Login   Register  
PHP Classes
elePHPant
Icontem

File: imageupload.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Er. Rochak Chauhan  >  AJAX File Uploader  >  imageupload.php  >  Download  
File: imageupload.php
Role: Auxiliary script
Content type: text/plain
Description: Uploads image
Class: AJAX File Uploader
Browse files uploaded without page reloading
Author: By
Last change: Security Patch Added
Date: 2008-10-11 09:38
Size: 1,289 bytes
 

Contents

Class file image Download
<?php
/**
 * This file uploads a file in the back end, without refreshing the page
 *  
 */
@session_start();
$dirName="uploads";

if (isset(
$_POST['id'])) {
    
//$uploadFile=$_GET['dirname']."/".$_FILES[$_POST['id']]['name']; for security reasons,  hardcode the name of the directrory.
    
@mkdir($dirName,0777);

    
$uploadFile="$dirName/".md5($_FILES[$_POST['id']]['name'].".demo");
    
    if(!
is_dir($_GET['dirname'])) {
        echo 
'<script> alert("Failed to find the final upload directory: $dirName);</script>';
    }
    if (!
copy($_FILES[$_POST['id']]['tmp_name'], $dirName.'/'.md5($_FILES[$_POST['id']]['name'].".demo"))) {    
        echo 
'<script> alert("Failed to upload file");</script>';
    }
}
else {
    
// for secority reason either remove the extentions or rectrict uploaded not to upload / run scripts like file.php else they can misuse the disk space 
    //$uploadFile=$_GET['dirname']."/".$_GET['filename']; // removed for security reasons (happend with my demo )
    
$uploadFile="$dirName/".md5($_GET['filename'].".demo");
    if (
file_exists($uploadFile)) {
        echo 
"File uploaded. <a href='$uploadFile'>Open File</a> &nbsp;&nbsp;&nbsp; <a href='deletefile.php?filename=".$uploadFile."'>Delete File</a>";    
    }
    else {
        echo 
"<img src='loading.gif' alt='loading...' />";
    }
}
?>