-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathupload.php
executable file
·92 lines (78 loc) · 2.03 KB
/
upload.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?php
session_start();
include "common.php";
/*
echo '<pre>';
print_r($GLOBALS);
echo '</pre>';
*/
if(!login_varify())
{
exit();
}
if($_SESSION['login']!='root' && substr($_SESSION['login'],0,3)!='Dr.')
{
echo 'This user is not authorized to use this menu';
exit();
}
main_menu();
$grand_array=array();
function list_dir($dir,$exclude_dir)
{
global $grand_array;
$array_dir=scandir($dir);
foreach($array_dir as $key=>$value)
{
if(is_dir($dir.'/'.$value) && $value!='.' && $value!='..' && !in_array($dir.'/'.$value,$exclude_dir))
{
//echo $dir.'/'.$value.'<br>';
$grand_array[]=$dir.'/'.$value;
list_dir($dir.'/'.$value,$exclude_dir);
}
}
}
$base_dir=$_SERVER['DOCUMENT_ROOT'].'/NCHSLS';
$exclude_dir=array($base_dir.'/admin');
list_dir($base_dir,$exclude_dir);
echo '<html>';
echo '<body>';
echo '<form method=post enctype=\'multipart/form-data\'>';
echo '<table>';
echo '<tr>';
echo '<td bgcolor=lightblue>Give File name to upload</td>';
echo '<td bgcolor=lightblue><input type=file name=file></td>';
echo '</tr>';
echo '<tr>';
echo '<td bgcolor=lightgreen>Select location for storage at server</td>';
echo '<td bgcolor=lightgreen>';
mk_select_from_array_return_value('storage_path', $grand_array,'','');
echo '</td>';
echo '</tr>';
echo '<tr>';
echo '<td><input type="submit" name="submit" value="Submit"></td>';
echo '<tr></form>';
echo '</body></html> ';
if(isset($_FILES['file']))
{
if ($_FILES["file"]["error"] > 0)
{
echo "Error, Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{
echo "Trying to upload file: " . $_FILES["file"]["name"] . "<br />";
if (file_exists($_POST['storage_path'].'/'.$_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"] . " already exists.<h5>overwriting...</h5>";
}
if(!move_uploaded_file($_FILES["file"]["tmp_name"],$_POST['storage_path'].'/' .$_FILES["file"]["name"]))
{
echo '<h1>Failed upload.........</h1>';
}
else
{
echo "<h2>Stored as: " .$_POST['storage_path'].'/' .$_FILES["file"]["name"].'</h2>';
}
}
}
?>