X-Git-Url: https://git.mxchange.org/?p=simple-upload.git;a=blobdiff_plain;f=index.php;h=39abc27ccc62bba3b31702fe9e6614bfc161cac2;hp=7ecb92709b15ea00de131bdaffec0c14b818d78c;hb=9a9f90ba01f7b0e6c4d26120a6339f599d916f5d;hpb=477bfff0303c8d9e4cf6435356e574dfbb9fefd7
diff --git a/index.php b/index.php
index 7ecb927..39abc27 100644
--- a/index.php
+++ b/index.php
@@ -71,11 +71,14 @@
// Remove old files?
'remove_old_files' => true,
+
+ // Privacy: Allow external references (the "fork me" ribbon)
+ 'allow_external_refs' => true,
);
// =============={ Configuration End }==============
// Is the local config file there?
- if (file_exists('config-local.php')) {
+ if (isReadableFile('config-local.php')) {
// Load it then
include('config-local.php');
}
@@ -162,9 +165,7 @@
// Handling file upload
function uploadFile ($file_data) {
- global $settings;
- global $data;
- global $_SESSION;
+ global $settings, $data;
$file_data['uploaded_file_name'] = basename($file_data['name']);
$file_data['target_file_name'] = $file_data['uploaded_file_name'];
@@ -177,12 +178,12 @@
$file_data['target_file_name'] .= $settings['random_name_alphabet'][mt_rand(0, strlen($settings['random_name_alphabet']) - 1)];
if ($settings['random_name_keep_type'])
$file_data['target_file_name'] .= '.' . pathinfo($file_data['uploaded_file_name'], PATHINFO_EXTENSION);
- } while (file_exists($file_data['target_file_name']));
+ } while (isReadableFile($file_data['target_file_name']));
}
$file_data['upload_target_file'] = $data['uploaddir'] . DIRECTORY_SEPARATOR . $file_data['target_file_name'];
// Do now allow to overwriting files
- if (file_exists($file_data['upload_target_file'])) {
+ if (isReadableFile($file_data['upload_target_file'])) {
echo 'File name already exists' . "\n";
return;
}
@@ -197,6 +198,43 @@
}
}
+ // Delete file
+ function deleteFile ($file) {
+ global $data;
+
+ if (in_array(substr($file, 1), $_SESSION['upload_user_files']) || in_array($file, $_SESSION['upload_user_files'])) {
+ $fqfn = $data['uploaddir'] . DIRECTORY_SEPARATOR . $file;
+ if (!in_array($file, $data['ignores']) && isReadableFile($fqfn)) {
+ unlink($fqfn);
+ echo 'File has been removed';
+ exit;
+ }
+ }
+ }
+
+ // Mark/unmark file as hidden
+ function markUnmarkHidden ($file) {
+ global $data;
+
+ if (in_array(substr($file, 1), $_SESSION['upload_user_files']) || in_array($file, $_SESSION['upload_user_files'])) {
+ $fqfn = $data['uploaddir'] . DIRECTORY_SEPARATOR . $file;
+ if (!in_array($file, $data['ignores']) && isReadableFile($fqfn)) {
+ if (substr($file, 0, 1) === '.') {
+ rename($fqfn, substr($fqfn, 1));
+ echo 'File has been made visible';
+ } else {
+ rename($fqfn, $data['uploaddir'] . DIRECTORY_SEPARATOR . '.' . $file);
+ echo 'File has been hidden';
+ }
+ exit;
+ }
+ }
+ }
+
+ // Checks if the given file is a file and is readable
+ function isReadableFile ($file) {
+ return (is_file($file) && is_readable($file));
+ }
// Files are being POSEed. Uploading them one by one.
if (isset($_FILES['file'])) {
@@ -212,37 +250,22 @@
// Other file functions (delete, private).
if (isset($_POST)) {
- if ($settings['allow_deletion'])
- if (isset($_POST['action']) && $_POST['action'] === 'delete')
- if (in_array(substr($_POST['target'], 1), $_SESSION['upload_user_files']) || in_array($_POST['target'], $_SESSION['upload_user_files']))
- if (file_exists($_POST['target'])) {
- unlink($_POST['target']);
- echo 'File has been removed';
- exit;
- }
+ if ($settings['allow_deletion'] && (isset($_POST['target'])) && isset($_POST['action']) && $_POST['action'] === 'delete')
+ deleteFile($_POST['target']);
- if ($settings['allow_private'])
- if (isset($_POST['action']) && $_POST['action'] === 'privatetoggle')
- if (in_array(substr($_POST['target'], 1), $_SESSION['upload_user_files']) || in_array($_POST['target'], $_SESSION['upload_user_files']))
- if (file_exists($_POST['target'])) {
- if ($_POST['target'][0] === '.') {
- rename($_POST['target'], substr($_POST['target'], 1));
- echo 'File has been made visible';
- } else {
- rename($_POST['target'], '.' . $_POST['target']);
- echo 'File has been hidden';
- }
- exit;
- }
+ if ($settings['allow_private'] && (isset($_POST['target'])) && isset($_POST['action']) && $_POST['action'] === 'privatetoggle')
+ markUnmarkHidden($_POST['target']);
}
// List files in a given directory, excluding certain files
- function listFiles ($dir, $exclude) {
+ function createArrayFromPath ($dir) {
+ global $data;
+
$file_array = array();
$dh = opendir($dir);
- while (false !== ($filename = readdir($dh))) {
+ while ($filename = readdir($dh)) {
$fqfn = $dir . DIRECTORY_SEPARATOR . $filename;
- if (is_file($fqfn) && !in_array($filename, $exclude))
+ if (isReadableFile($fqfn) && !in_array($filename, $data['ignores']))
$file_array[filemtime($fqfn)] = $filename;
}
@@ -254,6 +277,7 @@
// Removes old files
function removeOldFiles ($dir) {
global $file_array, $settings;
+
foreach ($file_array as $file) {
$fqfn = $dir . DIRECTORY_SEPARATOR . $file;
if ($settings['time_limit'] < time() - filemtime($fqfn))
@@ -261,14 +285,16 @@
}
}
- $file_array = listFiles($data['uploaddir'], $data['ignores']);
+ // Only read files if the feature is enabled
+ if ($settings['listfiles']) {
+ $file_array = createArrayFromPath($data['uploaddir']);
- // Removing old files
- if ($settings['remove_old_files'])
- removeOldFiles($data['uploaddir']);
+ // Removing old files
+ if ($settings['remove_old_files'])
+ removeOldFiles($data['uploaddir']);
- $file_array = listFiles($data['uploaddir'], $data['ignores']);
- //die(print_r($file_array, TRUE));
+ $file_array = createArrayFromPath($data['uploaddir']);
+ }
?>
@@ -440,8 +466,19 @@
}
?>
-
- 
+
+
+
+ Fork me on GitHub
+
