LinkBack URL
About LinkBacksavrei bisogno di aiuto , il file funziona perfettamente .
pero una shell potrebbe reggirare il controllo semplicemente rinominando la shell in jpg .
che precauzione posso prendere ?
ecco lo scriptCodice PHP://prelevo MAX NUM FOTO
$var6=@file("database/".$suff."_settingchat.txt");
$riga=trim($var6[0]);
$dat=explode("||",$riga);
$fotomax=trim($dat[14]);
/*ok*/
$count = 0;
if(@is_dir("gallery/".$login))
{
if ($handler = opendir("gallery/".$login)) {
while ($file = readdir($handler)) {
if ($file != '.' && $file != '..' && !@is_dir("gallery/".$login."/".$file) && substr($file, 0, 2) != "l_" && substr($file, 0, 2) != "c_" && substr($file, 0, 2) != "v_" && substr($file, 0, 2) != "t_")
$count += 1;
}
// tidy up: close the handler
closedir($handler);
}}
$rigascrivo="";
if (@file_exists($suff."_alertgallery.txt"))
{$fpgall=@file($suff."_alertgallery.txt");
$rigascrivo=trim($fpgall[0]);
}
?>
<div class="testata">UPLOAD IMG GALLERY</div>
<?php
if($count>=$fotomax){echo "E' stato raggiunto il limite di $fotomax foto per la tua gallery <a href='gallery.php'>TORNA</a>"; exit;}
if(!isset($HTTP_POST_FILES['img_file']) AND $count<$fotomax)
{ $diff=($fotomax-$count);?>
<div class='testatablue'>Rimangono <?php echo $diff; ?> foto</div>
<div class='avviso'><?php echo stripslashes($rigascrivo); ?></div>
<p align="center">
<a href="javascript:add('[b][/b] ')"><img border=0 src='bold.png' alt='[B]'></a>
<a href="javascript:add('[i][/i] ')"><img border=0 src='italic.png' alt='[i]'></a>
<a href="javascript:add('[u][/u] ')"><img border=0 src='underline.png' alt='[u]'></a>
<a href="javascript:add('[purple][/purple] ')"><img border=0 src='ball_purple.png' alt='[purple]'></a>
<a href="javascript:add('[yellow][/yellow] ')"><img border=0 src='ball_yellow.png' alt='[yellow]'></a>
<a href="javascript:add('[blue][/blue] ')"><img border=0 src='ball_blue.png' alt='[blue]'></a>
<a href="javascript:add('[orange][/orange] ')"><img border=0 src='ball_orange.png' alt='[orange]'></a></p>
<?php
exit;}
if (!isset($HTTP_POST_FILES['img_file']) OR !isset($_POST['msg'])) exit;
if (@is_uploaded_file($HTTP_POST_FILES['img_file']['tmp_name']))
{
if (@!is_dir("gallery/".$login)) @mkdir("gallery/".$login);
$path = "gallery/".$login."/";
$max_size = 1000000;
$img_name=$HTTP_POST_FILES['img_file']['name'];
$img_name = ereg_replace("[^.a-zA-Z0-9]+","",$img_name);
$elem= explode(".",$img_name);
$numelem=count($elem);
if($numelem>2)
{echo "Il nome del file deve contenere solo lettere e numeri<br/><a href='galleryupload.php'>TORNA</a>\n"; exit; }
if(!preg_match("!^[a-zA-Z0-9\d]+$!i", $elem[0]))
{echo "Il nome del file deve contenere solo lettere e numeri<br/><a href='galleryupload.php'>TORNA</a>\n"; exit; }
if (eregi('(;|\<|\>|\:|\\|\/|\.{2})',$img_name))
{echo "Il nome del file deve contenere solo lettere e numeri<br/><a href='galleryupload.php'>TORNA</a>\n"; exit; }
if(trim(strtolower($elem[1]))!="jpg")
{echo "Estensione non valida<br/><a href='galleryupload.php'>TORNA</a>\n"; exit;}
$img_name=time().".jpg";
if ($HTTP_POST_FILES['img_file']['size']>$max_size) { echo "<font color='red'>Il file SUPERA 1 MByte consentito!!!</font><br/><a href='galleryupload.php'>TORNA</a>"; exit; }
if (($HTTP_POST_FILES['img_file']['type']=="image/pjpeg") || ($HTTP_POST_FILES['img_file']['type']=="image/jpeg")) {
if (@file_exists($path.$img_name)) { echo "Il file gia' esiste, rinonimarlo<br/><a href='galleryupload.php'>TORNA</a>\n"; exit; }
if (!move_uploaded_file($HTTP_POST_FILES['img_file']['tmp_name'], $path.$img_name))
{ echo "Non e' stato possibile inserire la tua foto, contatta lo STAFF<br/><a href='galleryupload.php'>TORNA</a>"; exit; } else {
@include "SmartImage.class.php";
// Settings
$src = "gallery/$login/$img_name";
// Start!
