-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathupload.php
More file actions
98 lines (79 loc) · 3.27 KB
/
upload.php
File metadata and controls
98 lines (79 loc) · 3.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
/*
* upload.php details (ko)
*
* param @result : 성공/실패 여부 반환
* 성공(1), 실패(0)
*
* param @url : 업로드 성공 시 다운로드 경로 반환
*
* - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * -
*
* upload.php details (en)
*
* param @result : returns success/failure
* success(1), failure(0)
*
* param @url : returns download url when upload successes
*/
if (!$_FILES) {
echo '{"result":"0", "message":"not a file"}';
exit();
}
$date = date('Y-m-d H:i:s');
$encode_code = 'TbpSQWwCc46XOBd9aJiN1rMFLjoIPVvtgumezkfHUAlYyx2Z8Dhsn305RGEqK7';
$code = '';
for ($i = 0; $i < 8; $i++) {
$code = $code.$encode_code[mt_rand(21437, 92417264) % 62];
}
$file_tmp = $_FILES['file']['tmp_name'];
$file_realname = $_FILES['file']['name'];
$file_name_encrypted = '';
for ($i = 0; $i < 6; $i++) {
$file_name_encrypted = $file_name_encrypted.$encode_code[mt_rand(21437, 92417264) % 62];
}
$file_size = $_FILES['file']['size'];
$file_ext = '';
if (strpos($file_realname, '.') !== false) {
$file_ext = substr($file_realname, strrpos($file_realname, '.') + 1);
}
$file_name = 'ModaShare@'.date('Ymd').'_'.$code;
if ($file_ext) $file_name = $file_name.'.'.$file_ext;
// todo: change this path to your own directory.
$upload_folder = '/root/www/html/shares/uploads/';
$file_path = $upload_folder.$file_name;
if (!move_uploaded_file($file_tmp, $file_path)) {
echo '{"result":"0", "message":"failed to move"}';
exit();
};
$conn = new mysqli('localhost', 'app_modashare', 'app_modashare', 'app_modashare');
$uploader_ip = $_SERVER['REMOTE_ADDR'];
$uploader_detail = urlencode($_SERVER['HTTP_USER_AGENT']);
$query = "INSERT INTO `files` SET `file_name_source` = '$file_realname',
`file_name` = '$file_name_encrypted',
`file_ext` = '$file_ext',
`file_size` = '$file_size',
`file_path` = '$file_path',
`file_timeout` = '$_POST[timeout]',
`file_password` = '',
`uploader_ip` = '$uploader_ip',
`uploader_detail` = '$uploader_detail',
`date` = '$date'";
$conn->query($query);
$file_id = $conn->insert_id;
// todo: change this url to your own url.
$site_url = "https://modaweb.kr/shares/";
$file_url = $site_url.$file_name_encrypted;
$_SERVER['HTTP_REFERER'] = str_replace(chr(92), chr(92).chr(92), $_SERVER['HTTP_REFERER']); // \
$_SERVER['HTTP_REFERER'] = str_replace(chr(39), ''', $_SERVER['HTTP_REFERER']); //
$query = "INSERT INTO `history`
SET `file_id` = '$file_id',
`state` = 'uploaded',
`request_url` = '',
`ref` = '$_SERVER[HTTP_REFERER]',
`user_ip` = '$uploader_ip',
`user_detail` = '$uploader_detail',
`date` = '$date'";
$conn->query($query);
echo '{"result":"1", "url":"'.$file_url.'"}';
?>