text { encoding:utf-8;bom:no;linebreaks:unix;tabs:4sp; } */ $simple_upoad['version'] = '0.9.6'; /* corz (much used!) uploading script corz simple upload now has its own page! (at last!) here: http://corz.org/server/tools/simple-upload/ Note: simple upload can now zip and attach uploaded files to your admin email notifications! Multiple uploads are also supported - all the files go in the zip (which is named "first-uploaded-file.zip"). To Use: You MUST ensure that both post_max_size and upload_max_filesize php directives are large enough to handle the largest file you expect to upload, or the upload will fail. The "MAX_FILE_SIZE" (in bytes) hidden form element is often (usually) ignored by browsers, don't trust it. In this example, the upload filesize is set to 10MB, as are the php directives at my site, in the relevant .htaccess file.. php_value upload_max_filesize 10M php_value post_max_size 10M If you run php as a CGI, the equivalent directives would go in your php.ini/.user.ini.. upload_max_filesize = 10M post_max_size = 10M Have fun (check your uploads folder)! ;o) Cor ps. I don't know who "Diana" is, but I want more! (c) 2004->tomorrow! ~ cor + corz.org ;o) Please view the license for this free software, here: http://corz.org/free-scripts-licence.nfo */ /* prefs.. */ // number of upload spaces to provide in the form.. $simple_upoad['upload_slots'] = 3; /* Final Destination This MUST be writable by the server process (either chmod 777 (php as Module) or 644 (php as CGI)). Ideally, this should be outside the web tree. If not, use .htaccess to protect the directory. */ $simple_upoad['destination'] = $_SERVER['DOCUMENT_ROOT'].'/public/private/'; //$simple_upoad['destination'] = './'; // use same directory as script // put a comment form below the upload slots? (comments will be sent in the body of the notification email) $simple_upoad['user_comments'] = true; // NOTE: If you disable email notifications, the comments will be lost. // uploaded file permissions.. $simple_upoad['permissions'] = '0777'; // leave this blank to NOT send an email when there is a new upload.. //$simple_upoad['email_address'] = 'youraddress@gmail.com'; $simple_upoad['email_address'] = 'uploads@'.$_SERVER['HTTP_HOST']; // mail headers.. $simple_upoad['email_subject'] = 'New upload at '.$_SERVER['HTTP_HOST']; // End-Of-Line used by the mailer - PHP_EOL should work in most situations. $simple_upoad['mail_eol'] = PHP_EOL; // mail a copy of the uploaded file with the nofitication? $simple_upoad['mail_upload'] = true; // The big bold title above the upload slots.. $simple_upoad['upload_title'] = 'corz (much used!)
simple php upload script..
'; $simple_upload['transform_types'] = 'php,php3,php4,php5,phtml,py,rb,rhtml,htm,shtml,inc,ini,com,blog,asp,aspx,html,cgi,pl,asp,aspx,axd,asmx,ashx,asx,cfm,yaws,svg,swf,xhtml,jhtml,jsp,jspx,wss,js,hta,htc,css,rss,xml,do,action,atom,dll'; /* end prefs. */ // running in stand-alone mode.. if (realpath ($_SERVER['SCRIPT_FILENAME']) == __FILE__) { do_header(); } echo '
upload files (10MB max) ..
'; // create a POST array for ($i=0; $i<$simple_upoad['upload_slots']; $i++) { echo '
'; } echo ' '; if ($_FILES) { $newfile = $zip_file_name = null; $newfiles = $email_message = ''; $transform_types = explode(',', $simple_upload['transform_types']); echo '

