Skip to content

Instantly share code, notes, and snippets.

@dmpop
Created June 15, 2014 17:15
Show Gist options
  • Save dmpop/90aa9b1827b0067655c1 to your computer and use it in GitHub Desktop.
Save dmpop/90aa9b1827b0067655c1 to your computer and use it in GitHub Desktop.
<html><head><style type="text/css">
<!-- body { font-family: "Trebuchet MS",Verdana,Arial,Helvetica,sans-serif; font-size: 10pt; background-color: #eee;} -->
</style>
<?php
// A simple, minimalist, personal file/image hosting script. - version 0.5
// Only you can upload a file or image, using the password ($PASSWORD).
// Anyone can see the images or download the files.
// Files are stored in a subdirectory (see $SUBDIR).
// This script is public domain.
// Source: http://sebsauvage.net/wiki/doku.php?id=php:imagehosting
$PASSWORD='toto';
$SUBDIR='files'; // subdirectory where to store files and images.
if (!is_dir($SUBDIR))
{
mkdir($SUBDIR,0705); chmod($SUBDIR,0705);
$h = fopen($SUBDIR.'/.htaccess', 'w') or die("Can't create .htaccess file.");
fwrite($h,"Options -ExecCGI\nAddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi");
fclose($h);
$h = fopen($SUBDIR.'/index.html', 'w') or die("Can't create index.html file.");
fwrite($h,'<html><head><meta http-equiv="refresh" content="0;url='.$_SERVER["SCRIPT_NAME"].'"></head><body></body></html>');
fclose($h);
}
$scriptname = basename($_SERVER["SCRIPT_NAME"]);
if (isset($_FILES['filetoupload']) && isset($_POST['password']))
{
sleep(3); // Reduce brute-force attack effectiveness.
if ($_POST['password']!=$PASSWORD) { print 'Wrong password.'; exit(); }
$filename = $SUBDIR.'/'.basename( $_FILES['filetoupload']['name']);
if (file_exists($filename)) { print 'This file already exists.'; exit(); }
if(move_uploaded_file($_FILES['filetoupload']['tmp_name'], $filename))
{
$serverport=''; if ($_SERVER["SERVER_PORT"]!='80') { $serverport=':'.$_SERVER["SERVER_PORT"]; }
$fileurl='http://'.$_SERVER["SERVER_NAME"].$serverport.dirname($_SERVER["SCRIPT_NAME"]).'/'.$SUBDIR.'/'.basename($_FILES['filetoupload']['name']);
echo 'The file/image was uploaded to <a href="'.$fileurl.'">'.$fileurl.'</a>';
}
else { echo "There was an error uploading the file, please try again !"; }
echo '<br><br><a href="'.$scriptname.'">Upload another file.</a>';
exit();
}
print <<<EOD
<form method="post" action="$scriptname" enctype="multipart/form-data">
File/image to upload: <input type="file" name="filetoupload" size="60">
<input type="hidden" name="MAX_FILE_SIZE" value="256000000"><br>
Password: <input type="password" name="password"><br>
<input type="submit" value="Send">
</form>
<small>Self-hosting php script by <a href="http://sebsauvage.net/wiki/doku.php?id=php:filehosting">sebsauvage.net</a></small>
EOD;
?>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment