-
Notifications
You must be signed in to change notification settings - Fork 1
/
newupload.php
114 lines (82 loc) · 3.15 KB
/
newupload.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php session_start(); ?>
<html>
<body bgcolor="#99CCFF">
<div align="center">
<img align="top" src="header7.png" height="120" width="700" />
<p> </p>
<p>This is Kimathi University System. </p>
<input type="button" name="admin" value="CLICK TO UPLOAD AGAIN" onClick="location.href='adminoticeboard.php'">
<div align="right">
<input type="button" name="admin" value="go back" onClick="location.href='adminoticeboard.php'">
</div>
</div>
<div align="center" >
<?php
error_reporting(E_ALL ^ E_NOTICE);
//Include database connection details
require_once('config.php');
$member_id=$_SESSION['SESS_MEMBER_ID'];
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
$filename=$_FILES["fileToUpload"]["name"];
$qry = "INSERT INTO uploadtime(userid,filename) VALUES('$member_id', '$filename')";
$result = @mysql_query($qry);
if ((($_FILES["fileToUpload"]["type"] == "image/gif")
|| ($_FILES["fileToUpload"]["type"] == "image/png")
|| ($_FILES["fileToUpload"]["type"] == "image/jpeg")
|| ($_FILES["fileToUpload"]["type"] == "image/jpg")
|| ($_FILES["fileToUpload"]["type"] == "text/plain")
|| ($_FILES["fileToUpload"]["type"] == "application/msword")
|| ($_FILES["fileToUpload"]["type"] == "application/vnd.ms-excel")
|| ($_FILES["fileToUpload"]["type"] == "application/pdf")
|| ($_FILES["fileToUpload"]["type"] == "image/png" ))
&& ($_FILES["fileToUpload"]["size"] < 2000000))
{
if (file_exists("upload/" . $_FILES["fileToUpload"]["name"]))
{
echo $_FILES["fileToUpload"]["name"] . " already exists. ";
}
else
{
move_uploaded_file($_FILES["fileToUpload"]["tmp_name"],
"upload/" . $_FILES["fileToUpload"]["name"]);
echo "<p><h2>FILE UPLOADED!</h2></p>";
echo "<table border=\"1\">";
echo "<tr><td>Client Filename: </td>
<td>" . $_FILES["fileToUpload"]["name"] . "</td></tr>";
echo "<tr><td>File Type: </td>
<td>" . $_FILES["fileToUpload"]["type"] . "</td></tr>";
echo "<tr><td>File Size: </td>
<td>" . ($_FILES["fileToUpload"]["size"] / 1024) . " Kb</td></tr>";
echo "<tr><td>Name of Temp File: </td>
<td>" . $_FILES["fileToUpload"]["tmp_name"] . "</td></tr>";
echo "</table>";
echo "Stored in: " . "upload/" . $_FILES["fileToUpload"]["name"];
exit();
}
}
else
{
echo "<p><h2>ERROR!</h2></p>";
echo "File type must either be JPEG, GIF, PDF, TEXT or PNG and less than 20,000 kb";
echo "<table border=\"1\">";
echo "<tr><td>Client Filename: </td>
<td>" . $_FILES["fileToUpload"]["name"] . "</td></tr>";
echo "<tr><td>File Type: </td>
<td>" . $_FILES["fileToUpload"]["type"] . "</td></tr>";
echo "<tr><td>File Size: </td>
<td>" . ($_FILES["fileToUpload"]["size"] / 1024) . " Kb</td></tr>";
echo "<tr><td>Name of Temp File: </td>
<td>" . $_FILES["fileToUpload"]["tmp_name"] . "</td></tr>";
echo "</table>";
echo "Invalid file";
}
?>