Added some missing issets

This commit is contained in:
Tim Windelschmidt 2016-07-18 19:50:43 +02:00
parent 73f514522b
commit 10bad65fa1
2 changed files with 69 additions and 65 deletions

View File

@ -4,42 +4,44 @@
require("include/cleanup.inc.php"); require("include/cleanup.inc.php");
include("geshi.php"); include("geshi.php");
if($_POST['action'] == "upload") { if(isset($_POST['action'])) {
if($_POST['textar'] != "") { if($_POST['action'] == "upload") {
if($_POST['textar'] != "") {
switch($_POST['validity']) { switch($_POST['validity']) {
case 1: $expire = time() + 30 * 60; break; case 1: $expire = time() + 30 * 60; break;
case 2: $expire = time() + 60 * 60; break; case 2: $expire = time() + 60 * 60; break;
case 3: $expire = time() + 12 * 60 * 60; break; case 3: $expire = time() + 12 * 60 * 60; break;
case 4: $expire = time() + 24 * 60 * 60; break; case 4: $expire = time() + 24 * 60 * 60; break;
case 5: $expire = time() + 7 * 24 * 60 * 60; break; case 5: $expire = time() + 7 * 24 * 60 * 60; break;
case 6: $expire = time() + 31 * 24 * 60 * 60; break; case 6: $expire = time() + 31 * 24 * 60 * 60; break;
case 7: $expire = time() + 3 * 31 * 24 * 60 * 60; break; case 7: $expire = time() + 3 * 31 * 24 * 60 * 60; break;
case 8: $expire = time() + 6 * 31 * 24 * 60 * 60; break; case 8: $expire = time() + 6 * 31 * 24 * 60 * 60; break;
case 9: $expire = time() + 12 * 31 * 24 * 60 * 60; break; case 9: $expire = time() + 12 * 31 * 24 * 60 * 60; break;
} }
// eine id erstellen // eine id erstellen
$file_id = mkhash(); $file_id = mkhash();
$pub = 0; $pub = 0;
if($_POST['pub']=="1") $pub = 1; if($_POST['pub']=="1") $pub = 1;
// eigabe entschaerfen // eigabe entschaerfen
$safe_string = $db->escape($_POST['textar']); $safe_string = $db->escape($_POST['textar']);
$safe_synt = $db->escape($_POST['synt']); $safe_synt = $db->escape($_POST['synt']);
$db->query("INSERT INTO pastebin (pid,timest,expire,payload,syntax,pub) VALUES $db->query("INSERT INTO pastebin (pid,timest,expire,payload,syntax,pub) VALUES
('{$file_id}','".time()."','{$expire}','{$safe_string}','{$safe_synt}', ('{$file_id}','".time()."','{$expire}','{$safe_string}','{$safe_synt}',
'{$pub}')"); '{$pub}')");
header("Location: {$_SERVER['PHP_SELF']}?fileid=".$file_id); header("Location: {$_SERVER['PHP_SELF']}?fileid=".$file_id);
}
else {
header("Location: {$_SERVER['PHP_SELF']}?code=2");
}
} }
else { }
header("Location: {$_SERVER['PHP_SELF']}?code=2");
}
}
else if(isset($_GET['fileid'])) { else if(isset($_GET['fileid'])) {
include("include/header.php"); include("include/header.php");

