0, strlen($root)) == $root) { /* TODO: write normal answer if $tmp is ROOT or subdirectory of ROOT */ return 'Update is impossible. '.reason(); } chdir($tmp); if(empty($_FILES['files']) && $_REQUEST['act']!='download-new') { return NEED_UPLOAD; } if($_REQUEST['act']!='download-new') upload_files($tmp); else { $build = file_get_contents(MASTER_SITE.'files/dolphin-build.txt'); $errtext = 'It seems that your server does not allow outgoing connections for PHP scripts, or '.MASTER_SITE.' is down. Try to upload archive with '.SNAME.' manually.'; if(!$build) return NEED_UPLOAD; if(BUILD >= $build) return 'Your build is up-to-date'; $dolphin = file_get_contents(MASTER_SITE.'files/dolphin-current.zip'); if(!$dolphin) return NEED_UPLOAD; if(!d_file_put_contents($tmp.'/dolphin-current.zip', $dolphin)) return 'Cannot write '.show_file($tmp.'/dolphin-current.zip','file').' ('.$tmp.'/dolphin-current.zip).'.reason(); } $f = $tmp.'/dolphin-current.zip'; if(!file_exists($f)) return '<b>dolphin-current.zip</b> was not found'; d_copy(ROOT.'/config.php',$cfg_old=$tmp.'/dolphin_config.php'); require_once(ROOT.'/system/libs/pclzip.php'); umask(0); /* note, that we check if extracting is possible _before_ deleting ROOT */ $e=new PclZip($f); //echo '<!--'; //echo 'file: '.$f.'<br>'; // some hosters require PHP files and folders with PHP scripts to have special rights, so we need to // save rights for some essensial files $tochmod = array('','system','index.php','system/download.php','system/preview.php'); $rights = array(); foreach($tochmod as $v) $rights[ROOT.'/'.$v] = get_rights(ROOT.'/'.$v); d_remove(ROOT); //echo 'Removed ROOT.<br>'; d_mkdir(ROOT,777); setwritable(ROOT); //echo 'Created ROOT.<br>'; //echo 'ROOT is writable: '.(is_writable(ROOT) ? 'true' : 'false').'<br>'; chdir(ROOT); //echo 'Changed directory to ROOT.<br>'; //echo '-->'; if(!$e->extract('.')) return '<b>dolphin-current.zip</b> could not be extracted. Upload the new version <b>via FTP</b>. Here are the contents of your <b>config.php</b>:<pre>'.htmlspecialchars(d_file_get_contents($cfg_old)).'</pre>'; foreach($rights as $k=>$v) d_chmod($k,$v); if(!empty($_POST['save-login']) || $_REQUEST['act']=='download-new') { /* delete BUILD, VERSION and NAME from config.php, they are now in core.php for compatibilty */ $conf = d_file_get_contents($cfg_old); $conf = preg_replace('/define\\(\'(BUILD|VERSION|NAME)\'.*\\)\\;/sU','',$conf); d_file_put_contents(ROOT.'/config.php', $conf); $core = d_file_get_contents(ROOT.'/system/core.php'); if(!$core) { $build = "undefined"; }else { preg_match("/define\\('BUILD'\\,([0-9]+)\\)/is", $core, $m); $build = $m[1]; } //echo '<!--Writing new information about build: '.$build.' and '.$version.'<br>-->'; } d_unlink($f); //echo '<!-- Deleting archive<br> -->'; if($build!='undefined' && $build > BUILD) { d_unlink($cfg_old); return true; } return 'Update did not complete successfully. Please upload the new version <b>via FTP</b>. Here are the contents of your previous <b>config.php</b>:<pre>'.htmlspecialchars(d_file_get_contents($cfg_old)).'</pre>'; }
'total' => show_size(false,true,$_SESSION['TOTAL_BYTES']), 'speed' => show_size(false,true, floor($_SESSION['TOTAL_BYTES'] - $prev_bytes) / (array_sum(explode(' ', microtime())) - START_TIME)) . '/sec', 'end' => $end, 'success' => $success, ); } break; case 'cancel_copy': $_SESSION['copy']=$_SESSION['cut']=array(); $_SESSION['CPCACHE'] = false; unset($_SESSION['CPCACHE']); $_RESULT = true; break; case 'upload': $_RESULT = upload_files(clean($_REQUEST['DIR'])); if(!$_RESULT) echo 'Could not upload files.'.reason(); break; case 'show-properties': //array_display($_SESSION); if(empty($_SESSION['SPCACHE']) || $_SESSION['SPFILEZ']!=$fz) /* Show Properties Cache */ { $_SESSION['TOTAL_BYTES'] = $_SESSION['DIRS'] = $_SESSION['FILES'] = 0; $_SESSION['RIGHTS'] = $_SESSION['UIDS'] = $_SESSION['GIDS'] = array(); $_SESSION['SPCACHE'] = multipart_begin(array( 'basedir' => dirname($fz[0]), 'files' => array_map('basename', $_SESSION['SPFILEZ'] = $fz), 'processors' => array('size'), ));
failure_actions_taken(); break; case 'failure_details': failure_details(); break; case 'failure_details_others': failure_details_others(); break; case 'failure_pictures': failure_pictures(); break; case 'failure_audios': failure_audios(); break; case 'upload_files': upload_files(); break; } //******************************************* Complaint Section Start ************************************************************** function complaint() { $updated_by = $_POST['emp_code']; $complaint_nos = $_POST["complaint_no"]; $date_time = $_POST["date_time"]; $dealer_code = $_POST["dealer_code"]; $location_id = $_POST["location_id"]; $emp_code = $_POST["emp_code"]; $cust_name = $_POST["cust_name"]; $cust_address = $_POST["cust_address"]; $cust_email = $_POST["cust_email"]; $cust_mobile = $_POST["cust_mobile"];
if (!in_array($upload_file, $file)) { echo "<script type='text/javascript'>alert('Hello, can only import EXCEL file!');window.history.back();</script>"; exit; } if (move_uploaded_file($tmp_name, $uploadfile)) { return $uploadfile; } else { if (copy($tmp_name, $uploadfile)) { return $uploadfile; } else { return false; } } } $excFile = $_FILES['file']; $aa = upload_files($excFile); $upload_file = strtolower(end(explode(".", $_FILES['file']['name']))); if ($upload_file == 'xls') { $reader = PHPExcel_IOFactory::createReader('Excel5'); // 2007以下用:Excel5 , 2007用:Excel2007 } else { echo "<script type='text/javascript'>alert('Sorry,please upload xls file!');window.history.back();</script>"; exit; } /* elseif ($upload_file == 'csv') { $reader = PHPExcel_IOFactory::createReader ( 'csv' ); } else { $reader = PHPExcel_IOFactory::createReader ( 'Excel2007' ); // 2007以下用:Excel5 , 2007用:Excel2007 }*/ $PHPExcel = $reader->load($aa);
} else { $pinned_mode = '0'; $closed_mode = '0'; } } } } } else { $query = "SELECT pinned_mode,closed_mode FROM {$CONFIG_sql_cpdbname}.board_topic WHERE topic_id=\"" . mysql_res($POST_t) . "\""; $sql->result = $sql->execute_query($query, 'insert_topic.php'); while ($row_topicdata = $sql->fetch_row()) { $pinned_mode = $row_topicdata[pinned_mode]; $closed_mode = $row_topicdata[closed_mode]; } } $files_upload = upload_files($_FILES['attach']); $flood_timer = $CP['time'] + $CONFIG_delay_post; $POST_t_mes = checkstring($POST_t_mes, 1); $POST_t_emo = (int) $POST_t_emo; $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.user_profile SET user_ranking=user_ranking+1,user_flood_protection=\"" . mysql_res($flood_timer) . "\" WHERE user_id = \"" . $CP['login_id'] . "\"", 'insert_topic.php'); $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic SET pinned_mode=\"" . mysql_res($pinned_mode) . "\",closed_mode=\"" . mysql_res($closed_mode) . "\",topic_lastreply_name=\"" . $CP['login_id'] . "\",topic_replying=topic_replying+1,topic_last_action_date=\"" . $CP['time'] . "\" WHERE topic_id=\"" . mysql_res($POST_t) . "\"", 'insert_topic.php'); $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.board_reply (topic_id,forum_id,reply_user_id,reply_emo,reply_message,reply_ip,reply_date,reply_upload) VALUES (\"" . mysql_res($POST_t) . "\",\"" . mysql_res($POST_f) . "\",\"" . $CP['login_id'] . "\",\"" . mysql_res($POST_t_emo) . "\",\"" . $POST_t_mes . "\",\"" . $CP['ip_address'] . "\",\"" . $CP['time'] . "\",\"" . mysql_res($files_upload['name']) . "\")", 'insert_topic.php'); } } redir("index.php?showtopic={$POST_t}&view=getnewpost", "{$files_upload['error']}{$lang['Topic_insert']}", 3); } else { redir("index.php?act=forum", "{$lang['No_privilege']}", 3); } } if ($GET_code == 02 && check_category($POST_f) && length($POST_t_mes, 3)) { if (check_forum_perm($POST_f, $CP['g_id'], 'reply_perm')) {
