Code: Select all
$max_image_size_b = $config['site']['guild_image_size_kb'] * 1024;
$allowed_ext = array('image/gif', 'image/jpg', 'image/pjpeg', 'image/jpeg', 'image/bmp', 'image/png', 'image/x-png');
$ext_name = array('image/gif' => 'gif', 'image/jpg' => 'jpg', 'image/jpeg' => 'jpg', 'image/pjpeg' => 'jpg', 'image/bmp' => 'bmp', 'image/png' => 'png', 'image/x-png' => 'png');
$save_file_name = str_replace(' ', '_', strtolower($guild->getName()));
$save_path = 'guilds/'.$save_file_name;
if($_REQUEST['todo'] == 'save') {
$file = $_FILES['newlogo'];
if(is_uploaded_file($file['tmp_name'])) {
if($file['size'] > $max_image_size_b) {
$upload_errors[] = 'Uploaded image is too big. Size: <b>'.$file['size'].' bytes</b>, Max. size: <b>'.$max_image_size_b.' bytes</b>.';
}
$type = strtolower($file['type']);
if(!in_array($type, $allowed_ext)) {
$upload_errors[] = 'Your file type isn\' allowed. Allowed: <b>gif, jpg, bmp, png</b>. Your file type: <b>'.$type.'</b> If it\'s image contact with admin.';
}
}
else
{
$upload_errors[] = 'You didn\'t send file or file is too big. Limit: <b>'.$config['site']['guild_image_size_kb'].' KB</b>.';
}
if(empty($upload_errors)) {
$extension = $ext_name[$type];
if(!move_uploaded_file($file['tmp_name'], $save_path.'.'.$extension)) {
$upload_errors[] = 'Sorry! Can\'t save your image.';
}
}
if(empty($upload_errors)) {
$guild_logo = $guild->getCustomField('logo_gfx_name');
if(empty($guild_logo) || !file_exists("guilds/".$guild_logo)) {
$guild_logo = "default_logo.gif";
}
if($guild_logo != "default_logo.gif" && $guild_logo != $save_file_name.'.'.$extension) {
unlink('guilds/'.$guild_logo);
}
}I tried with temper data and changing application stream for image/jpg but after it has been uploaded it's name has been changed to something.jpg instead of something.php so i couldn't execute it (the php code was in something.jpg file )
(when i opened it was just a link to that file )
Any help will be appreciated...