rtoss

Subversion Repositories:
Compare Path: Rev
With Path: Rev
/komica-up/ @ 61  →  /komica-up/ @ 62
File deleted
\ No newline at end of file
/komica-up/count.txt
/komica-up/upload.php
@@ -1,63 +1,64 @@
<?php
/*********************************************
Wastepaper Uploader v1.5
http://utu.under.jp/
PHPあぷろだを元にW3Cに準拠したXHTMLを目指すべく
スクリプト及びHTML文書を改造いたしました。
結構適当なXHTMLかもしれませんがW3C信者様お許しを…。
------------------設置法-------------------
設置ディレクトリは755
img、imgsディレクトリは777
upload.php、sum.phpは755
up.log、last.cgi、count.txtは666
------------------Based--------------------
source by PHPあぷろだ v2.2
http://php.s3.to
source by ずるぽん
http://zurubon.virtualave.net/
k-up SQL 20091030
http://scrappedblog.blogspot.com/
Use SQLite2 database instead of flatfile
Add more useful functions
 
もしもの為の.htaccess (CGI禁止SSI禁止Index表示禁止)
Options -ExecCGI -Includes -Indexes
.txtでも、中身がHTMLだと表示されちゃうので注意
-------------------------------------------
Wastepaper Uploader v1.5
http://utu.under.jp/
PHPあぷろだを元にW3Cに準拠したXHTMLを目指すべく
スクリプト及びHTML文書を改造いたしました。
結構適当なXHTMLかもしれませんがW3C信者様お許しを…。
------------------設置法-------------------
設置ディレクトリは755
fileディレクトリは777
upload.phpは755
k-up.sdbは666
------------------Based--------------------
source by PHPあぷろだ v2.2
http://php.s3.to
source by ずるぽん
http://zurubon.virtualave.net/
 
もしもの為の.htaccess (CGI禁止SSI禁止Index表示禁止)
Options -ExecCGI -Includes -Indexes
.txtでも、中身がHTMLだと表示されちゃうので注意
-------------------------------------------
*********************************************/
error_reporting(0);
if(phpversion()>='4.1.0'){//PHP4.1.0以降対応
$_GET = array_map('_clean', $_GET);
$_POST = array_map('_clean', $_POST);
//$_POST = array_map('_clean', $_GET);
extract($_GET);
extract($_POST);
extract($_COOKIE);
extract($_SERVER);
$upfile_type=_clean($_FILES['upfile']['type']);
$upfile_size=$_FILES['upfile']['size'];//某所で気づく・・・
$upfile_name=_clean($_FILES['upfile']['name']);
$upfile=$_FILES['upfile']['tmp_name'];
$_GET = array_map('_clean', $_GET);
$_POST = array_map('_clean', $_POST);
//$_POST = array_map('_clean', $_GET);
extract($_GET);
extract($_POST);
extract($_COOKIE);
extract($_SERVER);
$upfile_type=_clean($_FILES['upfile']['type']);
$upfile_size=$_FILES['upfile']['size'];//某所で気づく・・・
$upfile_name=_clean($_FILES['upfile']['name']);
$upfile=$_FILES['upfile']['tmp_name'];
}
 
include_once('./settings.php');
 
if($act=='envset'){
$cookval = @implode(',', array($acte,$user,$come,$sizee,$mimee,$datee,$orige));
setcookie('upcook', $cookval,time()+365*24*3600);
$cookval = @implode(',', array($acte,$dlcnte,$come,$sizee,$mimee,$datee,$dlime,$orige));
setcookie('upcook', $cookval,time()+365*24*3600);
}
function _clean($str) {
if(is_array($str)) return $str;
$str = htmlspecialchars($str);
if (get_magic_quotes_gpc()) $str = stripslashes($str);
return $str;
}
$unique_id = uniqid('');
$conn = sqlite_popen($sqlite_file);
 
/* ここからヘッダー */
function htmlheader() {
global $title;
global $title,$banner,$act;
?>
<?php echo '<?xml version="1.0" encoding="utf-8"?>'."\n" ?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" media="all" />
@@ -108,8 +109,8 @@
}
function startProgress(){
gID("up_progress").style.display="block";
setTimeout("getProgress()", 1000);
gID("up_progress").style.display="block";
setTimeout("getProgress()", 1000);
}
//--><!]]></script>
<?php } ?>
@@ -118,7 +119,7 @@
<body>
 
<h1><?php echo $title; ?></h1>
<p>請勿在論壇外轉載此區任何資料。</p>
<p><?php echo $banner; ?></p>
<?php
}
 
@@ -127,59 +128,12 @@
$foot = <<<FOOT
 
<h2>著作権表示</h2>
<p id="link"><a href="http://php.s3.to/">レッツPHP!</a> + <a href="http://utu.under.jp">Wastepaper Basket</a> + <a href="http://scrappedblog.blogspot.com/">Roytam1</a></p>
<p id="link"><a href="http://php.s3.to/">レッツPHP!</a> + <a href="http://utu.under.jp">Wastepaper Basket</a> + <a href="http://scrappedblog.blogspot.com/">Roytam1</a>(k-up SQL 20091030)</p>
 
