我发现这个脚本在线试图改变它但现在它不起作用,我只添加了2行和它看起来的文件夹。
这是脚本:
<?PHP
/*
Silentum Uploader v1.6
Modified July 8, 2012
uploader.php copyright 2005-2012 HyperSilence
*/
// Begin options
$file_extensions = array(".mp3"); // Add or delete the file extensions you want to allow Sample: (".mp3", ".gif", ".htm", ".html", ".jpg", ".png", ".txt")
$file_extensions_list = ".mp3"; // Type the same as above, without the quotation marks Sample: ".doc, .gif, .htm, .html, .jpg, .png, .txt"
$max_length = 30; // The maximum character length for a file name
$maximum_file_size = 10000000; // In bytes
$upload_log_file = "upload_log.txt"; // The log file you want to use
// End options
// If you're using a different folder name for uploaded files other than "files", change both occurrences of "files" on lines 27 and 28 below
$folder_directory = "http://".$_SERVER["HTTP_HOST"].dirname($_SERVER["PHP_SELF"]);
$message = "";
$set_chmod = 0;
$site_uri = "http://".$_SERVER["HTTP_HOST"].$_SERVER["PHP_SELF"];
$upload_directory = "/uploads";
$upload_uri = $folder_directory."/uploads/";
$folder_name_length = strlen($upload_directory);
if($_FILES["userfile"]) {
$resource = fopen($upload_log_file,"a");
fwrite($resource,date("F d, Y / h:i:sa")." - ".$_FILES["userfile"]["name"]." "
.$_FILES["userfile"]["type"]." uploaded by ".$_SERVER["REMOTE_ADDR"]."\n");
fclose($resource);
$file_type = $_FILES["userfile"]["type"];
$file_name = $_FILES["userfile"]["name"];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
@chmod($upload_uri."".$file_name, 0755);
if($_FILES["userfile"]["size"] > $maximum_file_size) {
$message = "ERROR: File size cannot be over ".$maximum_file_size." bytes.";
}
elseif($file_name == "") $message = "ERROR: Please select a file to upload.";
elseif(file_exists($upload_directory.$file_name)) $message = "ERROR: A file with that name already exists.";
elseif(strlen($file_name) > $max_length) $message = "ERROR: The maximum length for a file name is ".$max_length." characters.";
elseif(!preg_match("/^[A-Z0-9_.\- ]+$/i",$file_name)) $message = "ERROR: Your file name contains invalid characters.";
elseif(!in_array($file_ext, $file_extensions)) $message = "ERROR: <u>$file_ext</u> is not an allowed file extension.";
else $message = upload_file($upload_directory, $upload_uri);
header("Location: $site_uri?message={$message}");
}
elseif(!$_FILES["userfile"]);
else $message = "ERROR: Invalid file specified.";
$open = opendir($upload_directory);
$uploaded_files = "";
while($file = readdir($open)) {
if(!is_dir($file) && !is_link($file)) {
$uploaded_files .= " <tr>
<td style=\"background: #fff; color: #000; text-align: left\"><a href=\"$upload_directory$file\" title=\"$file (".filesize($upload_directory.$file)." bytes)\">".$file."</a> (".filesize($upload_directory.$file)." bytes)</td>
</tr>
<tr>
<td style=\"background: #eee; color: #000; text-align: left; text-indent: 20px\">Uploaded <b>".date("F d, Y / h:ia", filemtime($upload_directory.$file))."</b></td>";
$uploaded_files .="
</tr>
";
}
}
function upload_file($upload_directory, $upload_uri) {
$mp3_name=substr($file_name,0,-4);
$mp3 = md5($mp3_name.rand().mktime()).".mp3";
$file_name = $mp3;
//$file_name = md5($_FILES["userfile"]["name"].rand()).".mp3";
//$file_name = str_replace(" ","_",$file_name);
$file_path = $upload_directory.$file_name;
$temporary = $_FILES["userfile"]["tmp_name"];
$result = move_uploaded_file($temporary, $file_path);
if(!chmod($file_path,0777))
$message = "ERROR: A folder to place the files was not found, or the files need to be CHMODed to 777.";
else $message = ($result)?"File has been uploaded." : "An error has occurred.";
return $message;
}
?>
我添加的部分是:
$mp3_name=substr($file_name,0,-4);
$mp3 = md5($mp3_name.rand().mktime()).".mp3";
这不应该搞乱脚本,我只是想让它更安全。
我得到的错误是:
错误:找不到放置文件的文件夹,或文件需要的文件夹 被CHMODed到777。 我确实将文件夹更改为0777,但它仍无法正常工作。