// Remove old files?
'remove_old_files' => true,
+
+ // Privacy: Allow external references (the "fork me" ribbon)
+ 'allow_external_refs' => true,
);
// =============={ Configuration End }==============
// Is the local config file there?
- if (file_exists('config-local.php')) {
+ if (isReadableFile('config-local.php')) {
// Load it then
include('config-local.php');
}
$file_data['target_file_name'] .= $settings['random_name_alphabet'][mt_rand(0, strlen($settings['random_name_alphabet']) - 1)];
if ($settings['random_name_keep_type'])
$file_data['target_file_name'] .= '.' . pathinfo($file_data['uploaded_file_name'], PATHINFO_EXTENSION);
- } while (file_exists($file_data['target_file_name']));
+ } while (isReadableFile($file_data['target_file_name']));
}
$file_data['upload_target_file'] = $data['uploaddir'] . DIRECTORY_SEPARATOR . $file_data['target_file_name'];
// Do now allow to overwriting files
- if (file_exists($file_data['upload_target_file'])) {
+ if (isReadableFile($file_data['upload_target_file'])) {
echo 'File name already exists' . "\n";
return;
}
if (in_array(substr($file, 1), $_SESSION['upload_user_files']) || in_array($file, $_SESSION['upload_user_files'])) {
$fqfn = $data['uploaddir'] . DIRECTORY_SEPARATOR . $file;
- if (file_exists($fqfn)) {
+ if (!in_array($file, $data['ignores']) && isReadableFile($fqfn)) {
unlink($fqfn);
echo 'File has been removed';
exit;
if (in_array(substr($file, 1), $_SESSION['upload_user_files']) || in_array($file, $_SESSION['upload_user_files'])) {
$fqfn = $data['uploaddir'] . DIRECTORY_SEPARATOR . $file;
- if (file_exists($fqfn)) {
+ if (!in_array($file, $data['ignores']) && isReadableFile($fqfn)) {
if (substr($file, 0, 1) === '.') {
rename($fqfn, substr($fqfn, 1));
echo 'File has been made visible';
}
}
+ // Checks if the given file is a file and is readable
+ function isReadableFile ($file) {
+ return (is_file($file) && is_readable($file));
+ }
+
// Files are being POSEed. Uploading them one by one.
if (isset($_FILES['file'])) {
header('Content-type: text/plain');
}
// List files in a given directory, excluding certain files
- function createArrayFromPath ($dir, $exclude) {
+ function createArrayFromPath ($dir) {
+ global $data;
+
$file_array = array();
$dh = opendir($dir);
while ($filename = readdir($dh)) {
$fqfn = $dir . DIRECTORY_SEPARATOR . $filename;
- if (is_file($fqfn) && !in_array($filename, $exclude))
+ if (isReadableFile($fqfn) && !in_array($filename, $data['ignores']))
$file_array[filemtime($fqfn)] = $filename;
}
// Only read files if the feature is enabled
if ($settings['listfiles']) {
- $file_array = createArrayFromPath($data['uploaddir'], $data['ignores']);
+ $file_array = createArrayFromPath($data['uploaddir']);
// Removing old files
if ($settings['remove_old_files'])
removeOldFiles($data['uploaddir']);
- $file_array = createArrayFromPath($data['uploaddir'], $data['ignores']);
+ $file_array = createArrayFromPath($data['uploaddir']);
}
?>
<!DOCTYPE html>
}
?>
</ul>
- <?php } ?>
- <a href="https://github.com/muchweb/simple-php-upload"><img style="position: absolute; top: 0; right: 0; border: 0;" src="https://camo.githubusercontent.com/38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67" alt="Fork me on GitHub" data-canonical-src="https://s3.amazonaws.com/github/ribbons/forkme_right_darkblue_121621.png"></a>
+ <?php
+ }
+
+ if ($settings['allow_external_refs']) {
+ ?>
+ <a href="https://github.com/muchweb/simple-php-upload" target="_blank"><img style="position: absolute; top: 0; right: 0; border: 0;" src="https://camo.githubusercontent.com/38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67" alt="Fork me on GitHub" data-canonical-src="https://s3.amazonaws.com/github/ribbons/forkme_right_darkblue_121621.png"></a>
+ <?php
+ } else {
+ ?>
+ <a href="https://github.com/muchweb/simple-php-upload" target="_blank">Fork me on GitHub</a>
+ <?php
+ }
+ ?>
<script type="text/javascript">
<!--
var target_form = document.getElementById('simpleupload-form'),