'; for ($i=0; $i<$simple_upoad['upload_slots']; $i++) { $j=$i+1; $name = (@$_FILES['files']['name'][$i]); $name = stripslashes($name); if (substr($name, 0, 1) == '.') $_FILES['files']['error'][$i] = 5; switch ($_FILES['files']['error'][$i]) { case 0 : echo 'slot ',$j,': uploaded : ',$name,''; break 1; // exit the switch, one level - same as break; case 1 : echo 'slot ',$j,': upload too big! : ',$name,''; break 1; case 2 : echo 'slot ',$j,': upload too big! : ',$name,''; break 1; case 3 : echo 'slot ',$j,': partial upload! : ',$name,''; break 1; case 4 : echo 'slot ',$j,': empty',$name,''; break 1; case 5 : $this_name = $name; echo 'slot ',$j,': illegal file name: ',$name,''; break 1; } if ($_FILES['files']['error'][$i] != 5) { $this_name = stripslashes(trim(@$_FILES['files']['name'][$i])); if ($this_name != '') { $newfile = $simple_upoad['destination'].$this_name; // email.. if ($simple_upoad['email_address']) { $newfiles .= "\t".$this_name."\n"; // note "s" if ($simple_upoad['mail_upload']) { // zip the file.. if (!isset($zip_file_name)) { $zip_file_name = $newfile.'.zip'; } $zip_result = su_zip_file($zip_file_name, $_FILES['files']['tmp_name'][$i], basename($newfile)); if ($zip_result) { $email_message .= '!!!***!!! THERE WAS AN ERROR CREATING THE ZIP! Error: '.$zip_result.' !!!***!!!'; } } } // check the extension - transform certain types ("executables") $fext = substr($this_name,strrpos($this_name,'.')+1); if (in_array($fext, $transform_types)) { $newfile = $newfile.'.upload'; } @move_uploaded_file($_FILES['files']['tmp_name'][$i], $newfile); @system("chmod 777 \"$newfile\""); // wont work on all web hosts, but worth a try. chmod($newfile, $simple_upoad['permissions']); // this probably will, though. // you may want different permissions, but this will at least allow *you* to access // the files afterwards, something that can be tricky on some server setups. } } if ($this_name != '') { if (file_exists($newfile)) { echo '  success!'; } else { echo '  failed!'; } } echo '
'; } echo '
'; if ($newfiles != '' and $simple_upoad['email_address']) { $simple_upoad['email_headers'] = 'From: back-end@'.$_SERVER['HTTP_HOST'].$simple_upoad['mail_eol']. 'X-Mailer: PHP/' . phpversion(). $simple_upoad['mail_eol']; $email_message .= 'The following:'."\n\n". basename($newfiles)."\n\n". 'Has been uploaded to '.$_SERVER['HTTP_HOST']."\n". 'From: '.@$_SERVER['REMOTE_HOST'].' ['.$_SERVER['REMOTE_ADDR'].']'."\n\n"; if (isset($_POST['upload-comment-form']) and !empty($_POST['upload-comment-form'])) { $email_message .= "\nUser Comment:\n\n".$_POST['upload-comment-form']; echo '

Your comment has been mailed to the webmaster.'; } if ($simple_upoad['mail_upload']) { $random_hash = md5(date('r', time())); $simple_upoad['email_headers'] = 'From: back-end@'.$_SERVER['HTTP_HOST'].$simple_upoad['mail_eol']; $simple_upoad['email_headers'] .= "Reply-To: back-end@".$_SERVER['HTTP_HOST'].$simple_upoad['mail_eol']; $simple_upoad['email_headers'] .= "Content-Type: multipart/mixed; boundary=\"mail-boundary-".$random_hash."\""; $attachment = chunk_split(base64_encode(file_get_contents($zip_file_name))); ob_start(); echo '--mail-boundary-'.$random_hash.$simple_upoad['mail_eol']; echo 'Content-Type: text/plain; charset="iso-8859-1"'.$simple_upoad['mail_eol']; echo 'Content-Transfer-Encoding: 7bit'.$simple_upoad['mail_eol']; echo "\n".$email_message."\n--mail-boundary-".$random_hash.$simple_upoad['mail_eol']; echo 'Content-Type: application/zip; name="'.$zip_file_name.'"'.$simple_upoad['mail_eol']; echo 'Content-Transfer-Encoding: base64'.$simple_upoad['mail_eol']; echo 'Content-Disposition: attachment'.$simple_upoad['mail_eol'].$simple_upoad['mail_eol']; echo $attachment.$simple_upoad['mail_eol']; echo $simple_upoad['mail_eol'].'--mail-boundary-'.$random_hash.'--'.$simple_upoad['mail_eol']; $final_message = ob_get_clean(); } else { $final_message = $email_message; } // send the mail.. $sent_mail = mail( $simple_upoad['email_address'], $simple_upoad['email_subject'], $final_message."\n\n".'-- The Upload Script', $simple_upoad['email_headers']); // delete the zip.. unlink($zip_file_name); } } echo '

'; if ($simple_upoad['user_comments']) { echo '