-=[ Mr. Bumblebee ]=-
_Indonesia_

Path : /var/www/html/inc/file/
File Upload :
Current File : /var/www/html/inc/file/upload.php

<?
	include $_SERVER['DOCUMENT_ROOT'] . '/inc/config.php';

	$no______impossible = ' <script> alert(\' ÀÌ¿ëÇÒ ¼ö ¾ø½À´Ï´Ù. \'); self.close(); </script> ' ;

	$mode = ( empty($_POST['mode']))?$_GET['mode']:$_POST['mode'] ;
	$code = ( empty($_POST['code']))?$_GET['code']:$_POST['code'] ;
	$temp_code = ( empty($_POST['temp_code']))?$_GET['temp_code']:$_POST['temp_code'] ;
	$tn = ( empty($_POST['tn']))?$_GET['tn']:$_POST['tn'] ;

	if ( $mode == 'upload' )
	{
		if ( empty($code)) echo $no______impossible ;
		if ( empty($temp_code)) echo $no______impossible ;
		if ( empty($tn)) echo $no______impossible ;

		$total['table'] = $config[$code][1] ;

		$use_file_upload = $config[$code][4]['file'] ;
		$use_thumbnail = $config[$code][4]['preview'] ;

		if ( $use_file_upload == 1 || $use_file_upload == 'on' )
		{
			if ( !empty( $_FILES['filename']['name']))
			{
				$last_ext = strtoupper( substr( $_FILES['filename']['name']  , strrpos($_FILES['filename']['name'] , '.' )+1));

				if ( $_FILES['filename']['error'] !== 0 )
					script_re ( $_SERVER['PHP_SELF'] . '?code=' . $code . '&temp_code=' . $temp_code . '&tn=' . $tn , ' ¾÷·Îµå ÇÒ ¼ö ¾ø´Â ÆÄÀÏÀÔ´Ï´Ù. ' ) ;

				if ( $last_ext == 'PHP' || $last_ext == 'ASP' || $last_ext == 'JSP' || $last_ext == 'HTML' || $last_ext == 'HTM' || $last_ext == 'CGI' )
					script_re ( $_SERVER['PHP_SELF'] . '?code=' . $code . '&temp_code=' . $temp_code . '&tn=' . $tn , $last_ext . ' ÆÄÀÏÀº ¾÷·Îµå ÇÒ ¼ö ¾ø½À´Ï´Ù. ' ) ;
				else
				{
					$action = array (
						'keycode'				=> $code ,
						'temp_code'				=> $temp_code ,
						'up_type'				=> 'ATTACH' ,
						'real_file_name'		=> file_upload( $_FILES['filename']['tmp_name'] , $_FILES['filename']['name'] , 'files/' . $total['table'] ) ,
						'orig_file_name'		=> $_FILES['filename']['name'] ,
						'file_ext'				=> $last_ext ,
						'file_type'				=> $_FILES['filename']['type'] ,
						'file_size'				=> intVal($_FILES['filename']['size'] / 1024) ,   // KB
						'write_date'			=> date('Y-m-d H:i:s') ,
						'ip'					=> getenv('REMOTE_ADDR')
					) ;
					if ( $last_ext == 'GIF' || $last_ext == 'JPG' || $last_ext == 'PNG' || $last_ext == 'JPEG' ) {
						$action['up_type'] = 'IMAGE' ;
						if ( $use_thumbnail == 1 || $use_thumbnail == 'on' )
						{
							$down_image_size = file_s_down ( 'files/' . $total['table'] . '/' . $action['real_file_name'] , $info_thumb['width'] , $info_thumb['height'] ) ;
							$img->width = $down_image_size['width'] ;
							$img->height = $down_image_size['height'] ;
							$img->height = $down_image_size['height'] ;
							$img->file_path = 'files/' . $total['table'] ;
							$img->thumb_path = 'files/' . $total['table'] . $info_thumb['directory'] ;
							$img->resize( $action['real_file_name'] ) ;
							$action['up_type'] = 'THUMB' ;
						}
					}

					$file_no = $exe->qry_insert($action , "tbl_{$info_file[table]}" ) ;

					if ( !empty($file_no))
					{
						echo "
						<html>
						<head>
						<meta http-equiv=\"Content-Type\" content=\"text/html; charset=euc-kr\">
						<link href=\"/css/css.css\" rel=\"stylesheet\" type=\"text/css\">
							<script language='javascript'>
								if ( opener.document.getElementsByName('temp_code')[0].value != '{$temp_code}' ) self.close();
								else
								{
									var target = opener.document.getElementsByName('nowsize')[0] ;
									target.value = ( parseInt( target.value , 10) + {$action[file_size]} ) ;
									target = opener.document.getElementsByName('tmp_upload_list')[0] ;
									opener.addselectoption('{$action[orig_file_name]}' , '{$file_no}' ) ;
						" ;
						if ( strpos($_FILES['filename']['type'] , 'image' ) !== false )
						{
							$down_image_size = file_s_down ( 'files/' . $total['table'] . '/' . $action['real_file_name'] , $info_file['auto_width'] , $info_file['auto_height'] ) ;
							echo "
									// iframe add
									//alert( opener.frames['contents___Frame'].FCKeditorAPI) ;
									if ( opener.FCKeditorAPI != null ) {
										var oEditor = opener.FCKeditorAPI.GetInstance('{$tn}') ;
										var imageSrc = '<img src=\"/inc/file/view.php?num={$file_no}\" width=\"" . $down_image_size['width'] . "\" height=\"" . $down_image_size['height'] . "\" onclick=\" openImage( this.src )\">' ;
										oEditor.InsertHtml( imageSrc ) ;
									} else {
										var theif = opener.document.{$tn}.document ;
										theif.body.innerHTML+= '<div align=\"center\"><img src=\"/inc/file/view.php?num={$file_no}\" width=\"" . $down_image_size['width'] . "\" height=\"" . $down_image_size['height'] . "\" onclick=\" openImage( this.src )\"></div><br><br>'  ;
									}
							" ;
						}
						echo "
									self.close();
								}
							</script>
						</head>
						<body>
						</body>
						</html>
						" ;
					}
					else
						echo ' <script> self.close(); </script> ' ;
				} // else end
			}
			else
				echo $no______impossible ;
		}
		else
			echo $no______impossible ;

		exit ;
	}

?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=euc-kr">
<link href="/css/css.css" rel="stylesheet" type="text/css">
<script src="/inc/config.js" language="javascript"></script>
<title>ÆÄÀÏ÷ºÎ</title>
<style type="text/css">
<!--
.style1 {
	color: #0033CC;
	font-weight: bold;
}
-->
</style>
<script language="javascript">
if (opener.document.getElementsByName("temp_code")[0].value != '<?=$temp_code?>') {
	alert(' À߸øµÈ Á¢±ÙÀÔ´Ï´Ù. ' ) ;
	self.close();
}
nowsize = opener.document.getElementsByName("nowsize")[0].value;
maxsize = (4000 - nowsize);

function checkuploadform(f)
{
	if ( f.click_okay.value != '' ) {
		alert(' Àá½Ã¸¸ ±â´Ù·ÁÁÖ¼¼¿ä ' );
		return false ;
	}
	if (opener.document.getElementsByName("temp_code")[0].value != '<?=$temp_code?>') {
		alert(' À߸øµÈ Á¢±ÙÀÔ´Ï´Ù. ' ) ;
		self.close();
	}
	x = f.code;
	if (!chknull(x.value, 1)) self.close();
	x = f.tn;
	if (!chknull(x.value, 1)) self.close();
	x = f.temp_code;
	if (!chknull(x.value, 1)) self.close();
	x = f.filename;
	if (!chknull(x.value, 1)) return errormsg(x, ' ÆÄÀÏÀ» ¼±ÅÃÇØÁÖ¼¼¿ä ', false);
	tmpimg = new Image;
	if ( navigator.userAgent.indexOf('MSIE') > 0 && navigator.appVersion.indexOf('MSIE 7.') > 0 ) {
	} else {
		tmpimg.dynsrc = x.value;
		tmpsize = tmpimg.fileSize/1024;
		tmpsize = Math.ceil(tmpsize);
		if (tmpsize > maxsize) return errormsg(x, maxsize + 'KB ÀÌ»óÀº ¾÷·Îµå ÇÒ ¼ö ¾ø½À´Ï´Ù. ', false);
		ext = x.value.substring(x.value.lastIndexOf('.')+1);
		ext = ext.toUpperCase();
		if (ext == 'PHP' || ext == 'JSP' || ext == 'ASP' || ext == 'HTML' || ext == 'HTM' ) return errormsg(x, ext + ' ÆÄÀÏÀº ¾÷·ÎµåÇÒ ¼ö ¾ø½À´Ï´Ù. ', false);
	}
	document.getElementById('alertMsg').innerHTML = ' ¾÷·Îµå ÁßÀÔ´Ï´Ù. Àá½Ã¸¸ ±â´Ù·ÁÁÖ¼¼¿ä ';
	f.click_okay.value = 1 ;
	return true;
}
</script>
</head>
<body topmargin="0" leftmargin="0" onload="document.forms[0].elements['filename'].focus()" >
<form method="post" action="<?=$_SERVER['PHP_SELF']?>" onsubmit="return checkuploadform(this);" enctype="multipart/form-data">
<input type="hidden" name="click_okay" value="">
<input type="hidden" name="code" value="<?=$code?>">
<input type="hidden" name="tn" value="<?=$tn?>">
<input type="hidden" name="temp_code" value="<?=$temp_code?>">
<input type="hidden" name="mode" value="upload">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
   <tr>
    <td  colspan="2" height="30" bgcolor="black"><img src="/inc/img/st_attach.gif"></td>
  </tr>
  <tr>
    <td class="pd8"  colspan="2" height="5"></td>
  </tr>
  <tr>
    <td class="pd8" valign="bottom" align="center">
	  <span style="font-size:8pt; color:gray"> * <?=$info_file['max_size']?>KB ¹Ì¸¸ÀÇ ÆÄÀϸ¸ ÷ºÎÇÒ ¼ö ÀÖ½À´Ï´Ù. </span>
	  <input type="file" name="filename" class="form" style="width:100%">
    </td>
  </tr>
  <tr>
    <td align="center"><input type="image" src="/img/bt/bt_confirm.gif" alt="ÆÄÀÏ ¿Ã¸®±â" border="0" ></td>
  </tr>
  <tr>
    <td height="20"></td>
  </tr>
</table>
</form>
<div align="center" id="alertMsg" style="color:red; font-weight:bold;"></div>
</body>
</html>

Copyright © 2017 || Recoded By Mr.Bumblebee