.w3g Not Allowed

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
LiveFree
Forum Contributor
Posts: 258
Joined: Tue Dec 06, 2005 5:34 pm
Location: W-Town

.w3g Not Allowed

Post by LiveFree »

Code: Select all

<?php
#### Generated by Module Creator - By Disipal site (http://www.disipal.net) ####
if (!eregi("modules.php", $PHP_SELF)) {
   die ("You can't access this file directly...");

}
require_once("mainfile.php");
$module_name = basename(dirname(__FILE__));
include("header.php");
$index = 0;
OpenTable();
/*
File: upload.php
Path: modules/Uploads/
*/
// Uploads a file

if (isset($_POST['submit'])){
  $uploaddir = 'videos/';
$uploadfile = $uploaddir.$_FILES['userfile']['name'];
$name=$_FILES['userfile']['name'];

if (empty($_POST['desc'])){
  echo "Please enter in a short description!<br />";
}else{
  $desc=$_POST['desc'];
}

if (empty($_POST['author'])){
  echo "Please enter in your name!<br />";
}else{
  $author=$_POST['author'];
}

if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile) || pregi_match('.w3g',$name)) {
   $cat=$_POST['id'];
   $query="INSERT INTO uploads (filename,desc,cat) VALUES ('$name','$desc','$cat')";
   //echo $query;
   $sql=mysql_query($query) OR DIE (mysql_error());
   echo "File Upload Completed!";
} else {
   echo "Possible file upload attack!\n";
}

  
}else{
  echo '<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="modules.php?name=Upload&file=upload" method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
    <!-- Name of input element determines name in $_FILES array -->
    <b>Send this file: </b><input name="userfile" type="file" /><br />
    <b>Desciption:</b><input type="text" name="desc"><br />
    <b>Added By:</b><input type="text" name="author"><br />
    <b>Catagory</b><select name="id"><option value="1">Replays</option><option value="2">1v1</option><option value="3">2v2</option><option value="4">3v3</option><option value="5">4v4</option></select><br>
    <input type="submit" value="Send File" name="submit"/>
    <input type="hidden" name="name" value="Upload" />
    <input type="hidden" name="file" value="upload" />
</form>';
}

CloseTable();
include('footer.php');
?>
When we try to upload a .w3g file, it triggers the error

Thanks, and like I said to Sami, I am gonna donate $5-10 to PHPDN for all your help :)
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Re: .w3g Not Allowed

Post by timvw »

Tucker wrote:

Code: Select all

<?php
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile) || pregi_match('.w3g',$name)) 
?>
There is no such function: pregi_match (afaik).
You probably want eregi or preg_match...

Anway, you probably want both conditions to be fullfilled (upload file copy-saved somewhere AND the last part of the name is .w3g) and in that case you should use && instead of ||
LiveFree
Forum Contributor
Posts: 258
Joined: Tue Dec 06, 2005 5:34 pm
Location: W-Town

Post by LiveFree »

Nope that didnt work
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

swap the order of the preg_match() call and move_uploaded_file() call. Ignoring your invalid pattern syntax for preg_match(), if I uploaded a file with w3g anywhere in the name (as long as it was provided it wasn't the first substring) your insertion code would run.
LiveFree
Forum Contributor
Posts: 258
Joined: Tue Dec 06, 2005 5:34 pm
Location: W-Town

Post by LiveFree »

Code: Select all

if (preg_match('.w3g',$name) && move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
   $cat=$_POST['id'];
   $query="INSERT INTO uploads (filename,desc,cat) VALUES ('$name','$desc','$cat')";
   //echo $query;
   $sql=mysql_query($query) OR DIE (mysql_error());
   echo "File Upload Completed!";
} else {
   echo "Possible file upload attack!\n";
}
Still doesnt work
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

as I hinted at before, you have issues with your regex pattern syntax. You may want to visit the regex board on this server..
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

The easier solution is to use http://www.php.net/pathinfo instead...
Post Reply