Custom uploader

MDxRacing · November 10, 2005, 08:07:14 PM

Im Not Sure If This Will Help Or If This Is A Securety Problem, But I Needed An Uploader That Would Upload Pic To Users Folders With Out It Being In The Data Base.
Nother Words When You Finished Your Upload You Only Had A Pic As Your zip/rar File To Click On To Download .
Not 2 Pics Of Your zip/rar And The Pic You Uploaded With It.

Now Im Running 1.32 Version And I Renamed The upload.php To Upload1.php This Is To Keep A Copy Of It Only.
Then I Ftp 1.2 Version upload.php In To Root.

And Added These Files.
1. Add To Your albums/userpics Directory And Name It The Same As Your Users Folder Exmaple : user folder 10001 Name File 10001.php Yes Do Need To Make This Up For All Users.

Change This To user Folder Name
$upload_dir = "10001/";

And Change This To Your url
echo "File (<a href=\"$upload_dir$file_name\">$file_name</a>) uploaded! <br>»<a href=\"http://yoururl/upload.php\">Click Here And Go Upload Your zip/rar file</a>";

And This 10001
echo "<meta http-equiv=Refresh content=1;url=10001.php>";

<!doctype html public "-//w3c//dtd html 4.01 transitional//en">
<html>
<head>
<meta http-equiv="content-language" content="en-us">
<meta http-equiv="content-type" content="text/html; charset=windows-1256">
<title></title>
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<script language="JavaScript" type="text/javascript">
<!-- ;
var newwindow;
var wheight = 0, wwidth = 0;
function popimg(url, title, iwidth, iheight, colour) {
var pwidth, pheight;

if ( !newwindow || newwindow.closed ) {
pwidth=iwidth+30;
pheight=iheight+30;
newwindow=window.open('','htmlname','width=' + pwidth +',height=' +pheight + ',resizable=1,top=50,left=10');
wheight=iheight;
wwidth=iwidth;
}

if (wheight!=iheight || wwidth!=iwidth ) {
pwidth=iwidth+30;
pheight=iheight+60;
newwindow.resizeTo(pwidth, pheight);
wheight=iheight;
wwidth=iwidth;
}

newwindow.document.clear();
newwindow.focus();
newwindow.document.writeln('<html> <head> <title>' + title + '<\/title> <\/head> <body bgcolor= \"' + colour + '\"> <center>');
newwindow.document.writeln('<a title="Hit to close!" href="javascript:window.close();"><img src=' + url + ' border=0></a>');
newwindow.document.writeln('<\/center> <\/body> <\/html>');
newwindow.document.close();
newwindow.focus();
}

function tidy5() {
if (newwindow && !newwindow.closed) { newwindow.close(); }
}

</script>

<body bgcolor="#00000" text="#fffff" leftmargin="20" topmargin="10" marginwidth="10" marginheight="10">

<?php

$upload_dir = "10001/";
$size_bytes = 512000;
$extlimit = "yes";
$limitedext = array(".gif",".jpg",".png",".jpeg");
if (!is_dir("$upload_dir")) {
die ("Error: The directory <b>($upload_dir)</b> doesn't exist");
}
if (!is_writeable("$upload_dir")){
die ("Error: The directory <b>($upload_dir)</b> is NOT writable, Please CHMOD (777)");
}

if(isset($_POST['uploadform'])){

$file_tmp = $_FILES['filetoupload']['tmp_name'];
$file_name = $_FILES['filetoupload']['name'];
$file_size = $_FILES['filetoupload']['size'];

if (!is_uploaded_file($file_tmp)){
echo "Error: Please select a file to upload!. <br>»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
exit(); //exit the script and don't do anything else.
}

if ($file_size > $size_bytes){
echo "Error: File Too Large. File must be <b>". $size_bytes / 1024 ."</b> KB. <br>»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
exit();
}
$ext = strrchr($file_name,'.');
if (($extlimit == "yes") && (!in_array(strtolower($ext),$limitedext))) {
echo("Error: Wrong file extension. ");
exit();
}

if(file_exists($upload_dir.$file_name)){
echo "Oops! The file named <b>$file_name</b> already exists. <br>»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
exit();
}

