*
* The current build can write debug information to the file tfu.log. The number of
* files that are uploaded and the filenames! You can uncomment the debug lines if
* you have a problem.
*
* Authentification is done by the session $_SESSION["TFU_LOGIN"]. You can set
* this in the tfu_config.php or implement your own way!
*/
define('_VALID_TWG', '42');
if (isset($_GET['TFUSESSID'])) {
// this is a workaround if you set php_flag session.use_trans_sid=off + a workaround for some servers that don't handle sessions correctly if you open 2 instances of TFU
session_id($_GET['TFUSESSID']);
}
session_start();
include "tfu_helper.php";
restore_temp_session();
// this restores a lost session if your server handles sessions wrong!
/* This is some debug information - please uncomment this if I ask for it in a debug session ;).
debug("session id : " . session_id());
debug("session TFU: " . $_GET['TFUSESSID']);
debug("login: "******"TFU_LOGIN"]);
debug("dir: " . $_SESSION["TFU_DIR"]);
*/
if (isset($_SESSION["TFU_LOGIN"]) && isset($_GET['remaining'])) {
$dir = getCurrentDir();
if (isset($_GET['size'])) {
$size = $_GET['size'];
} else {
$size = 100000;
// no resize
}
* written by Michael Dempfle
*
* This file is the login and stetup file of the flash.
*
* Have fun using TWG Flash Uploader
*/
define('_VALID_TWG', '42');
if (isset($_GET['TFUSESSID'])) {
// this is a workaround if you set php_flag session.use_trans_sid=off + a workaround for some servers that don't handle sessions correctly if you open 2 instances of TFU
session_id($_GET['TFUSESSID']);
}
session_start();
$install_path = '';
// Please read the howto 8 of the TFU FAQ what you have to do with this parameter! You need a / at the end if you set it + you have to
include $install_path . "tfu_helper.php";
restore_temp_session(true);
// this restores a lost session if your server handles sessions wrong - only important for joomla because for TFU standalone nothing is in the session yet.
if (isset($_POST['twg_user']) && isset($_POST['twg_pass'])) {
// twg_user and twg_pass are always sent by the flash! - never remove this part! otherwise everyone can call tfu_config directly
/**
* ----------------------------
* Important!
* ----------
* You should add your authentification here if you don't use the internal one because everyone can send a
* post request with twg_user - this is NOT a security check - it only checks if this parameter is set!
* You should always protect your data as good as possible. If login = "******" everyone can upload even without
* the flash by sending a request. Therefore if you work in a CMS or on your own webpage after a login
* you have to add this check here as well!
* If you use $login="******" the check if it is a correct user is done below! You can add your user authentification
* there too!
* The simplest way is: