.w3g Not Allowed
Posted: Sun Feb 05, 2006 6:59 pm
Code: Select all
<?php
#### Generated by Module Creator - By Disipal site (http://www.disipal.net) ####
if (!eregi("modules.php", $PHP_SELF)) {
die ("You can't access this file directly...");
}
require_once("mainfile.php");
$module_name = basename(dirname(__FILE__));
include("header.php");
$index = 0;
OpenTable();
/*
File: upload.php
Path: modules/Uploads/
*/
// Uploads a file
if (isset($_POST['submit'])){
$uploaddir = 'videos/';
$uploadfile = $uploaddir.$_FILES['userfile']['name'];
$name=$_FILES['userfile']['name'];
if (empty($_POST['desc'])){
echo "Please enter in a short description!<br />";
}else{
$desc=$_POST['desc'];
}
if (empty($_POST['author'])){
echo "Please enter in your name!<br />";
}else{
$author=$_POST['author'];
}
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile) || pregi_match('.w3g',$name)) {
$cat=$_POST['id'];
$query="INSERT INTO uploads (filename,desc,cat) VALUES ('$name','$desc','$cat')";
//echo $query;
$sql=mysql_query($query) OR DIE (mysql_error());
echo "File Upload Completed!";
} else {
echo "Possible file upload attack!\n";
}
}else{
echo '<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="modules.php?name=Upload&file=upload" method="POST">
<!-- MAX_FILE_SIZE must precede the file input field -->
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
<!-- Name of input element determines name in $_FILES array -->
<b>Send this file: </b><input name="userfile" type="file" /><br />
<b>Desciption:</b><input type="text" name="desc"><br />
<b>Added By:</b><input type="text" name="author"><br />
<b>Catagory</b><select name="id"><option value="1">Replays</option><option value="2">1v1</option><option value="3">2v2</option><option value="4">3v3</option><option value="5">4v4</option></select><br>
<input type="submit" value="Send File" name="submit"/>
<input type="hidden" name="name" value="Upload" />
<input type="hidden" name="file" value="upload" />
</form>';
}
CloseTable();
include('footer.php');
?>Thanks, and like I said to Sami, I am gonna donate $5-10 to PHPDN for all your help