</body>
</html>
FOOT;
 
function m_lock_file( $format = null ) {// get/set lock file name
static $file_format = './%s.lock';
if ($format !== null) {
$file_format = $format;
}
return $file_format;
}
function m_lock( $lockId, $acquire = null ) {// acquire/check/release lock
static $handlers = array();
if (is_bool($acquire)) {
$file = sprintf(m_lock_file(), md5($lockId), $lockId);
}
if ($acquire === false) {
if (isset($handlers[$lockId])) {
@fclose($handlers[$lockId]);
@unlink($file);
unset($handlers[$lockId]);
} else {
// trigger_error("Lock '$lockId' is already unlocked", E_USER_WARNING);
}
}
if ($acquire === true) {
if (!isset($handlers[$lockId])) {
$handler = false;
$count = 100;
do {
if (!file_exists($file) || @unlink($file)) {
$handler = @fopen($file, "x");
}
if (false === $handler) {
usleep(10000);
} else {
$handlers[$lockId] = $handler;
}
} while (false === $handler && $count-- > 0);
} else {
// trigger_error("Lock '$lockId' is already locked", E_USER_WARNING);
}
}
return isset($handlers[$lockId]);
}
function FormatByte($size){//バイトのフォーマット(B→kB)
$suffix=''; $suxAry=array('KB','MB','GB','TB');
$ccnt=count($suxAry);
@@ -187,78 +141,92 @@
if($size > 1024) {$size/=1024; $suffix=$suxAry[$cnt];}
return $suffix?sprintf("%.1f",$size).$suffix:$size.'B';
}
function _clean($str) {
if(is_array($str)) return $str;
$str = htmlspecialchars($str);
if (get_magic_quotes_gpc()) $str = stripslashes($str);
return $str;
}
function sqlRun($str) {
global $conn;
/* $fp=fopen('sql.log','a+');
fputs($fp,$str."\n");
fclose($fp);*/
return sqlite_exec($conn,$str);
}
function padNum($n) {
global $countnumbers;
return str_pad($n,$countnumbers,'0',STR_PAD_LEFT);
}
function paging($page, $total){//ページリンク作成
global $PHP_SELF,$page_def;
global $PHP_SELF,$page_def;
 
$act=isset($_GET['act'])?'&act='.$_GET['act']:'';
$act=isset($_GET['act'])?'&act='.$_GET['act']:'';
 
for ($j = 1; $j * $page_def < $total+$page_def; $j++) {
if($page == $j){//今表示しているのはリンクしない
$next .= "[<strong>$j</strong>]";
}else{
$next .= sprintf('[<a href="%s?page=%d%s">%d</a>]', $PHP_SELF,$j,$act,$j);//他はリンク
}
}
if($page=="all") return sprintf('Page: %s [ALL]',$next);
else return sprintf ('Page: %s [<a href="%s?page=all%s">ALL</a>]',$next,$PHP_SELF,$act);
for ($j = 1; $j * $page_def < $total+$page_def; $j++) {
if($page == $j){//今表示しているのはリンクしない
$next .= "[<strong>$j</strong>]";
}else{
$next .= sprintf('[<a href="%s?page=%d%s">%d</a>]', $PHP_SELF,$j,$act,$j);//他はリンク
}
}
if($page=="all") return sprintf('Page: %s [ALL]',$next);
else return sprintf ('Page: %s [<a href="%s?page=all%s">ALL</a>]',$next,$PHP_SELF,$act);
}
function error($mes1=""){//えっらーメッセージ
global $foot;
global $foot;
 
echo $mes1."<p class=\"tline\"><a href=\"$PHP_SELF?\">返回</a></p>";
echo $foot;
exit;
echo $mes1."<p class=\"tline\"><a href=\"$PHP_SELF?\">返回</a></p>";
echo $foot;
exit;
}
function lock_error() {
error('<h2>錯誤</h2>
<p class="error">鎖定錯誤:請稍等一會再上傳。</p>');
function expire($id) {
global $conn,$updir,$prefix;
$qry = 'SELECT * FROM upload WHERE id = '.$id;
$rs = sqlite_query($conn,$qry);
$row = sqlite_fetch_array($rs);
 
if(file_exists($updir.$prefix.padNum($id).'.'.$row['ext'])) unlink($updir.$prefix.padNum($id).'.'.$row['ext']);
 
$qry = 'UPDATE upload SET utime=0 WHERE id = '.$id;
sqlRun($qry);
}
 
/* start */
$limitb = $limitk * 1024;
$host = @gethostbyaddr($REMOTE_ADDR);
if(!$upcook) $upcook=@implode(",",array($f_act,$f_com,$f_size,$f_mime,$f_date,$f_orig));
list($c_act,$c_com,$c_size,$c_mime,$c_date,$c_orig)=explode(',',$upcook);
if(!$upcook) $upcook=@implode(",",array($f_act,$f_dlcnt,$f_com,$f_size,$f_mime,$f_date,$f_dlim,$f_orig));
list($c_act,$c_dlcnt,$c_com,$c_size,$c_mime,$c_date,$c_dlim,$c_orig)=explode(',',$upcook);
 
