-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathtool-upload-file-multi.php
More file actions
70 lines (68 loc) · 1.63 KB
/
tool-upload-file-multi.php
File metadata and controls
70 lines (68 loc) · 1.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
include_once(dirname(__FILE__)."/functions.php");
include_once dirname(__FILE__)."/auth.php";
include dirname(__FILE__)."/conf.php";
if($cfg->authentification_needed && !$userlogin)
{
exit();
}
if(!$cfg->allow_upload_all_file && !$cfg->allow_upload_image)
{
die('DENIED');
}
if($cfg->readonly)
{
die('READONLY');
}
$targetdir = path_decode(kh_filter_input(INPUT_GET, 'targetdir'), $cfg->rootdir);
if(isset($_FILES["images"]))
{
if(is_array($_FILES["images"]["error"]))
{
foreach($_FILES["images"]["error"] as $key => $error){
if($error == 0) {
$name = $_FILES["images"]["name"][$key];
$name = kh_filter_file_name_safe($name);
$compressimage = @$_SESSION['compress-image-cb'];
$settings['compressimageonupload'] = $compressimage;
// if exist before, file will not be deleted
$allowdelete = true;
if(file_exists($targetdir."/".$name))
{
$allowdelete = false;
}
if(isset($_FILES['images']['tmp_name']))
{
if(is_uploaded_file($_FILES['images']['tmp_name'][$key])){
copy($_FILES['images']['tmp_name'][$key], $targetdir."/".$name);
}
move_uploaded_file($_FILES["images"]["tmp_name"][$key], $targetdir."/".$name);
$info = getimagesize($targetdir."/".$name);
compressImageFile($targetdir."/".$name, $authblogid);
deleteforbidden($targetdir);
if(stripos($info['mime'],'image')!==false)
{
if(!$cfg->allow_upload_image)
{
if($allowdelete)
{
@unlink($targetdir."/".$name);
}
die('FORBIDDEN');
}
}
else if(!$cfg->allow_upload_all_file)
{
if($allowdelete)
{
@unlink($targetdir."/".$name);
}
die('FORBIDDEN');
}
}
}
}
}
}
echo 'SUCCESS';
?>