# Uploader for phpBB3



## Jaymie1989 (Apr 28, 2007)

Hi,

I have a script that is an uploader here-

```
<?php
//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
//   You may change maxsize, and allowable upload file types.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
//Mmaximum file size. You may increase or decrease.
$MAX_SIZE = 20971520;

//Allowable file ext. names. you may add more extension names.            
$FILE_EXTS  = array('.zip','.rar','.wav','.mp3','.mid');

//Allow file delete? no, if only allow upload only
$DELETABLE  = false;

//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
//   Do not touch the below if you are not confident.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/************************************************************
 *     Setup variables
 ************************************************************/
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "YOUR URL HERE".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this =  "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];

$upload_dir = "http://localhost/htdocs/phpBB3/uploaded/";
$upload_url = $url_dir."http://localhost/htdocs/phpBB3/uploaded/";
$message ="";

/************************************************************
 *     Create Upload Directory
 ************************************************************/
if (!is_dir("Uploaded")) {
  if (!mkdir($upload_dir))
  	die ("upload_files directory doesn't exist and creation failed");
  if (!chmod($upload_dir,0755))
  	die ("change permission to 755 failed.");
}

/************************************************************
 *     Process User's Request
 ************************************************************/
if ($_REQUEST[del] && $DELETABLE)  {
  $resource = fopen("log.txt","a");
  fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n");
  fclose($resource);

  if (strpos($_REQUEST[del],"/.")>0);                  //possible hacking
  else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking
  else if (substr($_REQUEST[del],0,6)==$upload_dir) {
    unlink($_REQUEST[del]);
    print "";
  }
}
else if ($_FILES['userfile']) {
  $resource = fopen("log.txt","a");
  fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
            .$_FILES['userfile']['name']." "
            .$_FILES['userfile']['type']."\n");
  fclose($resource);

  $file_type = $_FILES['userfile']['type']; 
  $file_name = $_FILES['userfile']['name'];
  $file_ext = strtolower(substr($file_name,strrpos($file_name,".")));

  //File Size Check
  if ( $_FILES['userfile']['size'] > $MAX_SIZE) 
     $message = "The file size is over the maximum allowed.";
  //File Extension Check
  else if (!in_array($file_ext, $FILE_EXTS))
     $message = "Sorry, $file_name($file_type) is not allowed to be uploaded.";
  else
     $message = do_upload($upload_dir, $upload_url);

  print "";
}
else if (!$_FILES['userfile']);
else 
	$message = "Invalid File Specified.";

/************************************************************
 *     List Files
 ************************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
   if(!is_dir($file) && !is_link($file)) {
      $filelist .= "[URL=$upload_dir$file]".$file."[/URL]";
      if ($DELETABLE)
        $filelist .= " [URL=?del=$upload_dir".urlencode($file)."]x[/URL]";
      $filelist .= "[SIZE=1][SIZE=1]  "
                   ."[/SIZE][/SIZE]";
      $filelist .="
";
   }
}

function do_upload($upload_dir, $upload_url) {

	$temp_name = $_FILES['userfile']['tmp_name'];
	$file_name = $_FILES['userfile']['name']; 
  $file_name = str_replace("\\","",$file_name);
  $file_name = str_replace("'","",$file_name);
	$file_path = $upload_dir.$file_name;

	//File Name Check
  if ( $file_name =="") { 
  	$message = "Invalid File Name Specified";
  	return $message;
  }

  $result  =  move_uploaded_file($temp_name, $file_path);
  if (!chmod($file_path,0777))
   	$message = "change permission to 777 failed.";
  else
    $message = ($result)?"$file_name uploaded successfully." :
     	      "Somthing is wrong with uploading a file.";
  return $message;
}

?>

Your Title Here

[CENTER]
   <?=$_REQUEST[message]?>

Upload File:

  Uploaded Files

  <?=$filelist?>
```
But when i upload a file there is no error or nothing, It doesnt save and when i check the folder its suppose to go in still nothing.

I have to inset the code here

```
Content in here.
```


----------



## rhynes (Aug 14, 2006)

Check your uploads directory again, it should be writable


----------



## Jaymie1989 (Apr 28, 2007)

Nop not there and i have tried it on my website and it still doesnt do it.

Here is the link to it
http://www.jaymie1989.streamlinenettrial.co.uk/my-mod-downloads.php


----------



## Sequal7 (Apr 15, 2001)

What is the seecond line;

```
$url_dir = "YOUR URL HERE".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
```
 Should it be set?

Also, you server root is localhost even for a TLD website? 
If so, they your files should be uplaoded into the 
http://www.jaymie1989.streamlinenettrial.co.uk/phpbb3/uploaded/ folder yet that folder does not exist? You need to check some of your variables.


----------



## Jaymie1989 (Apr 28, 2007)

I aint got a clue i just use the script


----------



## Sequal7 (Apr 15, 2001)

Where did you get the code from? Could you post that at least?

Usually you need to set the variables from scripts; like in the question I asked above, "your url here" would be replaced with "http://www.jaymie1989.streamlinenettrial.co.uk/phpbb3/uploaded/" and 

```
$upload_dir = "http://localhost/htdocs/phpBB3/uploaded/";
$upload_url = $url_dir."http://localhost/htdocs/phpBB3/uploaded/";
```
would be 

```
$upload_dir = "http://www.jaymie1989.streamlinenettrial.co.uk/phpbb3/uploaded/";
$upload_url = $url_dir."http://www.jaymie1989.streamlinenettrial.co.uk/phpbb3/uploaded";
```
You also have to make sure you have the uplaods directory in your server and it has write permissions. The script should have a readme or a install you can read to set it up, it appears you did not write it so look for one that may have came with it.

Cheers


----------



## Jaymie1989 (Apr 28, 2007)

Sequal7 said:


> Where did you get the code from? Could you post that at least?


I got it from sorceforge.net

I will try what you said and see if it work.


----------



## Sequal7 (Apr 15, 2001)

Link?


----------



## Jaymie1989 (Apr 28, 2007)

I cant find it sorry.


----------

