/
uploadPrcs.php
170 lines (146 loc) · 5.87 KB
/
uploadPrcs.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
<?php
require_once 'dslWEb_Library/Class/Documents.php';
require_once 'dslWEb_Library/Class/Session.php';
/**
* Object instances
* Document Class->objDoc, Session Class->objSes
* $sData - path to directory ( cDocuments class)-> f:fileCreate
*/
$objDoc = new cDocuments();
$objSes = new cSession();
$objSes->sesStart();
/*##################################################################*/
/* the switch option evaluates what value is used from the POSTED name
* submitted in the formUpload.php form
*/
if(isset($_POST['Submit'])){
switch($_POST['Submit']){
case 'Segregate':
if((!empty($_FILES["fileUpload"])) && ($_FILES['fileUpload']['error'] == 0)) { //Сheck that we have a file
$filename = basename($_FILES['fileUpload']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
//echo 'File extension: '.$ext."</br>";
if (($ext == "xml") && ($_FILES["fileUpload"]["type"] == "text/xml")){
$file = $_FILES['fileUpload']['name'];
$testObj = $objDoc->fileExist($file);
/* @check to see if there is a similar file located in uploads_temp
* -> proceed to delete the file if it exists
* */
if($testObj == 'TRUE'){
if (($objDoc->fileDel($file))=='TRUE'){
echo 'previous copy of '.$file.' has been deleted</br>';
}else{
echo 'file not deleted.';}
}else{
echo 'file ' .$file.' does not exist... Creating file.....';
}
$url = 'D:/xampp/htdocs/dslweb/'; //change directory first
chdir($url);
if ( move_uploaded_file ($_FILES['fileUpload'] ['tmp_name'],"uploads_temp/{$_FILES['fileUpload'] ['name']}")){
$sDatas = $objDoc->fileCreate($file); /* instantiate a new (clean) file PSI_DSL_INPUT.txt */
foreach ($sDatas as $sData => $values){
$GLOBALS[$sData]= $values;
}
$_SESSION['fDir'] = $fDir;
$_SESSION['fDate'] = $fDate;
if (($objDoc->createDir($fDir)) == "TRUE"){
echo 'Successfully created '.$fDir.'</br>';
$outEcho .='Successfully created '.$fDir.'</br>';
}else{
echo 'Failed to create '.$fDir.'</br>';
$outEcho .= 'Failed to create '.$fDir.'</br>';
$_SESSION['outEcho'] = $outEcho;
Header("Location:webHtml.php");
}
echo 'PSI_DSL_INPUT.txt'.' has been created successfully. </br>';
$outEcho .= 'PSI_DSL_INPUT.txt'.' has been created successfully. </br>';
/*
* INSERT SHELL EXEC -> CALL DLL VIA ASP (SIR PAUL)
*/
//echo 'call executable (sir paul) ';
//sleep(5);
$_SESSION['outEcho'] = $outEcho;
Header("Location:afterCallExec2.php");
}
}
else{
$outEcho .= "Error: Only xml files can be uploaded";
$_SESSION['outEcho']=$outEcho;
Header("Location:webHtml.php");
}
}
else {
$outEcho .= 'Error: Please select a file. ';
$outEcho .= $_FILES['fileUpload']['error'];
$outEcho .= ' error nga eh';
$_SESSION['outEcho']=$outEcho;
Header("Location:webHtml.php");
}
break;
/*##### end of case segregate*/
case 'Sanitize':
// echo 'value is sanitize';
if((!empty($_FILES["fileUpload"])) && ($_FILES['fileUpload']['error'] == 0)) { //Сheck that we have a file
$filename = basename($_FILES['fileUpload']['name']);
$ext = substr($filename, strrpos($filename, '.') + 1);
//echo 'File extension: '.$ext."</br>";
/* check data if the extension is xml and type is txt */
if (($ext == "xml") && ($_FILES["fileUpload"]["type"] == "text/xml")){
$file = $_FILES['fileUpload']['name'];
$testObj = $objDoc->fileExist($file);
/* @check to see if there is a similar file located in uploads_temp
* -> proceed to delete the file if it exists
* */
if($testObj == 'TRUE'){
if (($objDoc->fileDel($file))=='TRUE'){
echo 'previous copy of '.$file.' has been deleted</br>';
}else{
echo 'file not deleted.';}
}else{
echo 'file ' .$file.' does not exist... Creating file.....';
}
$url = 'D:/xampp/htdocs/dslweb/'; //change directory first
chdir($url);
if ( move_uploaded_file ($_FILES['fileUpload'] ['tmp_name'],"uploads_temp/{$_FILES['fileUpload'] ['name']}")){
$sDatas = $objDoc->fileCreateSanitize($file); /* instantiate a new (clean) file PSI_DSL_INPUT2.txt */
foreach ($sDatas as $sData => $values){
$GLOBALS[$sData]= $values;
}
$_SESSION['fDir'] = $fDir;
$_SESSION['fDate'] = $fDate;
if (($objDoc->createDir($fDir)) == "TRUE"){
echo 'Successfully created '.$fDir.'</br>';
$outEcho .='Successfully created '.$fDir.'</br>';
}else{
echo 'Failed to create '.$fDir.'</br>';
$outEcho .= 'Failed to create '.$fDir.'</br>';
$_SESSION['outEcho'] = $outEcho;
Header("Location:webHtml.php");
}
echo 'PSI_DSL_INPUT.txt'.' has been created successfully. </br>';
$outEcho .= 'PSI_DSL_INPUT2.txt'.' has been created successfully. </br>';
/*
* INSERT SHELL EXEC -> CALL DLL VIA ASP (SIR PAUL)
*/
//echo 'call executable (sir paul) ';
//sleep(5);
$_SESSION['outEcho'] = $outEcho;
Header("Location:afterCallExec2.php");
}
}
else{
$outEcho .= "Error: Only xml files can be uploaded";
$_SESSION['outEcho']=$outEcho;
Header("Location:webHtml.php");
}
}
else {
$outEcho .= "Error: Please select a file.";;
$_SESSION['outEcho']=$outEcho;
Header("Location:webHtml.php");
}
break;
default:
echo 'error:cannot find switch $_POST';
}
}