-
Notifications
You must be signed in to change notification settings - Fork 1
/
a_a.php
35 lines (35 loc) · 1010 Bytes
/
a_a.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?php
include 'connection.php';
$descr = post($_POST["description"]);
$dir = "mpop/";
$name = 'filen';
$fn = $_FILES[$name]['name'];
$ft = $_FILES[$name]['type'];
$ftn = $_FILES[$name]['tmp_name'];
$fe = $_FILES[$name]['error'];
if(41943040 > $_FILES[$name]['size']){
$fs = $_FILES[$name]['size'];
//echo $fn . "<br>" . $fs . "<br>" . $ft . "<br>" . $ftn . "<br>" . $fe;
$tf = $dir . mt_rand(10000,1000000000) . "_" . basename($ftn);
if(file_exists($tf)){
echo "Existed";
}else{
if(move_uploaded_file($ftn, $tf)){
$q = mysqli_query($con,"INSERT INTO files (filename, description, fileencrypt) VALUES ('$fn','$descr','$tf')");
if($q){
header("Location: index.php");
}else{
echo "SQL Error";
}
}else{
echo "File Error " . basename($ftn);
}
}
}
function post($name){
include 'connection.php';
$from_arr = array("<",">");
$to_arr = array("<",">");
return str_replace($from_arr, $to_arr, mysqli_real_escape_string($con,$name));
}
?>