Zyber17/gist:285903

## gistfile1.php
<?php
	/**
	 * This function will handle all of our file uploading
	 */
	function uploadFile(){
		if(isset($_POST['upload_button'])){
				$file = $_FILES['file_upload']; //This is our file variable
				$name1 = $file['name'];
				$ran = rand(0, 9999);


				$path_parts = pathinfo($name1);
				$ext = $path_parts['extension'];
				print_r($ext); //debug purposes


				$disallowed_extensions = array('perl', 'exe');
				$renamable_extensions = array('php', 'php1', 'php2', 'php3', 'php4', 'php5', 'phtml');

						if (in_array($ext, $renamable_extensions))
						{
							$ext = 'txt';
							echo 'Your php file was changed to a txt for safety reasons. <br />';
						}
						else if (in_array($ext, $disallowed_extensions))
						{
							echo 'No .' . $ext . ' allowed here';
						}

				$name2 = $ran.'.'.$ext;
				$name = $name2;
				$tmp = $file['tmp_name'];
				$size = $file['size'];
				$directories = $_SERVER['REQUEST_URI'];
				$fileplace = $path_parts['basename'];
				$dpath = explode($fileplace, $directories);

				$max_size = 5 * 1024 * 1024; //5 megabytes
				$upload_dir = 'uploads/';
				$path = 'http://' . $_SERVER['HTTP_HOST'] . $dpath[0] . $upload_dir . $name;

				$Lines = file("database.txt");
				foreach($Lines as $Key => $Val)
				{
				   $Data[$Key] = explode("||", $Val);
				}

				$database = 'database.txt';
				$somecontent = $file['name'] . "||" . $name . "||" . $size . "||" . date("Y-m-d") . "\n";


					if(!is_dir($upload_dir))
					{
						echo $upload_dir . ' is not a directory';
						exit();
					}
					else
					{
						if($size > $max_size)
						{
							echo 'The file you are trying to upload is too big.';
						}
							else
							{
								$search = glob($upload_dir . $name);
								if($search == null)
							{
									if(!is_uploaded_file($tmp))
									{
										echo 'Could not upload your file at this time, please try again';
									}
										else
										{
											if(!move_uploaded_file($tmp, $upload_dir . $name))
											{
												echo 'Could not move the uploaded file.';
											}
												else
												{
													// Let's make sure the file exists and is writable first.
													if (is_writable($database)) {

													    // In our example we're opening $filename in append mode.
													    // The file pointer is at the bottom of the file hence
													    // that's where $somecontent will go when we fwrite() it.
													    if (!$handle = fopen($database, 'a')) {
													         echo "Cannot open file ($database)";
													         exit;
													    }

													    // Write $somecontent to our opened file.
													    if (fwrite($handle, $somecontent) === FALSE) {
													        echo "Cannot write to file ($database)";
													        exit;
													    }

													    echo "Success, wrote ($somecontent) to file ($database) <br />";

													    fclose($handle);

													} else {
													    echo "The file $database is not writable";
													 }


													echo 'File: Uploaded <br /> Location: ' . $path;

												}
										}
								}
								else
								{
								echo "Unlucky dude, either your server is full, or the random name wasn't random enough. Try to upload the file again, the random name issue will be addressed in a later version. Thanks!";
								}
							}

			}

		}


	}


?>

## gistfile2.htm
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="reset.css" />
<link rel="stylesheet" type="text/css" href="index.css" />
<script src="jquery.js" type="text/javascript"></script>
<title>Uploady Rev2 v0.1</title>
</head>
<body>
	<?php
		uploadFile();
	?>
	<div id="wrapper">
	<div id="upload"> <!--style="display: none;"-->
	<form action="index.php" method="post"  enctype="multipart/form-data">
		<p><label>Choose a file to upload</label><br /><input type="file" name="file_upload" id="file"/><br />
		<input type="submit" name="upload_button" value="Upload" /><!--<div id="load"></div>--></p>
	</form>
	</div>
	</div>
</body>
</html>
	<?php
	/**
	* This function will handle all of our file uploading
	*/
	function uploadFile(){
	if(isset($_POST['upload_button'])){
	$file = $_FILES['file_upload']; //This is our file variable
	$name1 = $file['name'];
	$ran = rand(0, 9999);


	$path_parts = pathinfo($name1);
	$ext = $path_parts['extension'];
	print_r($ext); //debug purposes


	$disallowed_extensions = array('perl', 'exe');
	$renamable_extensions = array('php', 'php1', 'php2', 'php3', 'php4', 'php5', 'phtml');

	if (in_array($ext, $renamable_extensions))
	{
	$ext = 'txt';
	echo 'Your php file was changed to a txt for safety reasons. <br />';
	}
	else if (in_array($ext, $disallowed_extensions))
	{
	echo 'No .' . $ext . ' allowed here';
	}

	$name2 = $ran.'.'.$ext;
	$name = $name2;
	$tmp = $file['tmp_name'];
	$size = $file['size'];
	$directories = $_SERVER['REQUEST_URI'];
	$fileplace = $path_parts['basename'];
	$dpath = explode($fileplace, $directories);

	$max_size = 5 * 1024 * 1024; //5 megabytes
	$upload_dir = 'uploads/';
	$path = 'http://' . $_SERVER['HTTP_HOST'] . $dpath[0] . $upload_dir . $name;

	$Lines = file("database.txt");
	foreach($Lines as $Key => $Val)
	{
	$Data[$Key] = explode("\|\|", $Val);
	}

	$database = 'database.txt';
	$somecontent = $file['name'] . "\|\|" . $name . "\|\|" . $size . "\|\|" . date("Y-m-d") . "\n";


	if(!is_dir($upload_dir))
	{
	echo $upload_dir . ' is not a directory';
	exit();
	}
	else
	{
	if($size > $max_size)
	{
	echo 'The file you are trying to upload is too big.';
	}
	else
	{
	$search = glob($upload_dir . $name);
	if($search == null)
	{
	if(!is_uploaded_file($tmp))
	{
	echo 'Could not upload your file at this time, please try again';
	}
	else
	{
	if(!move_uploaded_file($tmp, $upload_dir . $name))
	{
	echo 'Could not move the uploaded file.';
	}
	else
	{
	// Let's make sure the file exists and is writable first.
	if (is_writable($database)) {

	// In our example we're opening $filename in append mode.
	// The file pointer is at the bottom of the file hence
	// that's where $somecontent will go when we fwrite() it.
	if (!$handle = fopen($database, 'a')) {
	echo "Cannot open file ($database)";
	exit;
	}

	// Write $somecontent to our opened file.
	if (fwrite($handle, $somecontent) === FALSE) {
	echo "Cannot write to file ($database)";
	exit;
	}

	echo "Success, wrote ($somecontent) to file ($database) <br />";

	fclose($handle);

	} else {
	echo "The file $database is not writable";
	}


	echo 'File: Uploaded <br /> Location: ' . $path;

	}
	}
	}
	else
	{
	echo "Unlucky dude, either your server is full, or the random name wasn't random enough. Try to upload the file again, the random name issue will be addressed in a later version. Thanks!";
	}
	}

	}

	}


	}


	?>
	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml">
	<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<link rel="stylesheet" type="text/css" href="reset.css" />
	<link rel="stylesheet" type="text/css" href="index.css" />
	<script src="jquery.js" type="text/javascript"></script>
	<title>Uploady Rev2 v0.1</title>
	</head>
	<body>
	<?php
	uploadFile();
	?>
	<div id="wrapper">
	<div id="upload"> <!--style="display: none;"-->
	<form action="index.php" method="post" enctype="multipart/form-data">
	<p><label>Choose a file to upload</label><br /><input type="file" name="file_upload" id="file"/><br />
	<input type="submit" name="upload_button" value="Upload" /><!--<div id="load"></div>--></p>
	</form>
	</div>
	</div>
	</body>
	</html>