PASTEBIN
| #1 paste tool since 2002
create new paste
tools
api
archive
real-time
faq
PASTEBIN
create new paste
trending pastes
sign up
login
my settings
my profile
Public Pastes
Checking that a HT...
5 sec ago
Untitled
6 sec ago
Untitled
C | 9 sec ago
how to set height ...
11 sec ago
Untitled
12 sec ago
Untitled
16 sec ago
Untitled
17 sec ago
Problem with exten...
17 sec ago
New Paste
<?php /* Generic PHP upload script. // by Philippe Lhoste <PhiLho(a)GMX.net> http://Phi.Lho.free.fr & http://PhiLho.deviantART.com // File/Project history: 1.00.000 -- 2008/07/25 (PL) -- Creation. */ /* Copyright notice: For details, see the following file: http://Phi.Lho.free.fr/softwares/PhiLhoSoft/PhiLhoSoftLicence.txt This program is distributed under the zlib/libpng license. Copyright (c) 2008 Philippe Lhoste / PhiLhoSoft */ // Constants since these parameters are unlikely to change on each call... // Maximum 100 chars for file name in input, after filtering define('MAX_FILE_NAME_LENGTH', 100); // Roughly 100KB define('MAX_FILE_SIZE', 100000); /** * Handle an upload field/file. * Reject files too big (constant MAX_FILE_SIZE), filter out uploaded file name * (remove path, reduce charset, reject incorrect file types (actually, extensions), * truncate given name), then prepend unique identifier (date/time, good for sorting) * and move the uploaded file to the given directory. * * @param $fieldName the name of the input type="file" tag in HTML. * There can be several such inputs in a form. * @param $destinationDir where to put the uploaded file (absolute path). * Might be always the same place or depend on other parameters like a login name. * @param $allowedExtensions an array looking like array('.png', '.gif', '.jpg', '.jpeg') * @return An array with two elements. If error, the first element is an empty string, * the second one is the error message. Otherwise, the first element is the file name * and the second one is the uploaded file path. */ function HandleUploadedFile($fieldName, $destinationDir, $allowedExtensions) { global $debugData; // To trace actions. Comment out the lines with this variable for real use if (isset($_FILES[$fieldName])) { // Handle error code $error = $_FILES[$fieldName]['error']; switch ($error) { case UPLOAD_ERR_OK: // zero break; // No error, continue process case UPLOAD_ERR_INI_SIZE: // 1 case UPLOAD_ERR_FORM_SIZE: // 2 return array('', 'File too big!'); // The Web page should indicate upfront the maximum size... case UPLOAD_ERR_PARTIAL: // 3 return array('', 'Incomplete upload, please retry.'); case UPLOAD_ERR_NO_FILE: // 4 return array('', 'No file! Give a file in the upload field...'); case UPLOAD_ERR_TMP_DIR: // 6 - No temp folder! :( case UPLOAD_ERR_CANT_WRITE: // 7 - Can't write! chmod error? return array('', 'Bad server config! Sorry...'); case UPLOAD_ERR_EXTENSION: // 8 - File upload stopped by extension return array('', 'Bad file extension.'); default: // Future version of PHP? return array('', "Error when uploading: $error"); } // Check size of uploaded file $tempLocation = $_FILES[$fieldName]['tmp_name']; $debugData .= "Uploaded file is in: $tempLocation<br>\n"; $debugData .= "Other info given by browser (size, type): {$_FILES[$fieldName]['size']}, {$_FILES[$fieldName]['type']}<br>\n"; $fileSize = filesize($tempLocation); $debugData .= "Real file size: $fileSize<br>\n"; // Strangely enough, if IE is given a path leading to nowhere, it just sends a 0 byte file! if ($fileSize == 0) // Might test a minimum size (smallest header size for graphics...) { return array('', 'File is empty!'); } if ($fileSize > MAX_FILE_SIZE) { return array('', 'File too big!'); } // Get original file name $file = $_FILES[$fieldName]['name']; $debugData .= "Original file name: $file<br>\n"; // No HTML escape! :( // Strip out the path (given by IE, perhaps other browsers -- Firefox and Opera just give the name) // Most samples I saw use basename() but I found out that it fails to strip a Windows path on a Unix server // I could have used a str_replace, but I like REs... // (I gobble anything up to the last sequence of characters not having slash or anti-slash in it) // Note: ensure magic quotes are disabled or neutralized $file = preg_replace('!.*?([^\\/]+)$!', '$1', $file); $debugData .= "Filter 1: $file<br>\n"; // Filter out all characters that are not alphanumerical, dot and dash // as they can be troublesome in some OSes. // A sequence of such chars is replaced by a unique underscore. $file = preg_replace('/[^a-zA-Z0-9.-]+/', '_', $file); $debugData .