View file upload/uploadfile.php

File size: 7.57Kb
<?php
include "../cfg.php";


$verh='<?xml version = "1.0" encoding = "UTF-8"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" 

"http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru">
<head>
<title>mp3</title><link rel="stylesheet" href="../style.css" type="text/css"/>
<meta http-equiv="Content-Type" content="application/vnd.wap.xhtml+xml; charset=utf-8" />
</head><body>';

print $verh;
if(empty($komment)) {$err2='ok'; $filed=1;}


$ext = explode('.',$_FILES['userfile']['name']);
$ext = $ext[count($ext)-1];
if($ext=='jpg') {
mkdir("photo/$nik/",0777);
$upmelod = 'photo/'.$nik;} else { mkdir("video/$nik/",0777);
 $upmelod = 'video/'.$nik;}
$f="/";
$exthtgf=$_FILES['userfile']['name'];
if(empty($exthtgf)) {$err3='ok'; $filed=1;}
 if (($ext!='jpg')&&($ext!='3gp'))
{$err4='ok'; $filed=1;}

 if($filed==1) {
print '<div class="top"><b>Ошибочка вышла!</b></div>

!Возможные причины:</br> ';
if($err2=='ok') {print 'Введите пару слов к файлу';} 
if($err3=='ok') {print '<br/>Вы забыли выбрать файл';} 
if($err4=='ok') {print '<br/>Файл имеет недопустимое расширение';} 
}
else  {

$exthtgf = strip_tags($exthtgf);
$exthtgf = trim($exthtgf);
  $exthtgf=str_replace("$","",$exthtgf);
 $exthtgf=str_replace("quot;","",$exthtgf);
            $exthtgf=str_replace("$","",$exthtgf);
            $exthtgf=str_replace("&lt;","",$exthtgf);
            $exthtgf=str_replace("<","",$exthtgf);
            $exthtgf=str_replace(">","",$exthtgf);
            $exthtgf=str_replace("&gt;","",$exthtgf);
            $exthtgf=str_replace("\"","",$exthtgf);
            $exthtgf=str_replace("'","",$exthtgf);
            $exthtgf=str_replace("\\","",$exthtgf);
            $exthtgf=str_replace("&","",$exthtgf);
             $exthtgf=str_replace("%","",$exthtgf);
              
            $exthtgf=str_replace("@","",$exthtgf);
            $exthtgf=str_replace("^","",$exthtgf);
            $exthtgf=str_replace("*","",$exthtgf);
            $exthtgf=str_replace(")","",$exthtgf);
            $exthtgf=str_replace("(","",$exthtgf);
            $exthtgf=str_replace("|","",$exthtgf);
            $exthtgf=str_replace("!","",$exthtgf);
            $exthtgf=str_replace("№","",$exthtgf);
            $exthtgf=str_replace(";","",$exthtgf);
            $exthtgf=str_replace("/","",$exthtgf);
            $exthtgf=str_replace("{","",$exthtgf);
            $exthtgf=str_replace("}","",$exthtgf);
            $exthtgf=str_replace("[","",$exthtgf);
            $exthtgf=str_replace("]","",$exthtgf);
            $exthtgf=str_replace("#","",$exthtgf);

$exthtgf = htmlspecialchars(stripslashes($exthtgf));
$komment = htmlspecialchars(stripslashes($komment));
$avtor = htmlspecialchars(stripslashes($avtor));
$komment = strip_tags($komment);
$komment = trim($komment);
  $komment=str_replace("$","",$komment);
 $komment=str_replace("quot;","",$komment);
                     $komment=str_replace("#","",$komment);  
 $komment=str_replace("$","",$komment);
            $komment=str_replace("&lt;","",$komment);
            $komment=str_replace("<","",$komment);
            $komment=str_replace(">","",$komment);
            $komment=str_replace("&gt;","",$komment);
            $komment=str_replace("\"","",$komment);
            $komment=str_replace("'","",$komment);
            $komment=str_replace("\\","",$komment);
            $komment=str_replace("&","",$komment);
             $komment=str_replace("%","",$komment);
              
            $komment=str_replace("@","",$komment);
            $komment=str_replace("^","",$komment);
            $komment=str_replace("*","",$komment);
            $komment=str_replace(")","",$komment);
            $komment=str_replace("(","",$komment);
            $komment=str_replace("|","",$komment);
            $komment=str_replace("!","",$komment);
            $komment=str_replace("№","",$komment);
            $komment=str_replace(";","",$komment);
            $komment=str_replace("/","",$komment);
            $komment=str_replace("{","",$komment);
            $komment=str_replace("}","",$komment);
            $komment=str_replace("[","",$komment);
            $komment=str_replace("]","",$komment);


  


$_FILES['userfile']['name'] = strip_tags($_FILES['userfile']['name']);
$_FILES['userfile']['name'] = trim($_FILES['userfile']['name']);
  $_FILES['userfile']['name']=str_replace("$","",$_FILES['userfile']['name']);
 $_FILES['userfile']['name']=str_replace("quot;","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("$","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("&lt;","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("<","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace(">","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("&gt;","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("\"","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("'","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("\\","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("&","",$_FILES['userfile']['name']);
             $_FILES['userfile']['name']=str_replace("%","",$_FILES['userfile']['name']);
              
            $_FILES['userfile']['name']=str_replace("@","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("^","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("*","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace(")","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("(","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("|","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("!","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("№","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace(";","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("/","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("{","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("}","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("[","",$_FILES['userfile']['name']);
            $_FILES['userfile']['name']=str_replace("]","",$_FILES['userfile']['name']);

$_FILES['userfile']['name']=str_replace("#","",$_FILES['userfile']['name']);




$exthtgf=$_FILES['userfile']['name'];
$file2 = fopen("$upmelod/$exthtgf.dat","w"); 
fputs($file2, '||'.$komment); 

fclose($file2); 
$uploadfile = $upmelod.$f. basename($_FILES['userfile']['name']);



if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
print '<div class="top"><b>Файл  добавлен</b></div>'.$d[0].'ваш файл - '.$_FILES['userfile']['name'].' успешно добавлен в вашу галерею 
'; 

}}
 

print '<br/><a href="../index.php?form=kabinet&amp;ot=upload&amp;nik='.$nik.'&amp;pass='.$pass.'">Добавить ещё</a> 
или назад в <a href="../index.php?form=kabinet&amp;nik='.$nik.'&amp;pass='.$pass.'">личный кабинет</a> ';
print $footer;
?>