-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathsourcecodes.php
140 lines (135 loc) · 6.78 KB
/
sourcecodes.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
<title> Web Source | The Hub </title>
<?php
require ('core.inc.php');
include ('connect.php');
$sql = "CREATE TABLE web_source ( `id` INT(11) NOT NULL AUTO_INCREMENT , `session` VARCHAR(50) NOT NULL , `text1` TEXT(250) NOT NULL, `pic` VARCHAR(50) NOT NULL, `name` VARCHAR(25) NOT NULL , PRIMARY KEY (`id`))";
$run = mysqli_query($link, $sql);
$sqlo ="ALTER TABLE web_source ADD file_name VARCHAR(40) NOT NULL AFTER `name`";
$run0 = mysqli_query($link, $sqlo);
if (!loggedin()) {
include_once ('header.php');
echo "<div class=\"alert alert-info alert-dismissable\">
<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>
Log into your account to contribute to or to view source code files.
</div>";
die();
}else {
include ('headerlogin.php');
//ip address grabbing
@$cli_ip = $_SERVER['HTTP_CLIENT_IP'];//grabbing from client ip
@$for_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];//grabbing from forwarded ip
@$rem_addr = $_SERVER['REMOTE_ADDR'];//grabbing ip from remote address
//Uploading files from webpage to directory
$target_dir = "web/";
@$target_file = $target_dir.basename ($_FILES ["fileToUpload"]["name"]);
$upLoadOk = 1;
$FileType = pathinfo($target_file, PATHINFO_EXTENSION);
if (isset($_POST['submit'])) {
//validating upload description
$source_info = htmlspecialchars(mysqli_real_escape_string($link, $_POST['submit']));
if ($_FILES["fileToUpload"] ["size"] > 500000) {
//restricting upload file size to 500kb
echo " <div class=\"alert alert-danger alert-dismissable\">
<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>
Sorry,Your file size is too large. Try with a file at least 500kb.
</div> <br>";
$uploadOK = 0;
}
if ($FileType != "txt") {
echo " <div class=\"alert alert-danger alert-dismissable\">
<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>
Sorry, Only .txt files allowed. Try again.
</div>";
$uploadOK = 0;
}
if (@$uploadOK === 0) {
//returning to last location upon upload fail
$lastloc = $_SERVER['HTTP_REFERER'];
echo "<div class=\"alert alert-warning alert-dismissable\">
<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>
Failed to upload ".basename($_FILES["fileToUpload"]["name"]). "! Try again.
</div> <p>Click <a href=\"$lastloc\">here</a> to return ";
die();
}else {
if (move_uploaded_file($_FILES ["fileToUpload"]["tmp_name"], $target_file)) {
$basename = basename($_FILES["fileToUpload"]["name"]);
//moving uploaded files to directory
if (isset($_POST['text'])&&!empty('text')) {
$text = htmlspecialchars(mysqli_real_escape_string($link, $_POST['text']));
$session = $_SESSION['email'];
$sql= "SELECT * FROM registration WHERE email = '$session'";
$result = mysqli_query($link, $sql);
while (@$row = mysqli_fetch_array($result)) {
$name = $row['first_name'];
$sql= "SELECT * FROM profile WHERE session = '$session' ORDER BY id DESC LIMIT 1";
$result = mysqli_query($link, $sql);
@$row = mysqli_fetch_array($result);
$pic = $row['profile_pic'];
$def = 'thehub.ico.jpg';
if ($pic == null ) {
$dp = $def;
}else {
$dp = $row['profile_pic'];
}
$query = "INSERT INTO web_source(id, session, text1, pic, name, file_name) VALUES ('', '".$session."', '".$text."', '".$dp."', '".$name."', '".$basename."')";
if ($query_run = mysqli_query($link, $query)) {
echo "<div class=\"alert alert-success alert-dismissable\">
<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>
The file ".basename($_FILES["fileToUpload"]["name"]). " has been uploaded. Successfully!
</div> <p>Click <a href=\"sourcecodes\">here</a> to return ";
die();
}else {
echo "Sorry. An error occurred. We will work on fixing it as soon as possible. Thank you.";
}
}
}
}else {
echo "There was an error uploading your file";
}
}
}
echo ' <div id="intro" class="text-xs-center">
<div class="text-center" id="intro-section">
<img src="img/thehub.ico.jpg" width="60" height="60">
<div class="col-md-6 container" style="margin-top: 100px;">
<h2 style="font-size: 15px;">Find or post web development source codes here</h2>
<form action="sourcecodes.php" method="POST" enctype="multipart/form-data">
<div class="input-group md-form">
<textarea class="md-textarea text-center" maxlength="250" name="text" placeholder="Add a description to the uploaded file. Not more than 250 words" id="text" required></textarea>
</div>
<div class="btn btn-indigo btn-sm">
<span>Choose file</span>
<input type="file" name="fileToUpload">
</div>
<button type="submit" class="btn-indigo btn btn-block" name="submit">Post</button><br><br>
</form>
</div>
</div>
</div>';
//the following code displays contents of uploaded file in the directory
if ($handle = opendir($target_dir)) {
//opening target directory
echo "<div class=\"alert alert-success alert-dismissable\">
<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>
Browse through available source code files below !
</div> ";
$sql= "SELECT * FROM web_source ORDER BY id DESC";
$result = mysqli_query($link, $sql);
while (@$row = mysqli_fetch_array($result)) {
$img = $row['pic'];
echo ' <div class="container col-md-4">
<div class="row">
<div class="card card-block">
<div class="chip">
<img src="profile/'.$row['pic'].'" alt="Contact Person"> '.$row['name'].'
</div><hr>
<div class="text-center>"><h6><strong>Description :</strong> '.$row['text1'].'</h6></div><hr>
<p>View file: <a href="'.$target_dir.$row['file_name'].'">'.$row['file_name'].'</a></p>
</div>
</div>
</div>
</div><hr>';
}
include 'footer.php';}
}
?>