function send_message($from, $to, $message) { $resp = new response(); $resp->has_error = false; if ($to == "") { $to = $_POST['hc_to']; } if (strpos($to, ",") !== FALSE) { $to_ids = explode(",", $to); } else { $to_ids = array($to); } $done = false; $query = "SELECT id,name,username FROM " . codopm::$db_prefix . "users WHERE username=:toA OR " . codopm::$table['mail_column'] . "=:toB OR id=:toC"; $sth = codopm::$db->prepare($query); $ins_query = "INSERT INTO codopm_messages (thread_hash,msg_from,msg_from_name,msg_to,msg_to_name,message,attachments,owner,sent,recd,time)\n VALUES(:thread_hash,:msg_from,:msg_from_name,:msg_to,:msg_to_name,:msg,:attachments,:owner,NOW(),:recd,:time)"; $ins = codopm::$db->prepare($ins_query); foreach ($to_ids as $to) { $to = trim($to); if ($to == "") { continue; } $sth->execute(array(':toA' => $to, ':toB' => $to, ':toC' => $to)); $red = $sth->fetch(); if (count($red) <= 0) { $resp->has_error = true; $resp->msg = "user not found."; echo json_encode($resp); return; } $to = $red["id"]; $to_name = htmlentities($red['name'], ENT_QUOTES, "UTF-8"); if ($to_name == null || $to_name == "") { $to_name = $red['username']; } $time = microtime(true); $thread_hash = generate_thread_hash($from, $to); $from_name = $_SESSION[codopm::$secret . "from_name"]; if (!$done) { //upload files only once $file_names = upload_files($resp); $done = true; } $attachments = json_encode($file_names); $vars = array(':thread_hash' => $thread_hash, ':msg_from' => $from, ':msg_from_name' => $from_name, ':msg_to' => $to, ':msg_to_name' => $to_name, ':msg' => $message, ':attachments' => $attachments, ':owner' => $from, ':recd' => "1", ':time' => $time); $ins->execute($vars); if ($from != $to) { //duplicate msg for reciever $vars["owner"] = $to; $vars["recd"] = "0"; $ins->execute($vars); } } $resp->has_error = false; $resp->msg_id = codopm::$db->lastInsertId(); $resp->attachments = $attachments; $resp->msg = "Message successfully sent."; echo json_encode($resp); }
<?php if (isset($_POST['S'])) { session_id($_POST['S']); } include '../../system/core.php'; //file_put_contents(microtime(), print_r($_FILES,true)); /* convert $_FILES to usual format (special for SWFUpload) */ if (!empty($_FILES['Filedata'])) { $data = $_FILES['Filedata']; $_FILES = array('files' => array('name' => array($data['name']), 'tmp_name' => array($data['tmp_name']))); } if (!upload_files()) { header('HTTP/1.1 500 File Upload Error'); if (isset($_POST['classic'])) { echo 'An error occured while uploading files'; } die; } else { if (!isset($data)) { header('location: index.php' . (isset($_POST['classic']) ? '?classic=true&success=true' : '')); } } echo 'good'; /* */
exit; } else { // mpulldown $rd = $db->Execute('SELECT columnname,key_table FROM ' . $tableinfo->desname . " WHERE datatype='mpulldown'"); while ($rd && !$rd->EOF) { update_mpulldown($db, $rd->fields['key_table'], $_POST['id'], $_POST[$rd->fields['columnname']]); $rd->MoveNext(); } // upload files and images $rc = $db->Execute("SELECT id,columnname,datatype,thumb_x_size FROM {$tableinfo->desname} WHERE datatype='file' OR datatype='image'"); while (!$rc->EOF) { if ($_FILES[$rc->fields['columnname']]['name'][0]) { // delete all existing files //delete_column_file ($db,$tableinfo->id,$rc->fields['id'],$_POST['id'],$USER); // store the file uploaded by the user $fileid = upload_files($db, $tableinfo->id, $_POST['id'], $rc->fields['id'], $rc->fields['columnname'], $USER, $system_settings); if ($rc->fields['datatype'] == 'file') { // try to convert it to an html file if ($fileid) { $htmlfileid = process_file($db, $fileid, $system_settings); } } elseif ($rc->fields['datatype'] == 'image') { // make thumbnails and do image specific stuff if ($fileid) { process_image($db, $fileid, $rc->fields['thumb_x_size']); } } } $rc->MoveNext(); } // to not interfere with search form