Created
December 17, 2017 15:36
-
-
Save komang4130/86f336b7ae93e6d046722b0ba5653e45 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<head> | |
<center> | |
<h1> Challenge by 9n4m0k</h1> | |
<form enctype="multipart/form-data" action ="#" method="POST"> | |
<h2> Choose an image to upload </h2> | |
<br> | |
<input name="upload" type="file"> | |
<br> | |
<input name="submit" type="submit" value="submit"> | |
</form> | |
</center> | |
<?php | |
if (isset($_POST["submit"])) | |
{ | |
$target_dir = "uploads/"; | |
$target_file = $target_dir.basename($_FILES["upload"]["name"]); | |
$isUpload = 1; | |
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION); | |
$check = getimagesize($_FILES["upload"]["tmp_name"]); | |
if ($check !== false ) | |
{ | |
$isUpload = 1; | |
} | |
else | |
{ | |
echo "Your file is not an image."; | |
$isUpload = 0; | |
} | |
if (file_exists($target_file)) | |
{ | |
echo "Sorry, your file name is already exists, please choose another name."; | |
$isUpload = 0; | |
} | |
if ($imageFileType != "jpg" && $imageFileType != "png") | |
{ | |
echo "Sorry, only JPG or PNG file is allowed."; | |
$isUpload = 0; | |
} | |
if ($isUpload) | |
{ | |
if (move_uploaded_file($_FILES["upload"]["tmp_name"], $target_file)) | |
{ | |
if ( strpos($target_file,".php") > -1 ) | |
{ | |
if ( $imageFileType == "jpg" ) | |
{ | |
$file_array = explode(".jpg", $target_file); | |
shell_exec("mv ".$target_file." ".$file_array[0]); | |
echo "Your file is uploaded successfully <br>"; | |
echo "cd ".$file_array[0]; | |
} | |
else | |
{ | |
$file_array = explode(".png", $target_file); | |
shell_exec("mv ".$target_file." ".$file_array[0]); | |
echo "Your file is uploaded successfully <br>"; | |
echo "cd ".$file_array[0]; | |
} | |
} | |
else | |
{ | |
echo "Your file is uploaded successfully <br>"; | |
echo "cd ".$target_dir.basename($_FILES["upload"]["name"]); | |
} | |
} | |
else | |
{ | |
echo "1"; | |
echo "<br>Sorry, your file is not uploaded"; | |
} | |
} | |
else | |
{ | |
echo "<br>Sorry, you file is not uploaded"; | |
} | |
} | |
?> | |
</head> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment