2015-02-18 15:11:42 +01:00
|
|
|
<?php
|
2016-05-14 10:55:50 +02:00
|
|
|
//Loading configuration file
|
|
|
|
|
require_once "config.php";
|
|
|
|
|
|
|
|
|
|
//Saving the file on the server
|
2015-10-07 22:56:03 +02:00
|
|
|
function save_file ($file, $name, $arg, $type){
|
2015-02-11 18:17:43 +01:00
|
|
|
//Generate name depending on arg
|
|
|
|
|
switch($arg){
|
|
|
|
|
case 'random':
|
|
|
|
|
$ext = pathinfo($file.$name, PATHINFO_EXTENSION);
|
2015-10-06 00:44:30 +02:00
|
|
|
$ext = strtolower($ext);
|
2016-05-14 10:55:50 +02:00
|
|
|
if(in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))){
|
|
|
|
|
if($type==='normal'){
|
|
|
|
|
include_once(CONFIG_ROOT_PATH.'error_meow.php');
|
2015-10-07 22:56:03 +02:00
|
|
|
exit(0);
|
2016-05-14 10:55:50 +02:00
|
|
|
}else{
|
|
|
|
|
exit('File type not allowed.');
|
|
|
|
|
}
|
|
|
|
|
}
|
2015-02-11 18:17:43 +01:00
|
|
|
$file_name = gen_name('random', $ext);
|
2016-05-14 10:55:50 +02:00
|
|
|
while(file_exists(CONFIG_FILES_PATH.$file_name)){
|
|
|
|
|
$file_name = gen_name('random', $ext);
|
2015-02-11 18:17:43 +01:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'custom_original':
|
2015-04-05 22:44:41 +02:00
|
|
|
$name = stripslashes(str_replace('/', '', $name));
|
2015-02-11 18:17:43 +01:00
|
|
|
$name = strip_tags(preg_replace('/\s+/', '', $name));
|
2015-10-06 00:44:30 +02:00
|
|
|
$file_name = gen_name('custom_original', $name);
|
|
|
|
|
$ext = pathinfo($file_name, PATHINFO_EXTENSION);
|
|
|
|
|
$ext = strtolower($ext);
|
2016-05-14 10:55:50 +02:00
|
|
|
if(in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))){
|
|
|
|
|
if($type==='normal'){
|
|
|
|
|
include_once(CONFIG_ROOT_PATH.'error_meow.php');
|
|
|
|
|
exit(0);
|
|
|
|
|
}else{
|
|
|
|
|
exit('File type not allowed.');
|
|
|
|
|
}
|
2015-10-07 22:56:03 +02:00
|
|
|
}
|
2016-05-14 10:55:50 +02:00
|
|
|
while(file_exists(CONFIG_FILES_PATH.$file_name)){
|
2015-02-11 18:17:43 +01:00
|
|
|
$file_name = gen_name('custom_original', $name);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
//Move the file to the above location with said filename
|
2016-05-14 10:55:50 +02:00
|
|
|
move_uploaded_file($file,CONFIG_FILES_PATH.$file_name);
|
2015-10-08 00:27:39 +02:00
|
|
|
//Check if html or plain text should be returned
|
|
|
|
|
if($type==='tool'){
|
|
|
|
|
//Return url+filename to the user (plain text)
|
2016-05-14 10:55:50 +02:00
|
|
|
echo CONFIG_ROOT_URL.'/files/'.urlencode($file_name);
|
2015-10-08 00:27:39 +02:00
|
|
|
exit(0);
|
|
|
|
|
}elseif($type==='normal'){
|
|
|
|
|
//Return url+filename to the user (HTML)
|
|
|
|
|
$n=urlencode($file_name);
|
2016-05-14 10:55:50 +02:00
|
|
|
include_once(CONFIG_ROOT_PATH.'upload-done.php');
|
2015-10-08 00:27:39 +02:00
|
|
|
exit(0);
|
|
|
|
|
}
|
2015-02-11 18:17:43 +01:00
|
|
|
}
|
2016-05-14 10:55:50 +02:00
|
|
|
|
|
|
|
|
#Generate a random name for the uploaded file
|
2015-02-11 18:17:43 +01:00
|
|
|
function gen_name($arg, $in){
|
2016-05-14 10:55:50 +02:00
|
|
|
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
|
2015-02-11 18:17:43 +01:00
|
|
|
$name = '';
|
2016-05-14 10:55:50 +02:00
|
|
|
for ($i = 0; $i < CONFIG_RANDOM_LENGTH; $i++) {
|
|
|
|
|
$name .= $chars[mt_rand(0, 60)];
|
2015-02-11 18:17:43 +01:00
|
|
|
}
|
|
|
|
|
switch($arg){
|
|
|
|
|
case 'random':
|
|
|
|
|
return $name.'.'.$in;
|
|
|
|
|
break;
|
|
|
|
|
case 'custom_original':
|
|
|
|
|
return $name.'_'.$in;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