$newlar=0;
$newalt=0;
list($lar,$alt)=@getimagesize("gallery/$login/$img_name");
if($alt>480)
{
$newalt=480;
$newlar=round($newalt*$lar/$alt);
$imgg = new SmartImage($src);
$imgg->resize($newlar, $newalt);
$imgg->saveImage("gallery/$login/$img_name");
$imgg->close();
}
if($newlar>640 OR $lar>640)
{
$newlar=640;
$newalt=round($newlar*$alt/$lar);
$imgg = new SmartImage($src);
$imgg->resize($newlar, $newalt);
$imgg->saveImage("gallery/$login/$img_name");
$imgg->close();
}
$sizfoto=@filesize("gallery/$login/$img_name");
if($sizfoto>105000)
{
$h = 90;
$imgu = new SmartImage($src);
$imgu->saveImage("gallery/$login/$img_name",$h);
$imgu->close();
}
$sizfotos=@filesize("gallery/$login/$img_name");
if($sizfotos>105000)
{
$h = 50;
$imgui = new SmartImage($src);
$imgui->saveImage("gallery/$login/$img_name",$h);
$imgui->close();
}
//SCRIVO LOG in azioni user txt
@require_once("detect.inc.php");
function ipCheck() {
if (getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
}
elseif (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
}
elseif (getenv('HTTP_X_FORWARDED')) {
$ip = getenv('HTTP_X_FORWARDED');
}
elseif (getenv('HTTP_FORWARDED_FOR')) {
$ip = getenv('HTTP_FORWARDED_FOR');
}
elseif (getenv('HTTP_FORWARDED')) {
$ip = getenv('HTTP_FORWARDED');
}
else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
$ip= htmlspecialchars(ipCheck());
$ipproxy = $_SERVER["REMOTE_ADDR"];
$cell="nondefinito";
if(!empty($subno))
{$cell=$subno;}
if(!empty($h3g))
{$cell=md5($h3g);}
$data=@time();
$modcell="";
if(isset($_SERVER["HTTP_X_DEVICE_USER_AGENT"]))
{$modcell=htmlentities($_SERVER["HTTP_X_DEVICE_USER_AGENT"]);
$modcell = str_replace(array("\r\n", "\r", "\n"), "", $modcell);
$modcell = str_replace("|","", $modcell);}
if($cell=="nondefinito" AND !empty($opera))
{$cell=$opera;}
$isp=gethostbyaddr($_SERVER['REMOTE_ADDR']);
if($ip==$ipproxy)
{$ipproxy="no proxy";}
//avviso in azioni user
$msg="FOTO INSERITA da $login*gallery/$login/$img_name";
$variabile="0||<img boder=0 alt='INFO' src='info.gif'>||avatar||FOTO GALLERY||".$msg."||#CC0077||".$ipproxy."||".$ip."||".$modcell."||".$browser."||".$isp."||".$cell."||".$data;
$var=@fopen("database/".$suff."_azioniuser.txt","a+");
@fwrite($var,"$variabile\n");
@fclose($var);
////////////
$msg=trim($_POST['msg']);
$msg = str_replace(array("\r\n", "\r", "\n"), "", $msg);
$msg = str_replace("|","", $msg);
$msgorig=$msg;
if(!empty($msg))
{
@require_once("spamcontrol.inc.php");
if(strlen($msg)>80)
{$msg=substr($msg,0,80)."...";}
$setting=@file("database/".$suff."_settingchat.txt");
$riga=trim($setting[0]);
$dati=explode("||",$riga);
$rigaspam=trim($dati[15]);
$settspam=explode("*",$rigaspam);
$statospam=trim($settspam[0]);
$modspam=trim($settspam[1]);
//controllo SPAM (se attivo)
if(@file_exists("database/".$suff."_blockspam.txt") AND $statospam==1)
{
if(spamcontrol($msg,$suff)){
if($modspam=="sostituzione")
{$msg="SPAM";}
//avviso in azioni user
$msgspam="MSG SPAM SU DIDASCALIA FOTO: $login ha scritto: ".$msgorig;
$variabile="0||<img boder=0 alt='INFO' src='info.gif'>||avatar||SPAM DIDASCALIA FOTO||".htmlentities($msgspam,ENT_QUOTES,'utf-8')."||#CC0077||".$ipproxy."||".$ip."||".$modcell."||".$browser."||".$isp."||".$cell."||".$data;
$var=@fopen("database/".$suff."_azioniuser.txt","a+");
@fwrite($var,"$variabile\n");
@fclose($var);}
}}
$msg=htmlentities($msg,ENT_QUOTES,'utf-8');
//Includo la funzione BBCode
function bBcode($str) {
//No HTML
$str = trim(str_replace("<", "", $str));
$str = trim(str_replace(">", "", $str));
//CHR 13
$str = trim(str_replace(chr(13), "<br>;", $str));
$bb = @array(
'/\[b\](.*?)\[\/b\]/is',
'/\[i\](.*?)\[\/i\]/is',
'/\[u\](.*?)\[\/u\]/is',
'/\[purple\](.*?)\[\/purple\]/is',
'/\[yellow\](.*?)\[\/yellow\]/is',
'/\[blue\](.*?)\[\/blue\]/is',
'/\[orange\](.*?)\[\/orange\]/is'
);
$out = @array(
'<b>$1</b>',
'<i>$1</i>',
'<u>$1</u>',
'<font color="#FF0066">$1</font>',
'<font color="#FFFF00">$1</font>',
'<font color="#3333FF">$1</font>',
'<font color="#FF6600">$1</font>'
);
$str = @preg_replace ($bb, $out, $str);
$str = trim(str_replace("]", "", $str));
return $str;
}
$msg=@bBcode($msg);
$img_names=str_replace(".jpg","",$img_name);
$variabile=$img_names."||".$msg;
$var=@fopen($path."l_lista.txt","a+");
@fwrite($var,"$variabile\n");
@fclose($var);
//aggiorno statistiche ultime foto inserite
$oggi=time();
$g=date("d",$oggi);
$m=date("m",$oggi);
$a=date("y",$oggi);
$addcomm=1;
if(@file_exists($suff."_statoggi/lastfoto_"."$g"."$m"."$a.txt"))
{
$var=@file($suff."_statoggi/lastfoto_"."$g"."$m"."$a.txt");
$addcomm=trim($var[0]);
$addcomm++;
}
$open = @fopen($suff."_statoggi/lastfoto_"."$g"."$m"."$a.txt","w+");
@fwrite($open, $addcomm);
@fclose($open);
///////////////////////////
//aggiorno file LAST FOTO
$data=@time();
$img_names=str_replace(".jpg","",$img_name);
if(@file_exists("database/".$suff."_lastfoto.txt"))
{
$f=@file("database/".$suff."_lastfoto.txt");
$contalast=count($f);
if($contalast>=10)
{unset($f[0]);
$fp = @fopen("database/".$suff."_lastfoto.txt", "w+");
foreach ($f AS $riga)
fputs($fp, $riga);
@fclose($fp);}
}
$open = @fopen("database/".$suff."_lastfoto.txt","a+");
$variabile = $login . "||" . $img_names;
@fwrite($open, $variabile."\n");
@fclose($open);
//////////////
echo "La foto e' stata inserita<br/><a href='galleryupload.php'>TORNA</a>";
}
}else{echo "File non consentito<br/><a href='galleryupload.php'>TORNA</a>";}
}
?>
</div><div class='testata'><a href='gallery.php'>GALLERY</a></div></body></html>
Visualizzazione risultati 1 fino 1 di 1
Discussione: php upload
-
01-03-2010, 17.32.25 #1Guest
php upload
Ultima modifica di dementialsite : 01-03-2010 alle ore 18.45.01
