Discutii despre tot ce nu se incadreaza in celelalte categorii.
Moderators: Moderatori ajutatori, Moderatori
-
Resident22
- Membru, skill +3
- Posts: 1464
- Joined: 02 Aug 2012, 12:36
- Detinator Steam: Da
- CS Status: Servicii de hosting
- Detinator server CS: DA
- SteamID: andreiduta
- Location: Bucuresti
- Has thanked: 19 times
- Been thanked: 90 times
-
Contact:
11 Jul 2013, 12:30
Am un script de upload introdus intr-o pagina..Problema e ca nu reusesc sa-i pun la scriptul respectiv o restrictie in a urca fisiere php ,vorbesc de shelluri.
Ma poate ajuta cineva?
Scriptul arata cam asa:
Code: Select all
include("config.php");
function path_options()
{
global $upload_dirs;
$option = "";
foreach ($upload_dirs as $path => $pinfo)
{
$option .= '<option value="'.$path.'">'.$pinfo["name"].'</option>';
}
return $option;
}
function check_vals()
{
global $upload_dirs, $err;
if (!ini_get("file_uploads")) { $err .= "HTTP file uploading is blocked in php configuration file (php.ini). Please, contact to server administrator."; return 0; }
$pos = strpos(ini_get("disable_functions"), "move_uploaded_file");
if ($pos !== false) { $err .= "PHP function move_uploaded_file is blocked in php configuration file (php.ini). Please, contact to server administrator."; return 0; }
if (!isset($_POST["path"]) || (strlen($_POST["path"]) == 0)) { $err .= "Please fill out path"; return 0; }
if (!isset($upload_dirs[$_POST["path"]])) { $err .= "Incorrect path"; return 0; }
if (!isset($_FILES["userfile"])) { $err .= "Empty file"; return 0; }
elseif (!is_uploaded_file($_FILES['userfile']['tmp_name'])) { $err .= "Empty file"; return 0; }
return 1;
}
$err = ""; $status = 0;
if (isset($_POST["upload"])) {
if (check_vals()) {
if (filesize($_FILES["userfile"]["tmp_name"]) > $max_file_size) $err .= "Maximum file size limit: $max_file_size bytes";
else {
if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $upload_dirs[$_POST["path"]]["dir"].$_FILES["userfile"]["name"])) {
$status = 1;
}
}
}
}
if (!$status) {
if (strlen($err) > 0) echo "<h4>$err</h4>";
}
else {
echo "<h4>"".$_FILES["userfile"]["name"]."" was successfully uploaded.</h4>";
}
?>
-
Resident22
- Membru, skill +3
- Posts: 1464
- Joined: 02 Aug 2012, 12:36
- Detinator Steam: Da
- CS Status: Servicii de hosting
- Detinator server CS: DA
- SteamID: andreiduta
- Location: Bucuresti
- Has thanked: 19 times
- Been thanked: 90 times
-
Contact:
-
squaremaster
- Membru, skill +1
- Posts: 275
- Joined: 19 May 2013, 13:06
- Detinator Steam: Nu
- CS Status: Citesc forumul eXtreamCS.com...!
- Location: Gothenburg, Sweden
- Has thanked: 5 times
- Been thanked: 10 times
-
Contact:
14 Jul 2013, 13:39
Ai nevoie ca acele fisiere sa fie stocate ? Sau Upload > Operatie > Delete ?
-
IsTI37
- Fost administrator
- Posts: 10987
- Joined: 10 Apr 2007, 15:02
- Detinator Steam: Da
- Reputatie: Fost administrator
Fost SysAdmin
Fost Fondator GTA5 (CVL)
- Location: Cluj-Napoca
- Has thanked: 28 times
- Been thanked: 776 times
14 Jul 2013, 15:10
if (isset($_POST["upload"])) {
if (check_vals()) {
$fisier = pathinfo($_FILES["userfile"]["tmp_name"]);
if ($fisier['extension'] == 'php') $err .= "Nu sunt permise fisierele cu extensia php";
if (filesize($_FILES["userfile"]["tmp_name"]) > $max_file_size) $err .= "Maximum file size limit: $max_file_size bytes";
else {
if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $upload_dirs[$_POST["path"]]["dir"].$_FILES["userfile"]["name"])) {
$status = 1;
}
}
}
-
Resident22
- Membru, skill +3
- Posts: 1464
- Joined: 02 Aug 2012, 12:36
- Detinator Steam: Da
- CS Status: Servicii de hosting
- Detinator server CS: DA
- SteamID: andreiduta
- Location: Bucuresti
- Has thanked: 19 times
- Been thanked: 90 times
-
Contact:
14 Jul 2013, 17:17
O sa incerc si revin cu verdictul.Multumesc.
-
Resident22
- Membru, skill +3
- Posts: 1464
- Joined: 02 Aug 2012, 12:36
- Detinator Steam: Da
- CS Status: Servicii de hosting
- Detinator server CS: DA
- SteamID: andreiduta
- Location: Bucuresti
- Has thanked: 19 times
- Been thanked: 90 times
-
Contact:
14 Jul 2013, 17:22
Nup,nu merge.
"fb.php" was successfully uploaded.
-
Haddaway
- Membru, skill +1
- Posts: 279
- Joined: 04 Nov 2012, 23:28
- Detinator Steam: Da
- CS Status: cs.capytala.ro
- Detinator server CS: cs.capytala.ro
- SteamID: drunxstefan
- Has thanked: 3 times
- Been thanked: 13 times
-
Contact:
14 Jul 2013, 23:32
functiile
nu trebuiau ceva de genu ?
din cate vad eu nu au ce verifica...
***************************************************************************************
********************************* Gazduire web Profesionala **********************************
********************************* http://www.dynamicspace.ro ************************************
***************************************************************************************
-
IsTI37
- Fost administrator
- Posts: 10987
- Joined: 10 Apr 2007, 15:02
- Detinator Steam: Da
- Reputatie: Fost administrator
Fost SysAdmin
Fost Fondator GTA5 (CVL)
- Location: Cluj-Napoca
- Has thanked: 28 times
- Been thanked: 776 times
15 Jul 2013, 00:04
Am gresit eu fiindca nu e vorba de un fisier.
Inlocuieste ce am adaugat in rosu cu :
Code: Select all
if (preg_match('/\.php$/i', $_FILES["userfile"]["tmp_name"])) $err .= "Nu sunt permise fisierele cu extensia php";
-
Users browsing this forum: Yandex [Bot] and 421 guests