66 lines
1.8 KiB
PHP
66 lines
1.8 KiB
PHP
<?php
|
|
|
|
UserAuth::require("is_admin");
|
|
|
|
if (isset($_FILES["file"]))
|
|
{
|
|
$varFile = $_FILES["file"];
|
|
|
|
try
|
|
{
|
|
$strUploadName = basename($varFile["name"]);
|
|
$strUploadName = preg_replace("/ /", "_", $strUploadName);
|
|
$strUploadName = preg_replace("/[^A-Za-z0-9_\-\.]/", "", $strUploadName);
|
|
$strTimestamp = date("YmdHis");
|
|
$strDestinationPath = "files/{$strTimestamp}_{$strUploadName}";
|
|
$intAllow = 0;
|
|
|
|
// Check file size (optional)
|
|
if ($varFile["size"] > 1024 * 1024 * 5)
|
|
throw new Exception("Upload exceeds maximum file size.");
|
|
|
|
if (file_exists($strDestinationPath))
|
|
throw new Exception("Destination file already exists.");
|
|
|
|
foreach (["/\.jpg$/", "/\.png$/"] as $strExtension)
|
|
if (preg_match_all($strExtension, $strDestinationPath))
|
|
$intAllow = 1;
|
|
|
|
if ($intAllow == 0)
|
|
throw new Exception("File type not allowed.");
|
|
|
|
$intResult = move_uploaded_file($varFile["tmp_name"], $strDestinationPath);
|
|
|
|
if (!$intResult)
|
|
throw new Exception("Problem uploading file.");
|
|
|
|
}
|
|
catch (Exception $x)
|
|
{
|
|
PageRender::message($x->getMessage(), "danger");
|
|
}
|
|
}
|
|
|
|
|
|
?>
|
|
|
|
<?php PageRender::message(); ?>
|
|
|
|
<form method="post" enctype="multipart/form-data">
|
|
<table>
|
|
<tbody>
|
|
<tr>
|
|
<td>File</td>
|
|
<td><input type="file" name="file" /></td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td></td>
|
|
<td><input type="submit" value="Upload" /></td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</form>
|
|
|
|
<?php PageRender::uploads(); ?>
|