-=[ Mr. Bumblebee ]=-
_Indonesia_

Path : /var/www/html/inc.bk/file/
File Upload :
Current File : /var/www/html/inc.bk/file/upload_image.php

<?
	include $_SERVER['DOCUMENT_ROOT'] . '/inc/config.php';

	$no______impossible = ' <script> alert(\' ÀÌ¿ëÇÒ ¼ö ¾ø½À´Ï´Ù. \'); self.close(); </script> ' ;

	if ( $mode == 'upload' )
	{
		if ( empty($code)) echo $no______impossible ;
		if ( empty($temp_code)) echo $no______impossible ;
		if ( empty($tn)) echo $no______impossible ;

		$total['table'] = $config[$code][1] ;

		$use_file_upload = $config[$code][4]['file'] ;
		$use_thumbnail = $config[$code][4]['preview'] ;

		if ( $use_file_upload == 1 || $use_file_upload == 'on' )
		{
			if ( !empty( $_FILES['filename']['name']))
			{
				$ext_extract = explode ( '.' , $_FILES['filename']['name']) ;
				$last_ext = end ( $ext_extract ) ;
				$last_ext = strtoupper( $last_ext ) ;

				if ( $_FILES['filename']['error'] !== 0 )
					script_re ( $_SERVER['PHP_SELF'] . '?code=' . $code . '&temp_code=' . $temp_code . '&tn=' . $tn , ' ¾÷·Îµå ÇÒ ¼ö ¾ø´Â ÆÄÀÏÀÔ´Ï´Ù. ' ) ;

				if ( $last_ext == 'PHP' || $last_ext == 'ASP' || $last_ext == 'JSP' || $last_ext == 'HTML' || $last_ext == 'HTM' || $last_ext == 'CGI' )
					script_re ( $_SERVER['PHP_SELF'] . '?code=' . $code . '&temp_code=' . $temp_code . '&tn=' . $tn , $last_ext . ' ÆÄÀÏÀº ¾÷·Îµå ÇÒ ¼ö ¾ø½À´Ï´Ù. ' ) ;
				else
				{
					$insert = array (
						'keycode'				=> $code ,
						'temp_code'				=> $temp_code ,
						'up_type'				=> 'IMAGE' ,
						'real_file_name'		=> file_upload( $_FILES['filename']['tmp_name'] , $_FILES['filename']['name'] , 'files/' . $total['table'] ) ,
						'orig_file_name'		=> $_FILES['filename']['name'] ,
						'file_ext'				=> $last_ext ,
						'file_type'				=> $_FILES['filename']['type'] ,
						'file_size'				=> intVal($_FILES['filename']['size'] / 1024) ,   // KB
						'write_date'			=> date('Y-m-d H:i:s') ,
						'ip'					=> getenv('REMOTE_ADDR')
					) ;

					$file_no = $exe->qry_insert($insert , "tbl_{$info_file[table]}" ) ;
					/*
					if ( $use_thumbnail == 1 || $use_thumbnail == 'on' )
					{
						if ( strpos($_FILES['filename']['type'] , 'image' ) !== false )
						{
							$down_image_size = file_s_down ( 'files/' . $total['table'] . '/' . $insert['real_file_name'] , $info_thumb['width'] , $info_thumb['height'] ) ;
							$img->width = $down_image_size['width'] ;
							$img->height = $down_image_size['height'] ;
							$img->file_path = 'files/' . $total['table'] . '/' . $insert['real_file_name'] ;
							$img->thumb_path = 'files/' . $total['table'] . $info_thumb['directory'] ;
							$img->resize( $insert['real_file_name'] ) ;
						}
					}
					*/
					if ( !empty($file_no))
					{
						echo "
							<script>
								if ( opener.document.getElementsByName('temp_code')[0].value != '{$temp_code}' ) self.close();
								else
								{
									target = opener.document.getElementsByName('nowsize')[0] ;
									target.value = ( parseInt( target.value , 10) + {$insert[file_size]} ) ;
									target = opener.document.getElementsByName('tmp_upload_list')[0] ;
									opener.addselectoption('{$insert[orig_file_name]}' , '{$file_no}' ) ;
						" ;
						if ( strpos($_FILES['filename']['type'] , 'image' ) !== false )
						{
							$down_image_size = file_s_down ( 'files/' . $total['table'] . '/' . $insert['real_file_name'] , $info_file['auto_width'] , $info_file['auto_height'] ) ;
							echo "
									// iframe add
									theif = opener.document.frames['{$tn}'].document ;
									theif.body.innerHTML+= '<img src=\"/inc/file/view.php?num={$file_no}\" width=\"" . $down_image_size['width'] . "\" height=\"" . $down_image_size['height'] . "\" onclick=\" openImage( this.src )\"><br><br>'  ;
							" ;
						}
						echo "
									self.close();
								}
							</script>
						" ;
					}
					else
						echo ' <script> self.close(); </script> ' ;
				} // else end
			}
			else
				echo $no______impossible ;
		}
		else
			echo $no______impossible ;