/* アクセス制限 */
if(is_array($denylist)){
foreach($denylist as $line){
if(strstr($host, $line)) error('<h2>錯誤</h2>
foreach($denylist as $line){
if(strstr($host, $line)) error('<h2>錯誤</h2>
<p class="error">存取限制:您沒有使用權限</p>');
}
}
}
/* 削除実行 */
if($delid && $delpass!=''){
$old = file($logfile);
$find = false;
for($i=0; $i<count($old); $i++){
list($did,$dext,,,,,,$dpwd,)=explode("\t",$old[$i]);
if($delid==$did){
$find = true;
$del_ext = $dext;
$del_pwd = rtrim($dpwd);
}else{
$new[] = $old[$i];
}
}
if(!$find) error('<h2>錯誤</h2>
$qry = 'SELECT * FROM upload WHERE id = '.$delid;
$rs = sqlite_query($conn,$qry);
$row = sqlite_fetch_array($rs);
 
if(!$row) error('<h2>錯誤</h2>
<p class="error">刪除錯誤:此檔案找不到</p>');
if($delpass == $admin || substr(md5($delpass), 2, 7) == $del_pwd){
if(file_exists($updir.$prefix.$delid.'.'.$del_ext)) unlink($updir.$prefix.$delid.'.'.$del_ext);
m_lock($logfile, true); m_lock($logfile) or lock_error();
$fp = fopen($logfile, 'w');
flock($fp, 2);
fputs($fp, @implode("",$new));
fclose($fp);
m_lock($logfile, false);
}else{
error('<h2>錯誤</h2>
if($delpass == $admin || substr(md5($delpass), 2, 7) == $row['pwd']){
if(file_exists($updir.$prefix.padNum($delid).'.'.$row['ext'])) unlink($updir.$prefix.padNum($delid).'.'.$row['ext']);
 
$qry = 'DELETE FROM upload WHERE id = '.$delid;
sqlRun($qry);
 
}else{
error('<h2>錯誤</h2>
<p class="error">刪除錯誤:密碼錯誤</p>');
}
}
}
/* 削除フォーム */
if($del){
error("<h2>刪除檔案</h2>
error("<h2>刪除檔案</h2>
<form method=\"post\" enctype=\"multipart/form-data\" action=\"$PHP_SELF\">
<p>請輸入密碼<br />
<input type=\"hidden\" name=\"delid\" value=\"".htmlspecialchars($del)."\" />
@@ -269,16 +237,18 @@
}
/* 環境設定フォーム */
if($act=="env"){
error("<h2>環境設定</h2>
error("<h2>環境設定</h2>
<form method=\"get\" action=\"$PHP_SELF\">
<p><input type=\"hidden\" name=\"act\" value=\"envset\" /></p>
<h3>顯示設定</h3>
<ul>
<li><input type=\"checkbox\" name=\"acte\" value=\"checked\" tabindex=\"1\" accesskey=\"1\" $c_act />刪</li>
<li><input type=\"checkbox\" name=\"dlcnte\" value=\"checked\" tabindex=\"3\" accesskey=\"3\" $c_com />下載次數</li>
<li><input type=\"checkbox\" name=\"come\" value=\"checked\" tabindex=\"3\" accesskey=\"3\" $c_com />備註</li>
<li><input type=\"checkbox\" name=\"sizee\" value=\"checked\" tabindex=\"4\" accesskey=\"4\" $c_size />大小</li>
<li><input type=\"checkbox\" name=\"mimee\" value=\"checked\" tabindex=\"5\" accesskey=\"5\" $c_mime />MIME</li>
<li><input type=\"checkbox\" name=\"datee\" value=\"checked\" tabindex=\"6\" accesskey=\"6\" $c_date />日期</li>
<li><input type=\"checkbox\" name=\"dlime\" value=\"checked\" tabindex=\"3\" accesskey=\"3\" $c_com />下載限制</li>
<li><input type=\"checkbox\" name=\"orige\" value=\"checked\" tabindex=\"7\" accesskey=\"7\" $c_orig />原檔名</li>
</ul>
<p>以上設定將會以 cookie 保存以便再次使用。</p>
@@ -290,211 +260,203 @@
if(!isset($_POST['mdid'])) error('<h2>錯誤</h2>
<p class="error">刪除錯誤:未選擇檔案</p>');
if($delpass==$admin) {
$mdid = array_merge(array('dummy'), $_POST['mdid']);
$old = file($logfile);
$find = false;
for($i=0; $i<count($old); $i++){
list($did,$dext,)=explode("\t",$old[$i]);
if(array_search($did,$mdid)){
$find = true;
if(file_exists($updir.$prefix.$did.'.'.$dext)) unlink($updir.$prefix.$did.'.'.$dext);
}else{
$new[] = $old[$i];
}
$qry = 'SELECT * FROM upload WHERE id IN ('.implode(',',$_POST['mdid']).')';
$rs = sqlite_query($conn,$qry);
while($row = sqlite_fetch_array($rs)) {
if(file_exists($updir.$prefix.padNum($row['id']).'.'.$row['ext'])) unlink($updir.$prefix.padNum($row['id']).'.'.$row['ext']);
}
 
$qry = 'DELETE FROM upload WHERE id IN ('.implode(',',$_POST['mdid']).')';
sqlRun($qry);
$find = true;
} else {
$mdid = array_merge(array('dummy'), $_POST['mdid']);
$old = file($logfile);
$find = false;
for($i=0; $i<count($old); $i++){
list($did,$dext,,,,,,$dpwd,)=explode("\t",$old[$i]);
if(array_search($did,$mdid)){
if(substr(md5($delpass), 2, 7) == rtrim($dpwd)){
$find = true;
if(file_exists($updir.$prefix.$did.'.'.$dext)) unlink($updir.$prefix.$did.'.'.$dext);
}
}else{
$new[] = $old[$i];
}
$delids = array();
$qry = 'SELECT * FROM upload WHERE id IN ('.implode(',',$_POST['mdid']).')';
$rs = sqlite_query($conn,$qry);
while($row = sqlite_fetch_array($rs)) {
if(substr(md5($delpass), 2, 7) == rtrim($row['pwd'])){
$delids[] = $row['id'];
if(file_exists($updir.$prefix.padNum($row['id']).'.'.$row['ext'])) unlink($updir.$prefix.padNum($row['id']).'.'.$row['ext']);
}
}
$find = count($delids);
 
$qry = 'DELETE FROM upload WHERE id IN ('.implode(',',$delids).')';
sqlRun($qry);
}
if(!$find) error('<h2>錯誤</h2>
<p class="error">刪除錯誤:密碼錯誤</p>');
$fp = fopen($logfile, 'w');
m_lock($logfile, true); m_lock($logfile) or lock_error();
flock($fp, 2);
fputs($fp, @implode("",$new));
fclose($fp);
m_lock($logfile, false);
}elseif($act=='down') {
$find = false;
if(preg_match("/^\\d{{$countnumbers}}$/",$id)) {
$logs = file($logfile);
foreach($logs as $log){
list($did,$ext,$com,,$now,$upfile_size,$upfile_type,,$upfile_name,$dpwd,,$tlim,)=explode("\t",$log);
if($id==$did){
$find = true;
break;
}
}
}
if(!$find) error('<h2>錯誤</h2>
$qry = 'SELECT * FROM upload WHERE id = '.$id;
$rs = sqlite_query($conn,$qry);
$row = sqlite_fetch_array($rs);
 
if(!$row) error('<h2>錯誤</h2>
<p class="error">下載錯誤:此檔案找不到</p>');
 
$txt="<h2>下載</h2>
if($row['tlim']||$row['dlim']) {
if($row['tlim'] && (time()+$tz*60*60>=($row['utime']+$row['tlim']*60))) expire($id);
if($row['dlim'] && ($row['dcnt']>=$row['dlim'])) expire($id);
}
 
$qry = 'SELECT * FROM upload WHERE id = '.$id;
$rs = sqlite_query($conn,$qry);
$row = sqlite_fetch_array($rs);
 
if(!$row['utime']) error('<h2>錯誤</h2>
<p class="error">下載錯誤:此檔案已失效</p>');
 
$txt="<h2>下載</h2>
<form method=\"post\" action=\"$PHP_SELF\">
<p><input type=\"hidden\" name=\"act\" value=\"get\" /><input type=\"hidden\" name=\"id\" value=\"$id\" /></p>
<p><input type=\"hidden\" name=\"act\" value=\"get\" /><input type=\"hidden\" name=\"id\" value=\"$row[id]\" /></p>
<h3>下載檔案</h3>
<p>您將要下載檔案 $prefix$did.$ext。</p>";
if($dpwd != '*') $txt.='<p>請輸入下載密碼:<input type="password" size="10" name="downpass" maxlength="10" class="box" tabindex="3" accesskey="3" /></p>';
$txt.="<p>檔案名稱:<label><input type='radio' name='name' value='gen' checked='checked'/>$prefix$did.$ext</label> <label><input type='radio' name='name' value='user'/>$upfile_name</label> </p>
<p>您將要下載檔案 $prefix".padNum($id).".$row[ext]。</p>";
if($row['dpwd'] != '*') $txt.='<p>請輸入下載密碼:<input type="password" size="10" name="downpass" maxlength="10" class="box" tabindex="3" accesskey="3" /></p>';
$txt.="<p>檔案名稱:<label><input type='radio' name='name' value='gen' checked='checked'/>$prefix".padNum($id).".$row[ext]</label> ".($row['upfile_name']!='*'?"<label><input type='radio' name='name' value='user'/>$row[upfile_name]</label> </p>":'')."
<p><input type=\"submit\" value=\"下載\" tabindex=\"8\" accesskey=\"8\" /></p>
</form>
";
error($txt);
}elseif($act=='get' && $_SERVER['REQUEST_METHOD'] == 'POST') {
$find = false;
if(preg_match("/^\\d{{$countnumbers}}$/",$id)) {
$logs = file($logfile);
foreach($logs as $log){
list($did,$ext,$com,,$now,$upfile_size,$upfile_type,,$upfile_name,$dpwd,,$tlim,)=explode("\t",$log);
if($id==$did){
$find = true;
break;
}
}
}
if(!$find) error('<h2>錯誤</h2>
$qry = 'SELECT * FROM upload WHERE id = '.$id;
$rs = sqlite_query($conn,$qry);
$row = sqlite_fetch_array($rs);
 