View File

@ -3,63 +3,63 @@
require("include/config.inc.php"); require("include/config.inc.php");
require("include/cleanup.inc.php"); require("include/cleanup.inc.php");
if($_POST['action'] == "upload") { if(isset($_POST['action'])) {
if($_FILES['upfile']['size'] > 0) { if ($_POST['action'] == "upload") {
if ($_FILES['upfile']['size'] > 0) {
switch($_POST['validity']) { switch ($_POST['validity']) {
case 1: case 1:
$expire = time() + 30 * 60; $expire = time() + 30 * 60;
break; break;
case 2: case 2:
$expire = time() + 60 * 60; $expire = time() + 60 * 60;
break; break;
case 3: case 3:
$expire = time() + 12 * 60 * 60; $expire = time() + 12 * 60 * 60;
break; break;
case 4: case 4:
$expire = time() + 24 * 60 * 60; $expire = time() + 24 * 60 * 60;
break; break;
case 5: case 5:
$expire = time() + 7 * 24 * 60 * 60; $expire = time() + 7 * 24 * 60 * 60;
break; break;
case 6: case 6:
$expire = time() + 31 * 24 * 60 * 60; $expire = time() + 31 * 24 * 60 * 60;
break; break;
case 7: case 7:
$expire = time() + 3 * 31 * 24 * 60 * 60; $expire = time() + 3 * 31 * 24 * 60 * 60;
break; break;
case 8: case 8:
$expire = time() + 6 * 31 * 24 * 60 * 60; $expire = time() + 6 * 31 * 24 * 60 * 60;
break; break;
case 9: case 9:
$expire = time() + 12 * 31 * 24 * 60 * 60; $expire = time() + 12 * 31 * 24 * 60 * 60;
break; break;
} }
// eine id erstellen // eine id erstellen
$file_id = mkhash(); $file_id = mkhash();
// einen eindeutigen dateinamen erstellen // einen eindeutigen dateinamen erstellen
$file_localname = md5( $_FILES['upfile']['name'] + time()); $file_localname = md5($_FILES['upfile']['name'] + time());
if(move_uploaded_file($_FILES['upfile']['tmp_name'], $uploaddir . $file_localname )) { if (move_uploaded_file($_FILES['upfile']['tmp_name'], $uploaddir . $file_localname)) {
$db->query("INSERT INTO files $db->query("INSERT INTO files
(pid,timest,expire,file,name,mime,size) VALUES (pid,timest,expire,file,name,mime,size) VALUES
('{$file_id}','".time()."','{$expire}','{$file_localname}', ('{$file_id}','" . time() . "','{$expire}','{$file_localname}',
'{$_FILES['upfile']['name']}','{$_FILES['upfile']['type']}','{$_FILES['upfile']['size']}')"); '{$_FILES['upfile']['name']}','{$_FILES['upfile']['type']}','{$_FILES['upfile']['size']}')");
chmod($uploaddir.$file_localname,0777); chmod($uploaddir . $file_localname, 0777);
header("Location: {$_SERVER['PHP_SELF']}?fileid=".$file_id); header("Location: {$_SERVER['PHP_SELF']}?fileid=" . $file_id);
} } else {
else {
header("Location: {$_SERVER['PHP_SELF']}?code=1"); header("Location: {$_SERVER['PHP_SELF']}?code=1");
} }
} } else {
else {
print_r($_FILES); print_r($_FILES);
header("Location: {$_SERVER['PHP_SELF']}?code=2"); header("Location: {$_SERVER['PHP_SELF']}?code=2");
} }
} }
}
else if(isset($_GET['fileid'])) { else if(isset($_GET['fileid'])) {
header("X-Trash-File: " . $base_url ."b/{$_GET['fileid']}"); header("X-Trash-File: " . $base_url ."b/{$_GET['fileid']}");
include("include/header.php"); include("include/header.php");
@ -114,19 +114,21 @@
} }
else { else {
include("include/header.php"); include("include/header.php");
switch($_GET['code']) { if (isset($_GET['code'])) {
case "1": switch($_GET['code']) {
echo "<p>Datei konnte nicht Kopiert werden!</p>"; case "1":
break; echo "<p>Datei konnte nicht Kopiert werden!</p>";
case "2": break;
echo "<p>Keine Datei angegeben oder Datei zu gross!</p>"; case "2":
break; echo "<p>Keine Datei angegeben oder Datei zu gross!</p>";
break;
}
} }
?> ?>
<form name="ul" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data" <form name="ul" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data"
onsubmit="document.ul.u.value='Bitte warten ...';document.ul.u.disabled=true" > onsubmit="document.ul.u.value='Bitte warten ...';document.ul.u.disabled=true" >
<input type="hidden" name="action" value="upload" /> <input type="hidden" name="action" value="upload" />
Dateien bis max. <?php echo ini_get(post_max_size); ?>:<br/> Dateien bis max. <?php echo ini_get('post_max_size'); ?>:<br/>
<input type="file" name="upfile" /><br /><br /> <input type="file" name="upfile" /><br /><br />
G&uuml;ltigkeit: G&uuml;ltigkeit:
<select name="validity" size="1"> <select name="validity" size="1">