		exit ;
	}

?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=euc-kr">
<link href="/css/css.css" rel="stylesheet" type="text/css">
<script src="/inc/config.js" language="javascript"></script>
<title>À̹ÌÁö÷ºÎ</title>
<style type="text/css">
<!--
.style1 {
	color: #0033CC;
	font-weight: bold;
}
-->
</style>
<script language="javascript">
if (opener.document.getElementsByName("temp_code")[0].value != '<?=$temp_code?>') {
	alert(' À߸øµÈ Á¢±ÙÀÔ´Ï´Ù. ' ) ;
	self.close();
}
nowsize = opener.document.getElementsByName("nowsize")[0].value;
maxsize = (4000 - nowsize);

function checkuploadform(f)
{
	if ( f.click_okay.value != '' ) {
		alert(' Àá½Ã¸¸ ±â´Ù·ÁÁÖ¼¼¿ä ' );
		return false ;
	}
	if (opener.document.getElementsByName("temp_code")[0].value != '<?=$temp_code?>') {
		alert(' À߸øµÈ Á¢±ÙÀÔ´Ï´Ù. ' ) ;
		self.close();
	}
	x = f.code;
	if (!chknull(x.value, 1)) self.close();
	x = f.tn;
	if (!chknull(x.value, 1)) self.close();
	x = f.temp_code;
	if (!chknull(x.value, 1)) self.close();
	x = f.filename;
	if (!chknull(x.value, 1)) return errormsg(x, ' ÆÄÀÏÀ» ¼±ÅÃÇØÁÖ¼¼¿ä ', false);
	tmpimg = new Image;
	tmpimg.dynsrc = x.value;
	tmpsize = tmpimg.fileSize/1024;
	tmpsize = Math.ceil(tmpsize);
	if (tmpsize > maxsize) return errormsg(x, maxsize + 'KB ÀÌ»óÀº ¾÷·Îµå ÇÒ ¼ö ¾ø½À´Ï´Ù. ', false);
	ext = x.value.substring(x.value.lastIndexOf('.')+1);
	ext = ext.toUpperCase();
	if (ext == 'PHP' || ext == 'JSP' || ext == 'ASP' || ext == 'HTML' || ext == 'HTM' ) return errormsg(x, ext + ' ÆÄÀÏÀº ¾÷·ÎµåÇÒ ¼ö ¾ø½À´Ï´Ù. ', false);
	if (ext != 'JPG' && ext != 'JPEG' && ext != 'GIF' && ext != 'PNG' && ext != 'BMP' ) return errormsg(' À̹ÌÁö ÆÄÀϸ¸ ¾÷·ÎµåÇÒ ¼ö ÀÖ½À´Ï´Ù. ', false);

	document.getElementById('alertMsg').innerHTML = ' ¾÷·Îµå ÁßÀÔ´Ï´Ù. Àá½Ã¸¸ ±â´Ù·ÁÁÖ¼¼¿ä ';
	f.click_okay.value = 1 ;
	return true;
}
</script>
</head>
<body topmargin="0" leftmargin="0" onload="document.forms[0].elements['filename'].focus()" >
<form method="post" action="<?=$_SERVER['PHP_SELF']?>" onsubmit="return checkuploadform(this);" enctype="multipart/form-data">
<input type="hidden" name="click_okay" value="">
<input type="hidden" name="code" value="<?=$code?>">
<input type="hidden" name="tn" value="<?=$tn?>">
<input type="hidden" name="temp_code" value="<?=$temp_code?>">
<input type="hidden" name="mode" value="upload">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
   <tr>
    <td  colspan="2" height="30" bgcolor="black"><img src="/inc/img/st_attach.gif"></td>
  </tr>
  <tr>
    <td class="pd8"  colspan="2" height="5"></td>
  </tr>
  <tr>
    <td class="pd8" valign="bottom" align="center">
	  <span style="font-size:8pt; color:gray"> * <?=$info_file['max_size']?>KB ¹Ì¸¸ÀÇ À̹ÌÁö¸¸ ÷ºÎÇÒ ¼ö ÀÖ½À´Ï´Ù. </span>
	  <input type="file" name="filename" class="form" style="width:100%">
    </td>
  </tr>
  <tr>
    <td align="center"><input type="image" src="/img/bt/bt_confirm.gif" alt="ÆÄÀÏ ¿Ã¸®±â" border="0" ></td>
  </tr>
  <tr>
    <td height="20"></td>
  </tr>
</table>
</form>
<div align="center" id="alertMsg" style="color:red; font-weight:bold;"></div>
</body>
</html>

Copyright © 2017 || Recoded By Mr.Bumblebee