if(!$row) {
htmlheader();
error('<h2>錯誤</h2>
<p class="error">下載錯誤:此檔案找不到</p>');
}
if(!$row['utime']) {
htmlheader();
error('<h2>錯誤</h2>
<p class="error">下載錯誤:此檔案已失效</p>');
}
 
if($dpwd == '*' || ($dpwd != '*' && $dpwd == substr(md5($downpass), 2, 7))) {
$fname = $name == 'gen' ? "$prefix$did.$ext" : $upfile_name;
header("Content-Disposition: attachment; filename=$fname");
header("Content-type: $upfile_type; name=$fname");
readfile($updir.$prefix.$did.'.'.$ext);
exit;
} else {
htmlheader();
error('<h2>錯誤</h2>
if($row['dpwd'] == '*' || ($row['dpwd'] != '*' && $row['dpwd'] == substr(md5($downpass), 2, 7))) {
$qry = 'UPDATE upload SET dcnt=dcnt+1 WHERE id = '.$id;
sqlRun($qry);
 
$fname = $name == 'gen' ? $prefix.padNum($id).'.'.$row['ext'] : $row['upfile_name'];
header("Content-Disposition: attachment; filename=$fname");
header("Content-type: $upfile_type; name=$fname");
readfile($updir.$prefix.padNum($id).'.'.$row['ext']);
exit;
} else {
htmlheader();
error('<h2>錯誤</h2>
<p class="error">下載錯誤:密碼錯誤</p>');
}
}
}
$lines = file($logfile);
/* アプロード書き込み処理 */
if(file_exists($upfile) && $com && $upfile_size > 0){
if(isset($com{$commax+1})) error('<h2>錯誤</h2>
if(isset($com{$commax+1})) error('<h2>錯誤</h2>
<p class="error">上傳錯誤:備註過長</p>
');
if($upfile_size > $limitb) error('<h2>錯誤</h2>
if($upfile_size > $limitb) error('<h2>錯誤</h2>
<p class="error">上傳錯誤:此檔案過大</p>');
/* 連続投稿制限 */
if($last_time > 0){
$now = time();
$last = @fopen($last_file, 'r+') or die('<h2>錯誤</h2>
<p class="error">連続投稿用ファイル $last_file を作成してください</p>');
$lsize = fgets($last, 1024);
list($ltime, $lip) = explode("\t", $lsize);
if($host == $lip && $last_time*60 > ($now-$ltime)){
error('<h2>錯誤</h2>
<p class="error">連続投稿制限中:時間を置いてやり直してください</p>');
}
rewind($last);
fputs($last, "$now\t$host\t");
fclose($last);
}
/* 拡張子と新ファイル名 */
$pos = strrpos($upfile_name,'.'); //拡張子取得
$ext = substr($upfile_name,$pos+1,strlen($upfile_name)-$pos);
$ext = strtolower($ext);//小文字化
if(!in_array($ext, $arrowext))
error('<h2>錯誤</h2>
/* 連続投稿制限 */
if($last_time > 0){
$now = time()+$tz*60*60;
 
$qry = 'SELECT utime,host FROM upload ORDER BY utime desc LIMIT 1';
$rs = sqlite_query($conn,$qry);
$row = sqlite_fetch_array($rs);
if($row) {
if($host == $row['host'] && $last_time*60 > ($now-$row['utime'])){
error('<h2>錯誤</h2>
<p class="error">連續上傳限制:請在'.($row['utime']+$last_time*60-$now).'秒後再嘗試上傳</p>');
}
}
}
/* 拡張子と新ファイル名 */
$pos = strrpos($upfile_name,'.'); //拡張子取得
$ext = substr($upfile_name,$pos+1,strlen($upfile_name)-$pos);
$ext = strtolower($ext);//小文字化
if(!in_array($ext, $arrowext))
error('<h2>錯誤</h2>
<p class="error">檔尾錯誤:此檔尾無法上傳</p>');
/* 拒否拡張子はtxtに変換
for($i=0; $i<count($denyext); $i++){
if(strstr($ext,$denyext[$i])) $ext = 'txt';
}
*/
foreach($denyupload as $noup) {
if($upfile_name==$noup) {
echo '<p class="tline"><script type="text/javascript">location.href="'.$PHP_SELF.'";</script></p>';
exit();
}
}
list($id,) = explode("\t", $lines[0]);//No取得
$id = sprintf("%0${countnumbers}d", ++$id); //インクリ
$newname = $prefix.$id.'.'.$ext;
/* 拒否拡張子はtxtに変換
for($i=0; $i<count($denyext); $i++){
if(strstr($ext,$denyext[$i])) $ext = 'txt';
}
*/
foreach($denyupload as $noup) {
if($upfile_name==$noup) {
echo '<p class="tline"><script type="text/javascript">location.href="'.$PHP_SELF.'";</script></p>';
exit();
}
}
/* MIMEタイプ */
if(!$upfile_type) $upfile_type = 'text/plain';//デフォMIMEはtext/plain
 
/* 自鯖転送 */
m_lock($logfile, true); m_lock($logfile) or lock_error();
move_uploaded_file($upfile, $updir.$newname);//3.0.16より後のバージョンのPHP 3または 4.0.2 後
//copy($upfile, $updir.$newname);
chmod($updir.$newname, 0604);
/* コメント他 */
$com = htmlspecialchars($com); //タグ変換
if(get_magic_quotes_gpc()) $com = stripslashes($com); //¥除去
 
/* MIMEタイプ */
if(!$upfile_type) $upfile_type = 'text/plain';//デフォMIMEはtext/plain
$utime = time()+$tz*60*60;
$now = gmdate('Y/m/d(D)H:i', $utime); //日付のフォーマット
$pwd = ($pass) ? substr(md5($pass), 2, 7) : '*'; //パスっ作成(無いなら*)
$dpwd = ($downpass) ? substr(md5($downpass), 2, 7) : '*'; //パスっ作成(無いなら*)
if($noorig) $upfile_name = '*';
$qry=sprintf("INSERT INTO upload (ext,com,host,now,upfile_size,upfile_type,pwd,upfile_name,dpwd,utime,tlim,dlim) VALUES ('%s','%s','%s','%s',%s,'%s','%s','%s','%s',%s,%s,%s)",sqlite_escape_string($ext),sqlite_escape_string($com),$host,$now,$upfile_size,sqlite_escape_string($upfile_type),$pwd,sqlite_escape_string($upfile_name),$dpwd,$utime,intval($tlim),intval($dlim));
sqlRun($qry,$qerr);
$id = sqlite_last_insert_rowid($conn);
 
/* コメント他 */
$com = htmlspecialchars($com); //タグ変換
if(get_magic_quotes_gpc()) $com = stripslashes($com); //¥除去
$newname = $prefix.padNum($id).'.'.$ext;
 
$utime = time()+$tz*60*60;
$now = gmdate('Y/m/d(D)H:i', $utime); //日付のフォーマット
$pwd = ($pass) ? substr(md5($pass), 2, 7) : '*'; //パスっ作成(無いなら*)
$dpwd = ($downpass) ? substr(md5($downpass), 2, 7) : '*'; //パスっ作成(無いなら*)
$tlim = 0; // time limit (未実裝)
/* 自鯖転送 */
move_uploaded_file($upfile, $updir.$newname);//3.0.16より後のバージョンのPHP 3または 4.0.2 後
//copy($upfile, $updir.$newname);
chmod($updir.$newname, 0604);
 
$dat = @implode("\t", array($id,$ext,$com,$host,$now,$upfile_size,$upfile_type,$pwd,$upfile_name,$dpwd,$utime,$tlim,));
$qry = 'SELECT count(*) FROM upload';
$rs = sqlite_query($conn,$qry);
$rows = sqlite_fetch_single($rs);
 
if(count($lines) >= $logmax){ //ログオーバーならデータ削除
for($d = count($lines)-1; $d >= $logmax-1; $d--){
list($did,$dext,)=explode("\t", $lines[$d]);
if(file_exists($updir.$prefix.$did.'.'.$dext)) {
unlink($updir.$prefix.$did.'.'.$dext);
}
}
}
 
$fp = fopen ($logfile , 'w'); //書き込みモードでオープン
flock($fp ,2);
fputs ($fp, "$dat\n"); //先頭に書き込む
for($i = 0; $i < $logmax-1; $i++) //いままでの分を追記
fputs($fp, $lines[$i]);
fclose ($fp);
m_lock($logfile, false);
reset($lines);
$lines = file($logfile); //入れなおし
if($rows > $logmax) {
$delids = array();
$qry = 'SELECT * FROM upload ORDER BY utime desc LIMIT '.$logmax.','.($logmax-$rows);
$rs = sqlite_query($conn,$qry);
while($row = sqlite_fetch_array($rs)) {
$delids[] = $row['id'];
if(file_exists($updir.$prefix.padNum($row['id']).'.'.$row['ext'])) unlink($updir.$prefix.padNum($row['id']).'.'.$row['ext']);
}
$qry = 'DELETE FROM upload WHERE id IN ('.implode(',',$delids).')';
sqlRun($qry);
}
}
foreach($arrowext as $list) $arrow .= $list." ";
/* 投稿フォーム */
echo '<h2>上傳檔案</h2>
<form method="post" enctype="multipart/form-data" action="'.$PHP_SELF.'" onsubmit="startProgress();return true;">
<p>檔案<strong>(最大 '.$limitk.' KB)</strong><br />
<p>檔案<strong>(最大 '.$limitk.' KB,共 '.$logmax.' 個檔案)</strong><br />
<input type="hidden" name="MAX_FILE_SIZE" value="'.$limitb.'" />
<input type="hidden" name="APC_UPLOAD_PROGRESS" id="progress_key" value="'.$unique_id.'"/>
<input type="file" size="40" name="upfile" class="box" tabindex="1" accesskey="1" /><br/>
<input type="file" size="40" name="upfile" class="box" tabindex="1" accesskey="1" />
刪除密碼:<input type="password" size="10" name="pass" maxlength="10" class="box" tabindex="2" accesskey="2" />
下載密碼(選填):<input type="password" size="10" name="downpass" maxlength="10" class="box" tabindex="3" accesskey="3" /></p>
<p>備註(※沒輸入的話檔案將不會被儲存。)<br />
<input type="text" size="45" name="com" value="" class="box" tabindex="4" accesskey="4" />
<input type="submit" value="上傳" tabindex="5" accesskey="5" />
<input type="reset" value="Cancel" tabindex="6" accesskey="6" /></p>
<p>可以上傳的檔尾:'.$arrow.'</p>
下載密碼(選填):<input type="password" size="10" name="downpass" maxlength="10" class="box" tabindex="3" accesskey="3" />
時限(選填,單位:分):<input type="text" size="10" maxlength="5" name="tlim" value="" class="box" tabindex="4" accesskey="4" />
下載次數限制(選填):<input type="text" size="10" maxlength="5" name="dlim" value="" class="box" tabindex="5" accesskey="5" /></p>
<p>備註(<strong class="rb">必須</strong>)
<input type="text" size="45" name="com" value="" class="box" tabindex="6" accesskey="6" />
<label><input type="checkbox" name="noorig" value="1" />隱藏原檔名</label>
<input type="submit" value="上傳" tabindex="7" accesskey="7" />
<input type="reset" value="Cancel" tabindex="8" accesskey="8" /></p>
<p>可以上傳的檔尾:'.implode(' ',$arrowext).'</p>
<div id="up_progress">上傳中… <span id="progressbartext"></span><div id="progressbarborder"><div id="progressbar"></div></div></div>
</form>
';
/* カウンタ */
echo "<p class=\"uline\">$count_start 開始存取數: ";
if(file_exists($count_file)){
$fp = fopen($count_file,'r+');//読み書きモードでオープン
$count = fgets($fp, 64); //64バイトorEOFまで取得、カウントアップ
$count++;
fseek($fp, 0); //ポインタを先頭に、ロックして書き込み
flock($fp,2);
fputs($fp, $count);
fclose($fp); //ファイルを閉じる
echo $count; //カウンタ表示
}
 
