This enhancement of Uploder, I add a space quota restriction and file extension filtering.
By : wibi
<?
/********************************************************************
* file uploader - file uploader code snippet.
* maxsize :
* - you can set the maxsixe, if file size exceed maxsize it won't proceed;
* - you can set the quota, if dir size exceed quota it won't proceed;
* - you can set the ext, if file name extension listed on this array it won't proceed;
*
* Copyright (C) 2001 Wibisono Sastrodiwiryo.
* This program is free software licensed under the
* GNU General Public License (GPL).
*
* CyberGL => Application Service Provider
* http://www.cybergl.co.id
* office@cybergl.co.id
*
* $Id: uploader2.php3,v 0.2 2001/07/23 22:3:34 wibi Exp $
*********************************************************************/
$dir ="/www/servers/upload"; # your uploaded file dir, this dir require proper permission to write access
$temp ="/tmp"; # unix system temp dir
$maxsize ="40960"; # max 40 Kb
$quota = 524288; # define space quota 500 Kb
$ext = array(".p", ".php", ".php3", ".phtml", ".shtml"); # define file extension to reject
if ($userfile AND $userfile != "none") {
$total=0;
$handle=opendir($dir);
while ($file = readdir($handle)) {
if (is_file("$dir/$file")) {$total+=filesize("$dir/$file");}
}
while (list($key,$val) = each($ext)) {
if (strstr($userfile_name, $val)) {$invalidext=true;break;}
}
if ($userfile_size > $maxsize) {echo "ERR: File too large";}
elseif ($invalidext) {echo "ERR: Forbiden file extension";}
elseif ($total > $quota) {echo "ERR: Space quota exceeded";}
else {
rename("$userfile", "$temp/$userfile_name");
copy("$temp/$userfile_name", "$dir/$userfile_name");
unlink("$temp/$userfile_name");
echo "OK: File \"$userfile_name\" uploaded succesfully";
}
} else {
?>
<form action="<?echo $PHP_SELF?>" method=POST ENCTYPE="multipart/form-data">
<table>
<tr>
<td class=navbox>Select File:</td>
<td>:</td>
<td><input type=file name=userfile></td>
</tr>
<tr>
<td class=navbox> </td>
<td> </td>
<td><input type=submit value=Upload></td>
</tr>
</table>
</form>
<?}?>
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More File Manipulation Code Articles
More By Codewalkers
 developerWorks - FREE Tools!
|
Join this webcast, to learn how the Rational Process Library can help with compliance issues, drive process improvement, and assist in service-oriented architecture (SOA) or Agile development. We will take a peek into the Rational Process Library with content around software and systems engineering (including RUP), operations and systems management, program and portfolio management, and asset and SOA governance.
FREE! Go There Now!
|
|
|
|
Learn field-tested SOA principles, methodology, technology and implementation from the global SOA market leader - in a new e-book by an IBM SOA expert. Written by IBM Certified SOA Solution Designer Bobby Woolf, "Exploring IBM SOA Technology & Practice" is the ultimate insider's guide to SOA - a PDF e-book packed cover to cover with IBM's specific advice on how to make your SOA implementation a success.
FREE! Go There Now!
|
|
|
|
Download the IBM WebSphere Portal V6.1 beta code and learn more about the rich features and enhancements in IBM WebSphere Portal V6.1. WebSphere Portal provides a composite application or business mashup framework and the advanced tooling needed to build flexible, SOA-based solutions, and scalability to meet the needs of any size organization.
FREE! Go There Now!
|
|
|
|
Ken Krugler, co-founder of code search company Krugle, and Laura Merling, vice president of Marketing and Business Development for Krugle, join to talk about the ins and outs of code search and what it means as a new feature for developerWorks users.
FREE! Go There Now!
|
|
|
|
Because access to government information continues to be an area of concern for many U.S. citizens with disabilities, the U.S. government enacted Section 508 of the Rehabilitation Act in 2001 to ensure that government agencies create accessible Web content, enabling all citizens to access the information they need. A fully accessible Web site makes Web content accessible to all individuals, including those with disabilities, who may be accessing Web content via a variety of user agents. Common user agents include standard Web browsers, text-only browsers, assistive devices and mobile devices such as cell phones or personal digital assistants (PDAs).
FREE! Go There Now!
|
|
|
|
This paper is about the critical role that a discipline called integrated requirements management can play in helping to ensure that your business goals and IT investments are continuously aligned—whether you are sourcing, integrating, building or maintaining software. It also looks at ways that automated IBM Rational® products can work together to help you use requirements in the very best way.
FREE! Go There Now!
|
|
|
|
Get a free trial download of IBM Lotus Forms V3.0 (formerly Workplace Forms), which provides a zero-footprint eForms solution to help you automate and move forms-based business processes off the desktop and onto the Web. With Lotus Forms, you can extend applications beyond the firewall by creating a single electronic form document ready for use in both thick and Web 2.0 thin client format.
FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference, to hear how Enterprise Generation Language (EGL) eliminates the need for tedious and error-prone low level coding, so developers can focus on business requirements. EGL extends the Rational software development platform with a simplified programming language that enables developers who have little or no experience with Java, Web technologies or Service Oriented Architecture, to create enterprise-class applications and services quickly and easily. It also allows developers who may have little or no mainframe programming experience to quickly create traditional mainframe components.
FREE! Go There Now!
|
|
|
|
WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies.
FREE! Go There Now!
|
|
|
|
Viper 2 brings a great value to developer communities including SQL, XML, PHP, Ruby, .NET and Java. You probably already know that DB2 Express-C is free for developers to develop, deploy and distribute. Viper 2 provides a variety of means that help move your application from the development stage to deployment more rapidly. This webcast shows how to best utilize the latest tools available for developing DB2 applications.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
