imagedestroy($im); $newthumbqty++; } } else { $file['width'][] = 'N/A'; $file['height'][] = 'N/A'; $file['dimensions'][] = 'N/A'; $file['type'][] = returnMIMEType($filename); } } } } closedir($dh); } elseif ($_SESSION['tinybrowser']['sessionsecured'] == true && isset($_SESSION[$_SESSION['tinybrowser']['sessioncheck']])) { // Check request tokens secure_tokens(true, false); $success = createfolder($_SESSION['tinybrowser']['docroot'] . $browsepath, $_SESSION['tinybrowser']['unixpermissions']); if ($success) { if ($typenow == 'image') { createfolder($_SESSION['tinybrowser']['docroot'] . $browsepath . '_thumbs/', $_SESSION['tinybrowser']['unixpermissions']); } $notify['type'][] = 'success'; $notify['message'][] = sprintf(TB_MSGMKDIR, $browsepath); } else { $notify['type'][] = 'error'; $notify['message'][] = sprintf(TB_MSGMKDIRFAIL, $browsepath); } } // Assign directory structure to array $browsedirs = array(); dirtree($browsedirs, $_SESSION['tinybrowser']['filetype'][$typenow], $_SESSION['tinybrowser']['docroot'], $_SESSION['tinybrowser']['path'][$typenow]);
<?php require_once 'config_tinybrowser.php'; require_once 'fns_tinybrowser.php'; // Set language set_language(); // Set default encoding type if (!headers_sent()) { header("Content-Type: text/html; charset={$_SESSION['tinybrowser']['encoding']}"); } // Check and generate request tokens secure_tokens(); // Check session exists check_session_exists(); if (!$_SESSION['tinybrowser']['allowupload']) { deny(TB_UPDENIED); } // Assign get variables $typenow = isset($_GET['type']) && in_array($_GET['type'], $_SESSION['tinybrowser']['valid']['type']) ? $_GET['type'] : 'image'; $foldernow = str_replace(array('../', '..\\', '..', './', '.\\'), '', $_SESSION['tinybrowser']['allowfolders'] && isset($_REQUEST['folder']) ? urldecode($_REQUEST['folder']) : ''); $passfolder = '&folder=' . urlencode($foldernow); $passfeid = !empty($_GET['feid']) && preg_match("/^[a-zA-Z0-9_\\-]+\$/", $_GET['feid']) == true ? '&feid=' . $_GET['feid'] : ''; $passupfeid = !empty($_GET['feid']) && preg_match("/^[a-zA-Z0-9_\\-]+\$/", $_GET['feid']) == true ? $_GET['feid'] : ''; $tokenget = !empty($_SESSION['get_tokens']) ? '&tokenget=' . end($_SESSION['get_tokens']) : ''; // Assign upload path if (strpos($foldernow, $_SESSION['tinybrowser']['path'][$typenow]) == 1) { $uploadpath = urlencode($_SESSION['tinybrowser']['path'][$typenow] . $foldernow); } else { $uploadpath = urlencode($_SESSION['tinybrowser']['path'][$typenow]); } verify_dir($_SESSION['tinybrowser']['docroot'] . $_SESSION['tinybrowser']['path'][$typenow] . $foldernow, $typenow);
<?php require_once 'config_tinybrowser.php'; require_once 'fns_tinybrowser.php'; // Set language set_language(); // Generate request tokens secure_tokens(false, true); // Check session exists check_session_exists(); if (!$_SESSION['tinybrowser']['allowupload']) { echo TB_UPDENIED; exit; } // delay script if set if ($_SESSION['tinybrowser']['delayprocess'] > 0) { sleep($_SESSION['tinybrowser']['delayprocess']); } // Initialise files array and error vars $files = array(); $good = 0; $bad = 0; $dup = 0; $total = !empty($_GET['filetotal']) && is_numeric($_GET['filetotal']) && $_GET['filetotal'] > 0 ? (int) $_GET['filetotal'] : 0; // Assign get variables $typenow = isset($_GET['type']) && in_array($_GET['type'], $_SESSION['tinybrowser']['valid']['type']) ? $_GET['type'] : 'image'; $folder = $_SESSION['tinybrowser']['docroot'] . urldecode($_GET['folder']); $foldernow = urlencode(str_replace($_SESSION['tinybrowser']['path'][$typenow], '', urldecode($_GET['folder']))); $passfeid = !empty($_GET['feid']) && preg_match("/^[a-zA-Z0-9_\\-]+\$/", $_GET['feid']) == true ? '&feid=' . $_GET['feid'] : ''; $tokenget = !empty($_SESSION['get_tokens']) ? '&tokenget=' . end($_SESSION['get_tokens']) : ''; // security check