$qry = 'UPDATE counter SET counter=counter+1';
sqlRun($qry,$conn);
$qry = 'SELECT counter FROM counter';
$rs = sqlite_query($conn,$qry);
echo sqlite_fetch_single($rs);
 
/* モードリンク */
echo '
 D:刪除檔案</p>
@@ -502,54 +464,69 @@
 
<h2>檔案一覧</h2>
<p class="uline">';
 
$qry = 'SELECT count(*) FROM upload';
$rs = sqlite_query($conn,$qry);
$rows = sqlite_fetch_single($rs);
 
/* ログ開始位置 */
$st = ($page) ? ($page - 1) * $page_def : 0;
if(!$page) $page = 1;
if($page == 'all'){
$st = 0;
$page_def = count($lines);
$st = 0;
$page_def = $rows;
}
echo paging($page, count($lines));//ページリンク
echo paging($page, $rows);//ページリンク
//メインヘッダ
echo "</p>\n";
if($act=='mult') echo "<form action=\"$PHP_SELF\" method=POST><input type='hidden' name='act' value='mdel'/>";
if($act=='mult') echo "<form action=\"$PHP_SELF\" method=POST><input type='hidden' name='act' value='mdel'/>";
echo "<table summary=\"files\">\n<tr>";
if($c_act) echo '<th abbr="delete" scope="col">刪</th>';
echo '<th abbr="name" scope="col">檔名</th>';
if($c_dlcnt) echo '<th abbr="count" scope="col">次數</th>';
if($c_com) echo '<th abbr="comment" scope="col">備註</th>';
if($c_size) echo '<th abbr="size" scope="col">大小</th>';
if($c_mime) echo '<th abbr="mime" scope="col">MIME</th>';
if($c_date) echo '<th abbr="date" scope="col">日期</th>';
if($c_dlim) echo '<th abbr="limit" scope="col">限制</th>';
if($c_orig) echo '<th abbr="original name" scope="col">原檔名</th>';
echo "</tr>\n";
//メイン表示
for($i = $st; $i < $st+$page_def; $i++){
if($lines[$i]=='') continue;
list($id,$ext,$com,$host,$now,$size,$mtype,$pas,$orig,$dpwd,)=explode("\t",$lines[$i]);
$fsize = FormatByte($size);
if($auto_link) $com = preg_replace('/(https?|ftp|news)(:\/\/[\w\+\$\;\?\.\{\}%,!#~*\/:@&=_-]+)/u', '<a href="$1$2">$1$2</a>',$com);
$qry = 'SELECT * FROM upload ORDER BY id desc LIMIT '.$st.','.$page_def;
$rs = sqlite_query($conn,$qry);
while($row = sqlite_fetch_array($rs)) {
$fsize = FormatByte($row['upfile_size']);
if($auto_link) $com = preg_replace('/(https?|ftp|news)(:\/\/[\w\+\$\;\?\.\{\}%,!#~*\/:@&=_-]+)/u', '<a href="$1$2">$1$2</a>',$com);
 
