PHP-Upload Script

_Sonic_ · Post by **_Sonic_** » 02 Feb 2008, 11:24

Hey guys im searching for a good Upload Script jus for Pictures. Does anyone knows 1 ?

Thanks

Post by **bad_brain** » 02 Feb 2008, 13:37

hm, just a script? any upload script would work, you only would have to limit the file endings that can be uploaded.....but if you look for something complete take a look at coppermine:
http://coppermine-gallery.net/

rhysh · Post by **rhysh** » 02 Feb 2008, 23:10

coppermine has alot of rfi vulns though,so if you know php then and know how rfi works then you should be able to patch it up,but by the sounds of it,you dont know php,so i would get some patches for copper mine

Post by **bad_brain** » 03 Feb 2008, 05:32

well, patching is a must anyway, no matter what platform you use. the reason why it looks like there are more vulnerabilities than for other platforms is simply the fact that Coppermine is most likely the most used one...

_Sonic_ · Post by **_Sonic_** » 03 Feb 2008, 12:51

copperminse isnt my thing.i need a normal upload script php or html for my new page www.sweet-host.de

can b simple though

Post by **Gogeta70** » 03 Feb 2008, 17:59

Simple?

Here ya go.
There's a script readily available, just edit it a little bit. You can at least do that, right?

seer · Post by **seer** » 22 Feb 2008, 11:09

I used to check whether the file contains "<?" after uploaded,better for small files:

function checkUploadFile($fileName)
{
$fp = fopen($fileName, "rb");
if(!$fp)
return FALSE;

$header = fread($fp, 16);
$allowed = TRUE;

if(stripos($header, "<?") !== FALSE)
$allowed = FALSE;

$content = $header;
if($allowed)
{
do {
$header = substr($content, -3);

$content = fread($fp, 1024);
$content = $header.$content;
if(stripos($content, "<?") !== FALSE)
{
$allowed = FALSE;
break;
}
} while(!feof($fp));
}

fclose($fp);

return $allowed;
}