-
Notifications
You must be signed in to change notification settings - Fork 60
/
fileupload.php
56 lines (28 loc) · 1.17 KB
/
fileupload.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
<?PHP
require_once "../../../config.php";
_load_language_file("/website_code/php/fileupload.inc");
if(in_array($_FILES['filenameuploaded']['type'],$xerte_toolkits_site->mimetypes)){
if($_FILES['filenameuploaded']['type']=="text/html"){
$php_check = file_get_contents($_FILES['filenameuploaded']['tmp_name']);
if(!strpos($php_check,"<?PHP")){
$new_file_name = $_POST['mediapath'] . $_FILES['filenameuploaded']['name'];
if(@move_uploaded_file($_FILES['filenameuploaded']['tmp_name'], $new_file_name)){
echo FILE_UPLOAD_SUCCESS . "****";
}else{
echo FILE_UPLOAD_ZIP_FAIL . "****";
}
}else{
echo FILE_UPLOAD_HTML_FAIL . "****";
}
}else{
$new_file_name = $_POST['mediapath'] . $_FILES['filenameuploaded']['name'];
if(@move_uploaded_file($_FILES['filenameuploaded']['tmp_name'], $new_file_name)){
echo FILE_UPLOAD_SUCCESS . "****";
}else{
echo FILE_UPLOAD_ZIP_FAIL . "****";
}
}
}else{
echo FILE_UPLOAD_MIME_FAIL . " - " . $_FILES['filenameuploaded']['type'] . "****";
}
?>