$pmark = $dpwd != '*' ? '<span style="color:red;font-weight:bold;">*</span>' : '';
$filename = $prefix.$id.'.'.$ext;
$target = $updir.$filename;
$pmark = $row['dpwd'] != '*' ? '<span class="rb">*</span>' : '';
$filename = $prefix.padNum($row['id']).'.'.$row['ext'];
 
echo "<tr><!--$host-->\n";//ホスト表示
if($c_act) {
if($act=='mult') echo "<td class=\"del\"><input type=\"checkbox\" name=\"mdid[]\" value=\"$id\"/></td>";
else echo "<td class=\"del\"><a href=\"$PHP_SELF?del=$id\">D</a></td>";
}
echo "<td>[<a href=\"$PHP_SELF?act=down&amp;id=$id\">$filename</a>]$pmark</td>";
if($c_com) echo "<td>$com</td>";
if($c_size) echo "<td class=\"size\">$fsize</td>";
if($c_mime) echo "<td>$mtype</td>";
if($c_date) echo "<td>$now</td>\n";
if($c_orig) echo "<td class=\"orig\">\n$orig</td>\n";
echo "</tr>\n";
}
echo "<tr><!--$row[host]-->\n";//ホスト表示
if($c_act) {
if($act=='mult') echo "<td class=\"del\"><input type=\"checkbox\" name=\"mdid[]\" value=\"$row[id]\"/></td>";
else echo "<td class=\"del\"><a href=\"$PHP_SELF?del=$row[id]\">D</a></td>";
}
$dlink = $row['utime'] ? "<a href=\"$PHP_SELF?act=down&amp;id=$row[id]\">$filename</a>" : $filename;
echo "<td>[$dlink]</td>";
if($c_dlcnt) echo "<td>$row[dcnt]</td>";
if($c_com) echo "<td>$pmark$row[com]</td>";
if($c_size) echo "<td class=\"size\">$fsize</td>";
if($c_mime) echo "<td>$row[upfile_type]</td>";
if($c_date) echo "<td>$row[now]</td>\n";
if($c_dlim) {
$dlimit='';
if($row['tlim']) $dlimit=$row['tlim'].'分';
if($row['dlim']) $dlimit.=$dlimit ? ' 或 '.$row['dlim'].'次' : $row['dlim'].'次';
if(!$dlimit) $dlimit='無';
echo "<td>$dlimit</td>";
}
if($c_orig) echo "<td class=\"orig\">\n$row[upfile_name]</td>\n";
echo "</tr>\n";
}
 
echo "</table>\n";
if($act=='mult') echo '<div align="right">密碼:<input type="password" name="delpass"/><input type="submit" name="submit" value="刪除"/></div></form>';
echo '<p class="tline">'.paging($page,count($lines))."</p>\n";
if($act=='mult') echo '<div align="right">密碼:<input type="password" name="delpass"/><input type="submit" name="submit" value="刪除"/></div></form>';
echo '<p class="tline">'.paging($page,$rows)."</p>\n";
echo $foot;
?>
 
New file
/komica-up/index.php
@@ -0,0 +1 @@
<?php $go = 'upload.php';header("Location: $go"); ?>
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream

Property changes:

Name: svn:mime-type
+ application/octet-stream

/komica-up/k-up.sdb
/komica-up/settings.php
@@ -1,9 +1,10 @@
<?php
$title = '上傳區'; //タイトル
$banner = '歡迎使用上傳區。'; //バナー
$home = 'http://mydomain.com/'; //ホーム
$logfile = "up.log"; //ログファイル名(変更する事)
$sqlite_file = "k-up.sdb"; //ログファイル名(変更する事)
$updir = "./file/"; //アップ用ディレクトリ
$prefix = ''; //接頭語(up001.txt,up002.jpgならup)
$prefix = 'up'; //接頭語(up001.txt,up002.jpgならup)
$logmax = 500; //log保存行(これ以上は古いのから削除)
$commax = 250; //コメント投稿量制限(バイト。全角はこの半分)
$limitk = 5000; //アップロード制限(KB キロバイト)
@@ -13,19 +14,19 @@
$admin = "del"; //削除管理パス
$auto_link = 1; //コメントの自動リンク(Yes=1;No=0);
$denylist = array('192.168.0.1','sex.com','annony'); //アクセス拒否ホスト
$arrowext = array('7z','zip','lzh','rar','avi','mpg','wmv','mp3','wma','swf','txt','bmp','jpg','png','gif'); //許可拡張子 小文字(それ以外はエラー
$arrowext = array('7z','zip','lzh','rar','avi','mpg','wmv','mp3','wma','swf','txt','bmp','jpg','png','gif','psd','aac'); //許可拡張子 小文字(それ以外はエラー
$denyupload = array('annony'); //拒否ファイル
 
$count_start = "2008/02/11"; //カウンタ開始日
$count_file = "count.txt"; //カウンタファイル(空ファイルで666)
$count_start = "2009/10/30"; //カウンタ開始日
 
$last_file = "last.cgi"; //連続投稿制限用ファイル(空ファイルで666)
$last_time = 0; //同一IPからの連続投稿許可する間隔(分)(0で無制限)
 
/* 項目表示(環境設定)の初期状態 (表示ならChecked 表示しないなら空) */
$f_act = 'checked="checked"'; //ACT(削除リンク)
$f_dlcnt= 'checked="checked"'; //DL count
$f_com = 'checked="checked"'; //コメント
$f_size = 'checked="checked"'; //ファイルサイズ
$f_mime = ''; //MIMEタイプ
$f_date = 'checked="checked"'; //日付け
$f_dlim = 'checked="checked"'; //DL limit
$f_orig = 'checked="checked"'; //元ファイル名