. * * File Name: uploader.php * Description: Upload functions - http post upload - no progress bar (yet) * $Date: 2010-02-21 23:16:57 +0000 (Sun, 21 Feb 2010) $ * $Revision: 12 $ */ include_once("../includes/settings.inc"); include_once("../includes/mysql.inc"); include_once("../includes/loginfunctions.inc"); include_once("../includes/imagefunctions.inc"); global $db; function uninject($data) { // replaces harmful data with safe data return str_replace("'", "\'", htmlspecialchars(stripslashes($data))) ; } function categoryOptions() { global $sitepath,$loggedIn,$templateimagepath ; $db = db_connect() ; $categories = '' ; $sql = "SELECT * FROM `category` WHERE `ptr` = 0 AND parent = '0' ORDER BY name DESC" ; $result = mysql_query($sql) or die(mysql_error()) ; if ($result) { $tmp = '' ; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $sel = "" ; if ($selected == $row['id']) $sel = " selected" ; $categories .= "".$row['name']."" ; //Subcats $db->query("SELECT * FROM category WHERE parent = '".$row['id']."' ORDER BY name") ; if ($db->numRows() > 0) { $subCats = $db->fetchAll() ; foreach ($subCats as $sub) { $sel = "" ; if ($selected == $sub['id']) $sel = " selected" ; $categories .= "--->".$sub['name']."" ; //Subsubcats $db->query("SELECT * FROM category WHERE parent = '".$sub['id']."' ORDER BY name") ; if ($db->numRows() > 0) { $subsubCats = $db->fetchAll() ; foreach ($subsubCats as $subsub) { $sel = "" ; if ($selected == $subsub['id']) $sel = " selected" ; $categories .= "------->".$subsub['name']."" ; } } } } } } return $categories ; } function groupOptions($username) { global $sitepath,$loggedIn,$templateimagepath ; $db = db_connect() ; $db->query("SELECT id FROM member WHERE username = '".quote_smart($username)."'") ; $res = $db->fetch() ; $memberid = $res['id'] ; $joinquery = "SELECT * FROM `group` LEFT JOIN `group_member` ON (`group`.`group_id`=`group_member`.`group_id_g`) WHERE ((`group_member`.`member_id`=".$memberid.") AND (`group_member`.`approved`=1)) OR (`group`.`owner_id`=".$memberid.") GROUP BY `group`.`group_id`" ; $db->query($joinquery) ; $res = $db->fetchAll() ; $groups = "" ; if ($db->numRows() > 0) { foreach ($res as $key=>$value) { if (($value['group_id'] == $currentGroupid) && ($currentGroupid != 0)) { $selectedString = ' SELECTED' ; } else { $selectedString = '' ; } $groups .= '' ; } } $groups .= "group".$currentGroupid ; return $groups ; } $portmin = 24000 ; $portmax = 24100 ; $uploaddir = "../uploads/" ; /* Allow the script to hang around waiting for connections. */ set_time_limit(0); /* Turn on implicit output flushing so we see what we're getting * as it comes in. */ ob_implicit_flush(); ob_end_flush(); function getFilenameWithoutExt($filename) { $pos = strripos($filename, '.') ; if ($pos === false) { return $filename ; } else { return substr($filename, 0, $pos) ; } } // requesting an image if (isset($_GET['progress'])) { header("Content-type: image/png") ; $image = imagecreatetruecolor(302, 15) ; imagefilledrectangle($image, 0, 0, 302, 15, imagecolorallocate($image, 220, 220, 220)) ; imagefilledrectangle($image, 2, 2, ($_GET['progress'] * 3), 13, imagecolorallocate($image, 35, 157, 246)) ; $spacers = 0 ; while ($spacers < 304) { imagefilledrectangle($image, $spacers, 2, $spacers, 13, imagecolorallocate($image, 220, 220, 220)) ; $spacers += 10 ; } imagepng($image) ; die() ; } // this is the iframe part, it just displays a form if( isset($_GET['port']) && isset($_GET['addr'])) { $poster = uninject($_GET['poster']); ?>
Title
Description
Keywords
Category
Group
Upload Media
Embed
Upload Thumbnail
Thumbnail URL
10) { // error out after 10 trys die("Failed to get port...") ; } } // now that we know the ip address and port number we can display the upload form echo '
