This enhancement of Uploder, I add a space quota restriction and file extension filtering.
By : wibi
<?
/********************************************************************
* file uploader - file uploader code snippet.
* maxsize :
* - you can set the maxsixe, if file size exceed maxsize it won't proceed;
* - you can set the quota, if dir size exceed quota it won't proceed;
* - you can set the ext, if file name extension listed on this array it won't proceed;
*
* Copyright (C) 2001 Wibisono Sastrodiwiryo.
* This program is free software licensed under the
* GNU General Public License (GPL).
*
* CyberGL => Application Service Provider
* http://www.cybergl.co.id
* office@cybergl.co.id
*
* $Id: uploader2.php3,v 0.2 2001/07/23 22:3:34 wibi Exp $
*********************************************************************/
$dir ="/www/servers/upload"; # your uploaded file dir, this dir require proper permission to write access
$temp ="/tmp"; # unix system temp dir
$maxsize ="40960"; # max 40 Kb
$quota = 524288; # define space quota 500 Kb
$ext = array(".p", ".php", ".php3", ".phtml", ".shtml"); # define file extension to reject
if ($userfile AND $userfile != "none") {
$total=0;
$handle=opendir($dir);
while ($file = readdir($handle)) {
if (is_file("$dir/$file")) {$total+=filesize("$dir/$file");}
}
while (list($key,$val) = each($ext)) {
if (strstr($userfile_name, $val)) {$invalidext=true;break;}
}
if ($userfile_size > $maxsize) {echo "ERR: File too large";}
elseif ($invalidext) {echo "ERR: Forbiden file extension";}
elseif ($total > $quota) {echo "ERR: Space quota exceeded";}
else {
rename("$userfile", "$temp/$userfile_name");
copy("$temp/$userfile_name", "$dir/$userfile_name");
unlink("$temp/$userfile_name");
echo "OK: File \"$userfile_name\" uploaded succesfully";
}
} else {
?>
<form action="<?echo $PHP_SELF?>" method=POST ENCTYPE="multipart/form-data">
<table>
<tr>
<td class=navbox>Select File:</td>
<td>:</td>
<td><input type=file name=userfile></td>
</tr>
<tr>
<td class=navbox> </td>
<td> </td>
<td><input type=submit value=Upload></td>
</tr>
</table>
</form>
<?}?>
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More File Manipulation Code Articles
More By Codewalkers
 developerWorks - FREE Tools!
|
Join this webcast, to learn how the Rational Process Library can help with compliance issues, drive process improvement, and assist in service-oriented architecture (SOA) or Agile development. We will take a peek into the Rational Process Library with content around software and systems engineering (including RUP), operations and systems management, program and portfolio management, and asset and SOA governance.
FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference, featuring Paul Boustany and Mark Krasovich, to speak to the experts about becoming a Rational ClearCase power user. Get a chance to ask your questions and learn tips and tricks for using Rational ClearCase in Agile development
FREE! Go There Now!
|
|
|
|
Poor Requirements Management capabilities in an Enterprise have been linked to excessive project failures, escalating IT costs, and failure to deliver competitive advantage into the marketplace. Join Brianna M Smith from IBM Rational and learn about how successful organizations align IT and Business stakeholders through collaborative processes and tools for effective requirements management, and how an integrated approach across the IT lifecycle can provide unparalleled visibility and traceability to ensure that project teams are delivering on the business vision by "doing the right things" and "doing things right."
FREE! Go There Now!
|
|
|
|
CakePHP is a stable production-ready, rapid-development aid for building Web sites in PHP. This "Cook up Web sites fast with CakePHP" series shows you how to build an online product catalog using CakePHP.
FREE! Go There Now!
|
|
|
|
Join us for this on demand webcast to learn about developing complex systems more quickly and efficiently. We'll cover market drivers for developing, governing and reusing systems software assets and how you can develop system software assets with Rational Asset Manager.
FREE! Go There Now!
|
|
|
|
Discover how IBM Rational AppScan Standard Edition can help you detext vulnerabilities in your web applications in the Web Application Security eKit. IBM Rational AppScan is a leading suite of automated web application security solutions that scan and test for common Web application vulnerabilities. The new Web Application Security eKit provides you with valuable resources, including white papers, demos, and additional information on the benefits of testing your Web applications.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial version of IBM Rational Business Developer V7.1. Rational Business Developer offers rapid and simplified development of business applications and services through Enterprise Generation Language (EGL) tools, generating Java or mainframe solutions while shielding developers from technical complexities.
FREE! Go There Now!
|
|
|
|
Learn how to do more with your reusable assets with the free Rational Asset Manager eKit. The eKit includes demos on how Rational Asset Manager tracks and audits your assets in order to utilize them for reuse. Plus you’ll find white papers and a Webcast that discuss the challenges of a Service Oriented Architecture and how Rational Asset Manager can provide quick and effective solutions.
FREE! Go There Now!
|
|
|
|
The Eclipse community is constantly working to extend Eclipse's functionality. In this webcast, learn about some of the most important and feature-rich projects under development. From multi-language support to plug-in development, tune in to see what Eclipse is capable of now.
FREE! Go There Now!
|
|
|
|
Join this webcast to learn how IBM Rational's Functional Testing solution enables you to implement automation your way, at your pace, with your existing staff. In this webcast, you’ll learn how you can eliminate redundancy of manual test scripts, reduce errors, and increase test coverage through test automation. After this presentation you will understand how IBM Rational Functional Testing solution can streamline your manual testing and make test automation easily attainable.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
