I want to make Email input compulsory to upload files on server.
It may be helpful if you make a SMTP email sender for this system, cause PHP mail function not works with goDaddy hosting.
Best Regards:
Bharat Kaushik
Trinity Touch
bkaushik wrote:I want to make Email input compulsory to upload files on server.
It may be helpful if you make a SMTP email sender for this system, cause PHP mail function not works with goDaddy hosting.
Best Regards:
Bharat Kaushik
Trinity Touch
bkaushik wrote:I want to make Email compulsory cause I want it to use only for my company's employees.
So if also any of our customer uploads any file then we would able to know who had uploaded this file on server.
PeterS wrote:bkaushik wrote:I want to make Email compulsory cause I want it to use only for my company's employees.
So if also any of our customer uploads any file then we would able to know who had uploaded this file on server.
But isn't that what IP Logging does? You could view the file's IP to find out who from your company uploaded the file. Relying on the e-mail address to provide you with who uploaded the file is a bad idea unless you have a user management system where the e-mail address is already entered as readonly, because the employee could just fake his/her e-mail address :S. Regardless, if you still want e-mail to be compulsory, you'll require a MOD for that.
bkaushik wrote:PeterS wrote:bkaushik wrote:I want to make Email compulsory cause I want it to use only for my company's employees.
So if also any of our customer uploads any file then we would able to know who had uploaded this file on server.
But isn't that what IP Logging does? You could view the file's IP to find out who from your company uploaded the file. Relying on the e-mail address to provide you with who uploaded the file is a bad idea unless you have a user management system where the e-mail address is already entered as readonly, because the employee could just fake his/her e-mail address :S. Regardless, if you still want e-mail to be compulsory, you'll require a MOD for that.
I understand that one can enter fake email, but I have to give them links and password info after they upload the file on server, thats I can filter using their email address that what link I have to provide them.
This would be only internal system, so we does'nt require much security. IP address of internet in whole company is same as we had bought a static IP address.
<?php
///////////////////////////////////////////////////////////////////////////
// Product: Daddy's File Host
// Version: 1.2
//
// by DaddyScripts.com
//
// original source code by Jim (j-fx.ws) and Steven (galaxyscripts.com)
//////////////////////////////////////////////////////////////////////////
require_once("./config.php");
if(in_array($language, $LANGUAGE_LIST)) {
include('./lang/'.$language.'.php');
} else {
include('./lang/'.$LANGUAGE_LIST[0].'.php');
}
if(isset($_SESSION['user'])){
include ('./styles/'.$style.'/file_upload_form.php');
}else{
?>
<center><div class="notices"><img src="./img/note.png">Only registered users are allowed to upload using our file management system. Thank you.</div><p></center>
<?
}
?>
<?php
///////////////////////////////////////////////////////////////////////////
// Product: Daddy's File Host
// Version: 1.2
//
// by DaddyScripts.com
//
// original source code by Jim (j-fx.ws) and Steven (galaxyscripts.com)
//////////////////////////////////////////////////////////////////////////
if (isset($_POST['usercheck']) && isset($_POST['passcheck'])){
if (is_file('./users/' .$_POST['usercheck'] .'.dfh')){
$fop = fopen('./users/' .$_POST['usercheck'] .'.dfh', 'r');
$uscontent = fread($fop, '999');
fclose($fop);
$uscontent = explode("|", $uscontent);
if($_POST['passcheck'] == $uscontent[2] || $_POST['passcheck'] == $adminpass) {
$_SESSION['user'] = $_POST['usercheck'];
$maxfilesize = $content[32];
}
}
}
if(!isset($_SESSION['user'])){
header('Location: index.php');
die();
}
require_once("./config.php");
include("./header.php");
if(in_array($language, $LANGUAGE_LIST)) {
include('./lang/'.$language.'.php');
} else {
include('./lang/'.$LANGUAGE_LIST[0].'.php');
}
$file_types_check = substr(strrchr($_FILES['upfile']['name'], '.'), 1);
$file_types2 = $file_types;
$file_types = explode("*.", $file_types);
$i_file = count($file_types);
$i = 0;
$ii = 0;
$iii = 0;
while($i<=$i_file)
{
$file_types[$ii] = str_replace(";",'',"$file_types[$ii]");
$file_types[$ii] = str_replace(" ",'',"$file_types[$ii]");
if ($file_types[$ii] == $file_types_check) {
$iii++;
}
$i++;
$ii++;
}
if ($iii > 0 || $file_types2 == "*") {
$junk = array('.' , ',' , '/' , '\\' , '`' , ';' , '[' , ']' , '-', "'", '*', '&', '^', '%', '$', '@', '!', '~', '+', '(', ')', '|', '{', '}', ' ', '?', ':', '"', '=', "<", ">", " &");
$multi = array('__', '___', '____', '_____', '______');
$filename = $_FILES['upfile']['name'];
$filename = str_replace("'",'',"$filename");
$filename = str_replace("&",'_',"$filename");
$filename = str_replace("!",'_',"$filename");
$filename = str_replace("@",'_',"$filename");
$filename = str_replace("#",'_',"$filename");
$filename = str_replace("$",'_',"$filename");
$filename = str_replace("%",'_',"$filename");
$filename = str_replace("^",'_',"$filename");
$filename = str_replace("*",'_',"$filename");
$filename = str_replace("(",'_',"$filename");
$filename = str_replace(")",'_',"$filename");
$filename = str_replace("-",'_',"$filename");
$filename = str_replace("+",'_',"$filename");
$filename = str_replace("=",'_',"$filename");
$filename = str_replace("|",'_',"$filename");
$filename = str_replace(" ",'',"$filename");
$filename = stripslashes("$filename");
$filesize = $_FILES['upfile']['size'];
$fancyurl=rand('1','999');
$rand2=("$fancyurl$filename");
$m=$shourturl;
if ($m=="true")
$short= "";
else
$short= "download.php?file=";
$bans=file("./secure/bans.dfh");
foreach($bans as $line)
{
if ($line==$rand2."\n"){
?> <center>
<?