' ; // begin to listen for connections if (socket_listen($sock, 5) === false) { echo "socket_listen() failed: reason: ".socket_strerror(socket_last_error($sock))."\n" ; } //this will block until a connection is established if (($msgsock = socket_accept($sock)) === false) { echo "socket_accept() failed: reason: ".socket_strerror(socket_last_error($sock))."\n" ; break ; } echo '' ; // update the download bar to reflect were starting to transfer data echo '' ; $read = true ; $data = "" ; $getpost = false ; do { // read data in if (false === ($buf = socket_read($msgsock, 2048, PHP_NORMAL_READ))) { echo "socket_read() failed: reason: ".socket_strerror(socket_last_error($msgsock))."\n" ; break 2 ; } $data .= $buf ; // lines end with \r\n were looking for the \n if ($buf == "\n") { $retval = "" ; // see below for parsedata definition switch (parsedata($data, &$retval)) { case 0: // this ends the header information $read = false ; break ; case 1: // ignored data break ; case 2: //we need the is the length of postdata $length = $retval ; $getpost = true ; break ; case 3: // this is the boundary between post elements $boundary = $retval ; break ; } $data = "" ; } } while ($read) ; // ok now look and see if there is post data attached to the http $start = time() ; if ($getpost) { $read = 0 ; $data = "" ; $lastpct = 0 ; $markpct = 0 ; $mode = 0 ; $postarray ; $filename = "" ; $lastdata = "" ; do { // read data in if (false === ($buf = socket_read($msgsock, 2048, PHP_NORMAL_READ))) { echo "socket_read() failed: reason: ".socket_strerror(socket_last_error($msgsock))."\n" ; break 2 ; } $data .= $buf ; // again were looking for \n if ($buf == "\n") { switch ($mode) { // mode 1 is when we need to parse out the key, in the key=>value pairs that were going to make case 1 ; $begin = strpos($data, "name=") + 6 ; $end = strpos(substr($data, ($begin)), '"') ; $name = substr($data, $begin, $end) ; $mode = 2 ; // this checks to see if there is a filename attached if (strstr($data, "filename=")) { $begin = strpos($data, "filename=") + 10 ; $end = strpos(substr($data, ($begin)), '"') ; $filename = substr($data, $begin, $end) ; $mode = 3 ; } break ; case 2 ; // there is a blank line before the value $mode = 4 ; break ; case 3 ; // this is a context mime type, but were ignoring it cause its usually wrong $mode = 5 ; break ; case 4 ; // get the value and dump it in to the postdata array under the proper key $postdata[$name] = trim($data) ; $mode = 0 ; break ; case 5 ; // this is a blank line befor the actual file data starts // add the file name to the postdata array if ($filename) { $postdata[$name]['filename'] = str_replace(" ", "_", $uploaddir.$filename) ; $postdata[$name]['nameonly'] = str_replace(" ", "_", $filename) ; $postdata[$name]['withoutext'] = getFilenameWithoutExt($postdata[$name]['nameonly']) ; $filename = "" ; $ext = strtolower(pathinfo($postdata[$name]['filename'], PATHINFO_EXTENSION)) ; if (($ext == "avi") || ($ext == "wmv") || ($ext == "mp4") || ($ext == "mpeg") || ($ext == "mpg")) { exec("mkfifo ".$postdata[$name]['filename'].".pipe") ; encode_video_from_pipe($postdata[$name]['filename']) ; // open the pipe $file = fopen($postdata[$name]['filename'].".pipe", "w") ; $postdata[$name]['type'] = "video" ; $withoutext = getFilenameWithoutExt($postdata[$name]['filename']) ; $postdata[$name]['realfilename'] = $withoutext.'.flv' ; } elseif (($ext == "wma") || ($ext == "ogg") || ($ext == "wav") || ($ext == "ac3")) { // open the file exec("mkfifo ".$postdata[$name]['filename'].".pipe") ; $debug = encode_audio_from_pipe($postdata[$name]['filename']) ; // open the pipe $file = fopen($postdata[$name]['filename'].".pipe", "w") ; $postdata[$name]['type'] = "audio" ; $withoutext = getFilenameWithoutExt($postdata[$name]['filename']) ; $postdata[$name]['realfilename'] = $withoutext.'