Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


How to add specific allowed extensions to upload script?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
Eraser
Grandmaster Cheater
Reputation: 0

Joined: 23 Jul 2008
Posts: 504
Location: http://www.youtube.com/PCtrainers

PostPosted: Sat Mar 28, 2009 10:37 am    Post subject: How to add specific allowed extensions to upload script? Reply with quote

This is my upload script that lets you to upload files to my webpage. It uses no mysql and i wonder how to add specific extensions to the list? I know someone gave me a code, but i didn't knew where to put it, so could anyone edit this script with the extensions (yes, i will later add more of them by myself)

Code:
<?php
session_start();
if(!isset($_POST['upload'])) {
echo '
<div align="center">
<form name="upload" enctype="multipart/form-data" method="POST" action="'.$_SERVER['REQUEST_URI'].'">
<input type="file" name="file" size="13" value="">
<br /><input type="submit" name="upload" value="Upload">
</form>
<b>Max file size - 500MB. Any file format is supported.</b>
';
} else {
$yourdomain = 'http://www.thps-mods.com/';
$uploaddir = 'uploads/';
$filename = $_FILES['file']['name'];
$filesize = $_FILES['file']['size'];
$tmpname_file = $_FILES['file']['tmp_name'];
    $date_file = date(imdy);
if($filesize > '590000000') {
echo "File was larger than 500MB.";
} else {
move_uploaded_file($tmpname_file, "$uploaddir$date_file$filename");
echo "Success!<br /><b></b><textarea rows='1' cols='80'>".$yourdomain.$uploaddir.$date_file.$filename."</textarea>";
}
  }
?>
<title>Upload</title>
</div>


i was given this code some days ago from someone, but i donno where to add it in my script :/


Code:
$ext1='php'; //To test
$ext1='png';
$ext1='ico';
$good=FALSE;

$disallow=Array('php', 'pl', 'exe', 'rar');
$allow=Array('png', 'gif', 'jpg', 'jpeg');

for ($i=0;$i<Count($disallow);$i++) { //Blacklist example
if ($ext1==$disallow[$i]) { die('File type not allowed.'); } //Or set $good to FALSE.
}

for ($i=0;$i<Count($allow);$i++) { //Whitelist example
if ($ext1==$allow[$i]) { $good=TRUE; }
}

if ($good) {
//Main upload script here
} else {
//Unknown file, do not upload
}
Back to top
View user's profile Send private message
iNoobHacker
Advanced Cheater
Reputation: 0

Joined: 05 Nov 2006
Posts: 99

PostPosted: Sat Mar 28, 2009 12:27 pm    Post subject: Reply with quote

Why are you using a "disallowed extensions list", if the extension was not found in the allowed extensions list just return false, else upload it.
_________________
"Two things are infinite: the universe and human stupidity, but I'm still not sure about the first one."
Back to top
View user's profile Send private message
92Garfield
I'm a spammer
Reputation: 57

Joined: 20 Dec 2007
Posts: 5871
Location: Banana Republic Germany

PostPosted: Sat Mar 28, 2009 3:24 pm    Post subject: Reply with quote

Code:

function ($uploadname) {
for ($count = 0; $count <= 2; $count++) {
if ($uploadname != ereg_replace($allowedExt($count), "", $uploadname) {
return true;
break;
} else {
return false;
break;
}}}


returns false when its not an allowed extension
returns true when its allowed extension

just make it in an array called allowedExt

_________________
Back to top
View user's profile Send private message
Eraser
Grandmaster Cheater
Reputation: 0

Joined: 23 Jul 2008
Posts: 504
Location: http://www.youtube.com/PCtrainers

PostPosted: Sun Mar 29, 2009 1:48 am    Post subject: Reply with quote

Where to put this code you gave me?
Back to top
View user's profile Send private message
Reak
I post too much
Reputation: 0

Joined: 15 May 2007
Posts: 3496

PostPosted: Sun Mar 29, 2009 5:50 am    Post subject: Reply with quote

Code:
<html>
<head>
   <title>Upload</title>
</head>
<body>
<div align="center">
<?php

if(isset($_POST['upload'])) {
   $allowed_filetypes = array("image/png", "image/jpeg");  // Add filetypes here, to get them do echo $filetype ($_FILES['file']['type'];)
   $yourdomain = 'http://www.thps-mods.com/';
   $uploaddir = 'uploads/';
   $err = false;
   $max_filesize = 524288000; // 500mb
   $filename = $_FILES['file']['name'];
   $filesize = $_FILES['file']['size'];
   $filetype = $_FILES['file']['type'];
   // echo $filetype."<br>"; to get file-type
   $tmpname_file = $_FILES['file']['tmp_name'];
   $date_file = date(imdy);
   
   if($filesize > $max_filesize)
   {
      $err = true;
      echo "File was larger than 500MB.";
   }
   
   if(!in_array($filetype, $allowed_filetypes))
   {
      $err = true;
      echo "Filetype is not allowed.";
   }
      
   if(!$err)
   {
      move_uploaded_file($tmpname_file, "$uploaddir$date_file$filename");
      echo "Success!<br /><b></b><textarea rows='1' cols='80'>".$yourdomain.$uploaddir.$date_file.$filename."</textarea>";
   }
}
if(!isset($_POST['upload']) || $err == true)
{
   ?>
   <form name="upload" enctype="multipart/form-data" method="POST">
   <input type="file" name="file" size="13" value="">
   <br /><input type="submit" name="upload" value="Upload">
   </form>
   <b>Max file size - 500MB. Any file format is supported.</b>
   <?php
}
?>
</div>
</body>
</html>
Back to top
View user's profile Send private message
Eraser
Grandmaster Cheater
Reputation: 0

Joined: 23 Jul 2008
Posts: 504
Location: http://www.youtube.com/PCtrainers

PostPosted: Sun Mar 29, 2009 6:16 am    Post subject: Reply with quote

OMg thnx Reak it works just as i wanted! Embarassed Embarassed Embarassed Embarassed Embarassed Embarassed Embarassed Embarassed

SmileSmileSmile
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites