151 lines
5.1 KiB
PHP
151 lines
5.1 KiB
PHP
<?php
|
|
$BASE_DIR = "";
|
|
require("include/config.inc.php");
|
|
require("include/cleanup.inc.php");
|
|
|
|
if(isset($_POST['action'])) {
|
|
if ($_POST['action'] == "upload") {
|
|
if ($_FILES['upfile']['size'] > 0) {
|
|
|
|
switch ($_POST['validity']) {
|
|
case 1:
|
|
$expire = time() + 30 * 60;
|
|
break;
|
|
case 2:
|
|
$expire = time() + 60 * 60;
|
|
break;
|
|
case 3:
|
|
$expire = time() + 12 * 60 * 60;
|
|
break;
|
|
case 4:
|
|
$expire = time() + 24 * 60 * 60;
|
|
break;
|
|
case 5:
|
|
$expire = time() + 7 * 24 * 60 * 60;
|
|
break;
|
|
case 6:
|
|
$expire = time() + 31 * 24 * 60 * 60;
|
|
break;
|
|
case 7:
|
|
$expire = time() + 3 * 31 * 24 * 60 * 60;
|
|
break;
|
|
case 8:
|
|
$expire = time() + 6 * 31 * 24 * 60 * 60;
|
|
break;
|
|
case 9:
|
|
$expire = time() + 12 * 31 * 24 * 60 * 60;
|
|
break;
|
|
}
|
|
// eine id erstellen
|
|
$file_id = mkhash();
|
|
|
|
// einen eindeutigen dateinamen erstellen
|
|
$file_localname = md5($_FILES['upfile']['name'] + time());
|
|
|
|
if (move_uploaded_file($_FILES['upfile']['tmp_name'], $uploaddir . $file_localname)) {
|
|
$db->query("INSERT INTO files
|
|
(pid,timest,expire,file,name,mime,size) VALUES
|
|
('{$file_id}','" . time() . "','{$expire}','{$file_localname}',
|
|
'{$_FILES['upfile']['name']}','{$_FILES['upfile']['type']}','{$_FILES['upfile']['size']}')");
|
|
|
|
|
|
chmod($uploaddir . $file_localname, 0777);
|
|
header("Location: {$_SERVER['PHP_SELF']}?fileid=" . $file_id);
|
|
} else {
|
|
header("Location: {$_SERVER['PHP_SELF']}?code=1");
|
|
}
|
|
} else {
|
|
print_r($_FILES);
|
|
header("Location: {$_SERVER['PHP_SELF']}?code=2");
|
|
}
|
|
}
|
|
}
|
|
else if(isset($_GET['fileid'])) {
|
|
header("X-Trash-File: " . $base_url ."b/{$_GET['fileid']}");
|
|
include("include/header.php");
|
|
$spid = $db->escape($_GET['fileid']);
|
|
$result = $db->query("SELECT * FROM files WHERE pid = '{$spid}'");
|
|
if($db->num_rows($result)) {
|
|
$row = $db->fetch_assoc($result);
|
|
echo "<p>Hier die gewünschte Datei:</p>";
|
|
echo "Fuer Foren etc: ";
|
|
$compatible_url = $base_url . "b/{$_GET['fileid']}/{$row['name']}";
|
|
echo "<a href=\"{$compatible_url}\">{$compatible_url}</a>";
|
|
echo "<br/><br/>oder verschiedene Formen hier: <br/>";
|
|
$compatible_url = $base_url . "b/{$_GET['fileid']}";
|
|
echo "<a href=\"{$compatible_url}\">{$compatible_url}</a><br/>";
|
|
|
|
if(strpos($row['name'],".") >0) {
|
|
$compatible_url = $base_url . "b/{$_GET['fileid']}/" . substr($row['name'],0,strrpos($row['name'],".")) . "_" . round($row['size']/1024,2) ."kb" . substr($row['name'],strrpos($row['name'],".")) ;
|
|
echo "<a href=\"{$compatible_url}\">{$compatible_url}</a><br/>";
|
|
}
|
|
}
|
|
else {
|
|
echo "Datei nicht gefunden!";
|
|
}
|
|
|
|
include("include/footer.php");
|
|
}
|
|
elseif(isset($_GET['download'])) {
|
|
$spid = $db->escape($_GET['download']);
|
|
$pos = strpos($spid,"/");
|
|
if($pos > 0 ) $spid = substr($spid,0, $pos);
|
|
|
|
$result = $db->query("SELECT * FROM files WHERE pid = '{$spid}'");
|
|
if($db->num_rows($result)) {
|
|
$row = $db->fetch_assoc($result);
|
|
$db->query("UPDATE files SET downloads = '".($row['downloads']+1)."' WHERE id = '{$row['id']}'");
|
|
if($row['mime']=="") {
|
|
$content = "application/octet-stream";
|
|
header("Content-Disposition: attachment; filename=".$row['name']);
|
|
}
|
|
else {
|
|
$content = $row['mime'];
|
|
header("Content-Disposition: filename=".$row['name']);
|
|
}
|
|
header("Content-Type: " . $content);
|
|
$fp = fopen($uploaddir . $row['file'],"r");
|
|
while(!feof($fp)) {
|
|
echo fgets($fp,1024);
|
|
}
|
|
fclose($fp);
|
|
}
|
|
die();
|
|
}
|
|
else {
|
|
include("include/header.php");
|
|
if (isset($_GET['code'])) {
|
|
switch($_GET['code']) {
|
|
case "1":
|
|
echo "<p>Datei konnte nicht Kopiert werden!</p>";
|
|
break;
|
|
case "2":
|
|
echo "<p>Keine Datei angegeben oder Datei zu gross!</p>";
|
|
break;
|
|
}
|
|
}
|
|
?>
|
|
<form name="ul" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data"
|
|
onsubmit="document.ul.u.value='Bitte warten ...';document.ul.u.disabled=true" >
|
|
<input type="hidden" name="action" value="upload" />
|
|
Dateien bis max. <?php echo ini_get('post_max_size'); ?>:<br/>
|
|
<input type="file" name="upfile" /><br /><br />
|
|
Gültigkeit:
|
|
<select name="validity" size="1">
|
|
<option value="1">30 Minuten</option>
|
|
<option value="2" selected="selected">60 Minuten</option>
|
|
<option value="3">12 Stunden</option>
|
|
<option value="4">24 Stunden</option>
|
|
<option value="5">1 Woche</option>
|
|
<option value="6">1 Monat</option>
|
|
<!-- <option value="7">3 Monate</option>
|
|
<option value="8">6 Monate</option>
|
|
<option value="9">12 Monate</option>-->
|
|
</select> <input name="u" type="submit" value="Hochladen" />
|
|
</form>
|
|
<?php
|
|
|
|
include("include/footer.php");
|
|
|
|
}
|
|
?>
|