.mp3' ; } elseif (($ext == "png") || ($ext == "gif") || ($ext == "tif") || ($ext == "tiff") || ($ext == "bmp")) { // open the file $file = fopen($postdata[$name]['filename'], "w") ; $postdata[$name]['type'] = "image" ; $postdata[$name]['realfilename'] = $postdata[$name]['filename'] ; } elseif ( // some stuff thats not allowed ($ext == "") || ($ext == "exe") || ($ext == "sh") || ($ext == "pl") || ($ext == "php") || ($ext == "inc")) { die("Disallowed file type") ; } elseif ($ext == "flv") { $file = fopen($postdata[$name]['filename'], "w") ; $postdata[$name]['type'] = "video" ; $postdata[$name]['realfilename'] = $postdata[$name]['filename'] ; } elseif ($ext == "mp3") { $file = fopen($postdata[$name]['filename'], "w") ; $postdata[$name]['type'] = "audio" ; $postdata[$name]['realfilename'] = $postdata[$name]['filename'] ; } elseif ($ext == "jpg") { $file = fopen($postdata[$name]['filename'], "w") ; $postdata[$name]['type'] = "image" ; $postdata[$name]['realfilename'] = $postdata[$name]['filename'] ; } elseif ($ext == "swf") { $file = fopen($postdata[$name]['filename'], "w") ; $postdata[$name]['type'] = "flash" ; $postdata[$name]['realfilename'] = $postdata[$name]['filename'] ; } else { // open the file $file = fopen($postdata[$name]['filename'], "w") ; } } $filesize = 0 ; $mode = 6 ; break ; case 6 ; // now were going to be dumping the file data into a file // but we want to handle the end of the file specially so // were going to post whatever data came through last time // ok check to see if we have reached a boundary between elements if (strstr($data, $boundary)) { // ok time to clean up a little bit if ($file) { // chop off the trailing \r\n and write the rest of the data $writethis = substr($lastdata, 0, (strlen($lastdata) - 2)) ; fwrite($file, $writethis) ; $filesize += strlen($writethis) ; // close the file fclose($file) ; } // reset the mode $mode = 1 ; $lastdata = "" ; } else { // update the next rounds data if ($lastdata) { if ($file) { fwrite($file, $lastdata) ; $filesize += strlen($lastdata) ; } } $lastdata = $data ; } break ; default: // ok this searches for the next boundary if (strstr($data, $boundary)) { // and starts the process when found $mode = 1 ; } break ; } $data = "" ; } // keep track of the entire amount of data transfered $read += strlen($buf) ; if (($lastpct + 0.005) <= ($read / $length)) { // calculate the percentage and times that the user wants to know about $lastpct = $read / $length ; $totaltime = (time() - $start) * ($length) / ($read + 1) ; $timeleft = round(($totaltime - (time() - $start)), 0) ; // calculate the average speed $step = (time() - $start) + 1 ; if ($step > 0) { $kbps = number_format($read / $step / 1024, 2) ; } else { $kbps = 0 ; } // update the text echo '' ; echo '' ; } } while ($read < ($length - 1)) ; // this is a special case for if the last of the post data is also the end of a file if ($mode = 6) { // we need to flush out our buffer and close the file if ($file) { $writethis = substr($lastdata, 0, (strlen($lastdata) - 2)) ; fwrite($file, $writethis) ; $filesize += strlen($writethis) ; fclose($file) ; } } // do something with the post data process($postdata) ; } // ok now that were done processing the http request // its time to assemble a response $msg = 'HTTP/1.1 200 OK'."\r\n".'Connection: close'."\r\n".'Content-Type: text/html'."\r\n".'Content-Length: 349'."\r\n".'Date: Mon, 21 Jul 2008 22:52:53 GMT'."\r\n".'Server: php_uploader/0.0.0'."\r\n"."\r\n".' '."\r\n". ' ' ."\r\n". '' ."\r\n". ' ' ."\r\n". ' Uploading... Please Wait' ."\r\n". ' ' ."\r\n". ' ' ."\r\n". '

