PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Sat Aug 15, 2020 6:31 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Fri Aug 19, 2011 7:19 pm 
Offline
Forum Commoner

Joined: Wed Jan 28, 2009 1:18 pm
Posts: 97
here is my code so far

Syntax: [ Download ] [ Hide ]
<?php
include("dbinfo.inc.php");


mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$term  = mysql_real_escape_string($_POST['term']);
$term2  = mysql_real_escape_string($_POST['term2']);

  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
    }
  else
    {
    //echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    //echo "Type: " . $_FILES["file"]["type"] . "<br />";
    //echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    //echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";

    if (file_exists("efiles/" . $term . "/" . $term2 . "/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "efiles/" . $term . "/" . $_FILES["file"]["name"]);
      //echo "Stored in: " . "efiles/" . $_FILES["file"]["name"];
      }
    }
 
echo $term;

?>
<html><body>
<script type="text/javascript">

</script>
</body></html>


 



where you see 'term and 'term2' are from user inputs. the concept is to have the files uploaded to folders with the terms the user states, which may not be created yet, but if they are i dont want to create them, just check to see if the file, then, has been uploaded to that location, etc

any ideas are welcome


Top
 Profile  
 
PostPosted: Sat Aug 20, 2011 8:04 am 
Offline
Forum Contributor
User avatar

Joined: Sun Nov 21, 2010 4:32 pm
Posts: 261
Location: Burnley, England
Here is an example of creating a directory:



Best wishes


Top
 Profile  
 
PostPosted: Mon Aug 22, 2011 12:21 pm 
Offline
Forum Commoner

Joined: Wed Jan 28, 2009 1:18 pm
Posts: 97
thanks, i got it


Top
 Profile  
 
PostPosted: Mon Aug 22, 2011 3:32 pm 
Offline
Jack of Zircons
User avatar

Joined: Thu Nov 09, 2006 9:30 pm
Posts: 4484
Location: California, USA
Do you really want to allow users to create directories on your server?? Generally I would consider this a really really bad practice. A hacker could write a simple little script to create thousands of directories on your server, unless you have taken other precautions to prevent it.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group