Threaded Mode | Linear Mode

Mickey · 29/05/2009 06:25 AM

Finally got it working how i want it :D
Its messy and I'll eventually clean it up but meh

Spoiler:

PHP Code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="styles.css" type="text/css" rel="stylesheet" />

<title>Upload Image</title>
</head>

<body>
<div id="container">
<div id="header">
<?php
$link = "";
if (isset($_POST['submit'])){ //checks if subimt button has been clicked
				$name = $_FILES['file']['name']; //assigne the file name as a variable
				$up_name = preg_replace('/ /', '_', $name); //removes spaces from file name
				$upload_path = "uploads/" .$up_name; //sets the upload locarion
				$size = $_FILES['file']['size']; //sets file size to variable for checking
				$tmp = $_FILES['file']['tmp_name']; //sets the tmp file to a variable
				$link = "<a href='$upload_path'>Click here to view image.</a>"; //Creates the link to the image
				if ($size < 3145728 && !preg_match('/[!@#$%^&*()]/', $up_name) && preg_match('/([^\s]+(?=\.(jpg|gif|png|jpeg))\.\2)/', $up_name) && preg_match('/^image/', $_FILES['file']['type'])){ //riddiculous checks that took forever to correct
				move_uploaded_file($tmp, $upload_path); //moves tmp file to upload location
						 } else {
							 $error =  "Error, please make sure the file doesn't break any rules."; // if file didnt pass checks
						 }
				} else {
					echo "Select an Image to Upload"; // if submit hasnt been clicked
				}
				
?>
</div>

<div id="rules">
<ul>
<li>Image size must be less than 3 megabytes</li>
<li>Image must be PNG, JPG, JPEG, or GIF.</li>
<li>Image name may only contain A-Z, 1-9, and _.</li>
<li>Spaces and will be replaced with "_"</li>
</ul>
</div>

<div id="uploadForm">
<form action="" method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="3145728" />
<table class="form">
<tr>
<td><label for="file">File: </label></td><td><input type="file" id="file" name="file" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="Upload File" /></td>
</tr>
</form>
</table>
<p id="link">
<?php if (isset($_POST['submit']) && $size < 3145728 && !preg_match('/[!@#$%^&*()]/', $up_name) && preg_match('/([^\s]+(?=\.(jpg|gif|png|jpeg))\.\2)/', $up_name) && preg_match('/^image/', $_FILES['file']['type'])) { //again long checks
echo $link ."<br />"; //echos the link to image
echo "BBCode: <input type='text' onClick='javascript:select()' name='bb' size='40'  value='[img]http://mickeys-home.com/{$upload_path}[/img]'/><br />"; //makes the textbox with the bbcode code
} else {
	echo $error; //displays an error if the checks weren't passed
}
?>
</p>
</div>
</div>
</div>
</body>
</html>

ZiNgA BuRgA · 29/05/2009 06:37 AM

Unless keeping the original filename is important, I'd probably rename the file rather than filter it. Or if you must filter, use a "whitelist" (list of allowed chars) as opposed to a "blacklist" (list of eXx1l3d chars).
Your script is vulnerable to a "null byte" attack (using my suggestions would fix it).

Mickey · 29/05/2009 06:39 AM

hmmm, I'll read up on renaming, 6am now so it's nappy time. Thanks zinga :D
by the way this has no real use, I just want to learn more php, so i decided i'd make this to upload images to server instead of using ftp :p

Threaded Mode \| Linear Mode Quick Php help
Author	Message