March, 1997
17.05.2000
?php
header("Content-Type: text/html; charset=utf-8");
function display_filesize($filesize) {
if (is_numeric($filesize)) {
$decr = 1024;
$step = 0;
$prefix = array('Byte','KB','MB','GB','TB','PB');
while(($filesize / $decr) > 0.9){
$filesize = $filesize / $decr;
$step++;
}
return round($filesize,2).' '.$prefix[$step];
} else {
return 'NaN';
}
}
// configuration options
$overwrite = true; // allow overwriting with the same name
$img_ext = array('.jpg','.gif','.bmp','.png', '.jpeg', '.svg');
$forbidden_filenames = array('index.html', 'index.htm', 'index.php');
$max_filesize = 134217728;
$upload_path = '../temp/'; // include trailing slash
$nr_files = 5;
// get the filename of this upload script
$file = $_SERVER["SCRIPT_NAME"];
$break = Explode('/', $file);
$pfile = $break[count($break) - 1];
$POST_MAX_SIZE = ini_get('post_max_size');
$mul = substr($POST_MAX_SIZE, -1);
$mul = ($mul == 'M' ? 1048576 : ($mul == 'K' ? 1024 : ($mul == 'G' ? 1073741824 : 1)));
$max_post_size = $mul*(int)$POST_MAX_SIZE;
$UPLOAD_MAX_SIZE = ini_get('upload_max_filesize');
$mul = substr($UPLOAD_MAX_SIZE, -1);
$mul = ($mul == 'M' ? 1048576 : ($mul == 'K' ? 1024 : ($mul == 'G' ? 1073741824 : 1)));
$max_upload_size = $mul*(int)$UPLOAD_MAX_SIZE;
if ($max_post_size < $max_filesize) $max_filesize = $max_post_size;
if ($max_upload_size < $max_filesize) $max_filesize = $max_upload_size;
if (!file_exists($upload_path))
die('Configuration error: this script cannot find the upload path
'; // Check if the filetype is allowed, if not DIE and inform the user. //if (!in_array($ext, $allowed_filetypes)) // die('The file type you attempted to upload is not allowed.'); if (filesize($_FILES['file'.$i]['tmp_name']) > $max_filesize) echo '
';
echo '';
}
else {
echo 'There was an error during the upload of file ' . $i . '. Please try again.';
}
}
}
}
?>
' . $upload_path . '
');
elseif (!is_writable($upload_path))
die('Configuration error: this script does not have write access to ' . $upload_path . '
(chmod it).');
else {
// print the upload form
?>
Illegal filename: ' . $filename . '';
continue;
}
// check if file exists
if (!$overwrite && file_exists($upload_path . $filename)) {
echo 'File exists: ' . $filename . '. Please use a different name.';
continue;
}
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);
echo ''; // Check if the filetype is allowed, if not DIE and inform the user. //if (!in_array($ext, $allowed_filetypes)) // die('The file type you attempted to upload is not allowed.'); if (filesize($_FILES['file'.$i]['tmp_name']) > $max_filesize) echo '
File '.$i.' is too large (' . display_filesize(filesize($_FILES['file'.$i]['tmp_name'])) . '). The maximum filesize is '.display_filesize($max_filesize).' bytes.
'; else { if (move_uploaded_file($_FILES['file'.$i]['tmp_name'], $upload_path . $filename)) { echo 'File '.$i.' upload was successful
'; echo 'The URL is: ' . $upload_path . rawurlencode($filename) . '
'; if (in_array($ext, $img_ext)) echo '