	Login		Register

File: imageupload.php

Recommend this page to a friend!

Stumble It!

Bookmark in del.icio.us

	Classes of Er. Rochak Chauhan	>	AJAX File Uploader	>	imageupload.php	>	Download

File:	`imageupload.php`
Role:	Auxiliary script
Content type:	`text/plain`
Description:	Uploads image
Class:	AJAX File Uploader Browse files uploaded without page reloading
Author:	By Er. Rochak Chauhan
Last change:	Security Patch Added
Date:	2008-10-11 09:38
Size:	`1,289 bytes`

Download


<?php

/**

 * This file uploads a file in the back end, without refreshing the page

 *  

 */

@session_start();

$dirName="uploads";



if (isset($_POST['id'])) {

    //$uploadFile=$_GET['dirname']."/".$_FILES[$_POST['id']]['name']; for security reasons,  hardcode the name of the directrory.

    @mkdir($dirName,0777);



    $uploadFile="$dirName/".md5($_FILES[$_POST['id']]['name'].".demo");

    

    if(!is_dir($_GET['dirname'])) {

        echo '<script> alert("Failed to find the final upload directory: $dirName);</script>';

    }

    if (!copy($_FILES[$_POST['id']]['tmp_name'], $dirName.'/'.md5($_FILES[$_POST['id']]['name'].".demo"))) {    

        echo '<script> alert("Failed to upload file");</script>';

    }

}

else {

    // for secority reason either remove the extentions or rectrict uploaded not to upload / run scripts like file.php else they can misuse the disk space 

    //$uploadFile=$_GET['dirname']."/".$_GET['filename']; // removed for security reasons (happend with my demo )

    $uploadFile="$dirName/".md5($_GET['filename'].".demo");

    if (file_exists($uploadFile)) {

        echo "File uploaded. <a href='$uploadFile'>Open File</a> &nbsp;&nbsp;&nbsp; <a href='deletefile.php?filename=".$uploadFile."'>Delete File</a>";    

    }

    else {

        echo "<img src='loading.gif' alt='loading...' />";

    }

}

?>

Advertise on this site

For more information send a message to info at phpclasses dot org.

File: imageupload.php

Contents