Complete!!

' ."\r\n". ' ' ."\r\n". '' ."\r\n\r\n"; // send the response and close the socket socket_write($msgsock,$msg,strlen($msg)); socket_close($msgsock); // we close our main listner too socket_close($sock); ?> = 60) { $seconds -= 60 ; $minutes++ ; } if ($minutes >= 60) { while ($minutes >= 60) { $minutes -= 60 ; $hours++ ; } $str = "$hours:" ; if ($minutes > 9) { $str .= "$minutes:" ; } else { $str .= "0$minutes:" ; } if ($seconds > 9) { $str .= "$seconds" ; } else { $str .= "0$seconds" ; } return $str ; } else { $str = "$minutes:" ; if ($seconds > 9) { $str .= "$seconds" ; } else { $str .= "0$seconds" ; } return $str ; } } // this is the function that process the post data when were all done function process($post) { // report back to mother ship if (isset($_GET['sitepath'])) { $sitepath = $_GET['sitepath']; } $report=$sitepath.'includes/control.php'; if($post['media']['filename'] != "") { $report.="?name=".pathinfo($post['media']['filename'], PATHINFO_FILENAME); if($post['title'] != "") { $report.='&title='.urlencode(str_replace(' ','-',$post['title'])); } else { $report.='&title='.urlencode(pathinfo($post['media']['filename'], PATHINFO_FILENAME)); } if($post['desc'] != "") { $report.='&desc='.urlencode($post['desc']); } if($post['keywords'] != "") { $report.='&keywords='.urlencode($post['keywords']); } if($post['thumburl'] != "") { $report.='&thumburl='.urlencode($post['thumburl']); $report.='&remotethumb=1'; } else { if($post['thumb']['filename'] != "") { $report.='&thumburl='.urlen;code($sitepath."uploads/thumbs/".$post['thumb']['filename']); } else { if($post['media']['type'] == "video") { exec("ffmpeg -y -i ../uploads/".$post['media']['withoutext'].".flv -f mjpeg -s 160x120 -vframes 1 -ss 8 -an ../uploads/thumbs/".$post['media']['withoutext'].".flv.jpg"); $report.='&thumburl='.urlencode($sitepath."uploads/thumbs/".$post['media']['withoutext'].".flv.jpg"); $report.='&thumbname='.urlencode($post['media']['withoutext'].".flv.jpg"); } if($post['media']['type'] == "image") { echo "
creating thumb....."; createThumb($post['media']['filename'], 96, 96, '','../uploads/thumbs/', $post['media']['withoutext'].".thumb.jpg"); echo "
done"; $report.='&thumburl='.urlencode($sitepath."uploads/thumbs/".$post['media']['withoutext'].".thumb.jpg"); $report.='&thumbname='.urlencode($post['media']['withoutext'].".thumb.jpg"); } } } if($post['media']['type'] != "") { $report.='&type='.urlencode($post['media']['type']); } $report.='&ip='.$_SERVER['REMOTE_ADDR']; $report.='&size='.filesize($post['media']['realfilename']); $report.='&md5='.md5_file($post['media']['realfilename']); $report.='&category='.$post['category']; $report.='&group='.$post['group']; if ($sitepath.='') { $report.='&sitepath='.urlencode($sitepath); } if(isset($_GET['poster'])) { if($_GET['poster'] != "") { $report.='&poster='.$_GET['poster']; } } echo $report; readfile($report); ?>

Download Complete

Your media has been uploaded successfully.

Download Complete

Thank you for you submission.

array("file", "/dev/null", "r"), 1=>array("file", "/dev/null", "w"), 2=>array("file", "/dev/null", "a")) ; $process = proc_open($cmd, $descriptorspec, $pipes) ; if (is_resource($process)) { return proc_close($process) ; } else { return - 200 ; } } function encode_audio_from_pipe($filename) { $basename = pathinfo($filename, PATHINFO_DIRNAME)."/".pathinfo($filename, PATHINFO_FILENAME) ; $pipes = "" ; $cmd = 'ffmpeg -i "'.$filename.'.pipe" -ab 128 -ac 2 -f mp3 "'.$basename.'.mp3" && rm "'.$filename.'.pipe" &' ; $descriptorspec = array(0=>array("file", "/dev/null", "r"), 1=>array("file", "/dev/null", "w"), 2=>array("file", "/dev/null", "w")) ; $process = proc_open($cmd, $descriptorspec, $pipes) ; if (is_resource($process)) { return proc_close($process) ; } else { return - 200 ; } } ?>