$file_name = str_replace(' ', '_', $file_name);
if (move_uploaded_file($file_tmp,$upload_dir.$file_name)) {
echo "File (<a href=\"$upload_dir$file_name\">$file_name</a>) uploaded! <br>»<a href=\"http://yoururl/upload.php\">Click Here And Go Upload Your zip/rar file</a>";
exit();
}else{
echo "There was a problem moving your file. <br>»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
exit();
}

}else{

for($i=0;$i<count($limitedext);$i++){
     if (($i<>count($limitedext)-1))$commas=", ";else $commas="";
      list($key,$value)=each($limitedext);
      $all_ext .= $value.$commas;
   }

echo "<center><br><h3>Upload You Picture Only Here</h3>"
." Allowed Extensions: $all_ext</b> <br>"
." <font color=red>YOU MUST RENAME YOUR PICTURE TO</b> <br>"
."<h2>thumb_yourfilename.jpg<font color=white></h2>"
."<form method=\"post\" enctype=\"multipart/form-data\" action=\"$PHP_SELF\">"
."<input type=\"file\" name=\"filetoupload\"><br>"
."<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"$size_bytes\"><br>"
."<input type=\"Submit\" name=\"uploadform\" value=\"Upload File\">"
."</form>";
}

function del(){
global $upload_dir, $file;

@unlink($upload_dir."/$file");
echo"<h3><font color=red>The File ($file) was deleted! <br> Please wait...</font></h3>";
echo "<meta http-equiv=Refresh content=1;url=10001.php>";
}

if ( $action == del ){
del();
}

echo "<br><hr><center><b>This Is Your Directory Only</b><br>The Way You Use It Is , Upload You Track Pic Only But You Need To Rename It thumb_yourpicname.jpg </center><br>";

clearstatcache();

echo "</tr>
</table>";
echo"<p align=\"right\">

</body>
</html>";

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Step 2:/File 2

Add This File To Your Root Directory

And Change This <?php include('http://yoururl.com/albums/userpics/10001.php');?>To your url and The Users Folder Name

Then Name File the same as users folder and member name 10001tomsmith.php
----------------------------------------------------------------------------------------------------------

<?php
// ------------------------------------------------------------------------- //
// Coppermine Photo Gallery 1.3.2 //
// ------------------------------------------------------------------------- //
// Copyright (C) 2002-2004 Gregory DEMAR //
// http://www.chezgreg.net/coppermine/ //
// ------------------------------------------------------------------------- //
// Updated by the Coppermine Dev Team //
// (http://coppermine.sf.net/team/) //
// see /docs/credits.html for details //
// ------------------------------------------------------------------------- //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// ------------------------------------------------------------------------- //
// CVS version: $Id: upload.php,v 1.9 2004/07/28 08:25:25 gaugau Exp $
// ------------------------------------------------------------------------- //

// Confirm we are in Coppermine and set the language blocks.
define('IN_COPPERMINE', true);
define('UPLOAD_PHP', true);
define('DB_INPUT_PHP', true);
define('CONFIG_PHP', true);

// Call basic functions, etc.
require('include/init.inc.php');

// Some placeholders.
$customize = CUSTOMIZE_UPLOAD_FORM;
$user_form = USER_UPLOAD_FORM;
$allowed_URI_boxes = NUM_URI_BOXES;
$allowed_file_boxes = NUM_FILE_BOXES;

// Check to see if user can upload pictures. Quit with an error if he cannot.
if (!USER_CAN_UPLOAD_PICTURES) {
cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}

ob_end_flush();

?>
<?php include('http://yoururl.com/albums/userpics/10001.php');?>

-----------------------------------------------------------------------------------------------------------------------------------------------------

Recap:
10001.php goes in albums/userpis directory
10001tomsmith.php goes in gallery root directory

You will need to email http://yoururl.com/10001tomsmith.php link to your member Tom Smith for pic uploads only

Yes I Know There Must Be An Easyer Way , But I Dont Know What It Is. The Top Script I Didnt Right , It Is A Script I Got Somewhere A Few Years Back So I Take No Credit For It.

Take The .txt Off The Attached Files

coppermine-gallery.com/forum

News:

Custom uploader

MDxRacing