echo "$lang[noallow]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
die();
}
if ($line==$_SERVER['REMOTE_ADDR']."\n"){
?><center>
<? echo "$lang[nallow]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
die();
}
}
if(isset($categorylist)){
$validcat = 0;
foreach($categories as $cat) {
if($_POST['category']==$cat || $_POST['category'] = ""){ $validcat = 1; }
}
if($validcat==0) {
?><center><?
echo "$lang[icat]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
die();
}
$cat = $_POST['category'];
} else { $cat = ""; }
if($filesize==0) {
?>
<script type="text/javascript">
<!--
window.location = "./index.php?error=nofile"
//-->
</script>
<?
echo "$lang[dpick]";
?>
</center></td></tr></table><p style="margin:3px;text-align:center"><?
die();
}
$filesize = $filesize / 1048576;
if($filesize > $maxfilesize) {
?>
<script type="text/javascript">
<!--
window.location = "./index.php?error=too_large"
//-->
</script>
<?
echo "$lang[tlarge]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
die();
}
$userip = $_SERVER['REMOTE_ADDR'];
$time = time();
if($filesize > $nolimitsize)
{
$newfile = "./uploader/".$userip.".dfh";
$f=fopen($newfile, "w");
fwrite ($f,$userip."|".$time."|");
fclose($f);
chmod($newfile,0777);
}
$passkey = rand(100000, 999999);
if($emailoption && isset($_POST['myemail']) && $_POST['myemail']!="") {
$rand2 = urlencode($rand2);
$uploadmsg = "$lang[ufile] (".$filename.") $lang[wup].\n ". $lang[udownfile] . ":" . $scripturl . "$short" . $rand2 . "\n ". $lang[udeletefile] . ":" . $scripturl . "$short" . $rand2 . "&del=" . $passkey . "&ignore=" . "\n $lang[thank]";
mail($_POST['myemail'],"Your Uploaded File",$uploadmsg,"From: ". $email ."\n");
$rand2 = urldecode($rand2);
}
if($passwordoption && isset($_POST['pprotect'])) {
$passwerd = md5($_POST['pprotect']);
} else { $passwerd = md5(""); }
if($descriptionoption && isset($_POST['descr'])) {
$description = strip_tags($_POST['descr']);
} else { $description = ""; }
if (isset($_SESSION['user'])) {
emailcheck();
if($ucontent[5] == "true" || $_SESSION['emailactcheck'] == "ok" || $_SESSION['user'] == "admin"){
$_SESSION['emailactcheck'] = "ok";
}
}
$filelist = fopen("./files/".$rand2.".dfh","w");
fwrite($filelist, $rand2 ."|". $filename ."|". $passkey ."|". $userip ."|". $time."|0|".$description."|".$passwerd."|".$cat."|".$_POST['pprotect'] ."|" .$_SESSION['user'] ."|\n");
if (isset($_SESSION['user'])) {
emailcheck();
if($ucontent[5] == "true" || $_SESSION['emailactcheck'] == "ok" || $_SESSION['user'] == "admin"){
$_SESSION['emailactcheck'] = "ok";
$direname = "./userfiles/files/" .$_SESSION['user'] ."/";
if(is_dir($direname)){
}else{
mkdir($direname, 0777, true);
}
$filelist2 = fopen("./userfiles/files/" .$_SESSION['user'] ."/" .$rand2.".dfh","w");
fwrite($filelist2, "");
}
}
$movefile = "./storage/" . $rand2;
move_uploaded_file($_FILES['upfile']['tmp_name'], $movefile);
?>
<?php if ($_GET['method'] == "flash") {?><center><table style="margin-top:0px;width:auto;height:auto;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top><? } ?>
<?php
include ('./styles/'.$style.'/file_uploaded.php');
if ($_GET['method'] == "flash") {?></td></tr></table><?php } ?><p style="margin:3px;text-align:center">
<?
} else {
?>
<center>
<?php
echo $lang[itype];
?>
<script type="text/javascript">
<!--
window.location = "./index.php?error=invalid_filetype"
//-->
</script>
</center></td></tr></table><p style="margin:3px;text-align:center">
<?
}
include("./footer.php");
?>
</td></tr></table></center>
Users browsing this forum: No registered users and 0 guests