= "Filter 2: $file<br>\n"; // Split name and extension: gobble everything up to the last dot (file name), then dot and remainder (extension) // Note that .htaccess has no extension and is a pure filename if (preg_match('/^(.+)\.([^.]+)$/', $file, $m) == 0) { // No match => No dot or nothing before the dot $extension = ''; } else { $file = $m[1]; $extension = $m[2]; } $debugData .= "Split: $file $extension<br>\n"; // Ensure name isn't too long: just truncate it $file = substr($file, 0, MAX_FILE_NAME_LENGTH); $debugData .= "Truncated: $file<br>\n"; // If extension not allowed (could be a CGI file...), discard it if ($extension != '' && !in_array($extension, $allowedExtensions)) { return array('', 'File format not allowed.'); } // Add trailing slash to dest dir, supposed in Unix format // (if not slash at end, replace last char by itself followed by a slash) $destinationDir = preg_replace('!([^/])$!', '$1/', $destinationDir); // Create a time stamp used as prefix to make the file name unique. // Might have a conflict if you have millions of users, ie. a probability of having two users // uploading a file in the same second, supposing they go in the same dir. // If so, you are able to improve this code! ;-) // One might want to pass a prefix (or suffix) parameter to this function, eg. to tag the file name // with the name of the author. Just do it! $prefix = date('Ymd-His-'); $destinationFile = $prefix . $file . ($extension != '' ? '.' . $extension : ''); $debugData .= "Destination file: $destinationFile<br>\n"; $destinationPath = $destinationDir . $destinationFile; $debugData .= "Destination path: $destinationPath<br>\n"; // Move uploaded file from temporary folder to destination // Overwrite a file of same name there, if any (unless, perhaps server is on Windows, might just fail to move). // if (!file_exists($destinationFile)) // { if (!move_uploaded_file($tempLocation, $destinationPath)) { return array('', 'Failed to move upload file.' . " (dest.: $destinationPath)"); } return array($destinationFile, $destinationPath); // } } else { return array('', 'Field not found'); } return array($finalName, 'OK'); } // Just call the function! $debugData = ''; $destDir = '../Uploads'; $maxFiles = 5; // Max number of files accepted in the dest dir // First, check if we don't have too much files. Not a bad test: since we fix the max size of files, the max total size of the files // is under control. $files = scandir($destDir); $files = array_slice($files, 2); // Shift out . and .. while (count($files) > $maxFiles) { $file = array_shift($files); echo $file . " to remove\n"; unlink($destDir . '/' . $file); } $result = HandleUploadedFile('image', $destDir, array('png', 'gif', 'jpg', 'jpeg')); if ($debugData != '') { echo "<p><b>Debug data:</b><br>$debugData</p>\n"; } if ($result[0] == '') { echo "<p><b>Error:</b> {$result[1]}</p>\n"; } else { $imageURL = 'http://' . $_SERVER['SERVER_NAME'] . '/Uploads/' . $result[0]; echo "<p>Received image: <img src='$imageURL' alt='{$result[0]}' title='{$result[1]}'></p>\n"; } /* HTML: <form method="POST" action="Upload.php" enctype="multipart/form-data"> <input type="hidden" name="MAX_FILE_SIZE" value="100000"> File to upload: <input type="file" name="avatar"> <input type="submit" name="Send" value="Send the file"> <input type="reset" name="Reset" value="Reset form"> </form> Will generate on PHP side: $_FILES['avatar']['name'] -> Name of file for input "avatar" $_FILES['avatar']['tmp_name'] -> Path to temp folder where the file have been uploaded $_FILES['avatar']['size'] -> Size of file (can be approximative, depending on browser) $_FILES['avatar']['type'] -> Mime type of file (might depend on browser) $_FILES['avatar']['error'] -> Error code if any */ ?>
Optional Paste Settings
Syntax Highlighting:
None
Bash
C
C#
C++
CSS
HTML
HTML 5
Java
JavaScript
Lua
None
Perl
PHP
Python
Rails
-------------
4CS
6502 ACME Cross Assembler
6502 Kick Assembler
6502 TASM/64TASS
ABAP
ActionScript
ActionScript 3
Ada
ALGOL 68
Apache Log
AppleScript
APT Sources
ASM (NASM)
ASP
autoconf
Autohotkey
AutoIt
Avisynth
Awk
BASCOM AVR
Bash
Basic4GL
BibTeX
Blitz Basic
BNF
BOO
BrainFuck
C
C for Macs
C Intermediate Language
C#
C++
C++ (with QT extensions)
C: Loadrunner
CAD DCL
CAD Lisp
CFDG
ChaiScript
Clojure
Clone C
Clone C++
CMake
COBOL
CoffeeScript
ColdFusion
CSS
Cuesheet
D
DCS
Delphi
Delphi Prism (Oxygene)
Diff
DIV
DOS
DOT
E
ECMAScript
Eiffel
Email
EPC
Erlang
F#
Falcon
FO Language
Formula One
Fortran
FreeBasic
FreeSWITCH
GAMBAS
Game Maker
GDB
Genero
Genie
GetText
Go
Groovy
GwBasic
Haskell
HicEst
HQ9 Plus
HTML
HTML 5
Icon
IDL
INI file
Inno Script
INTERCAL
IO
J
Java
Java 5
JavaScript
jQuery
KiXtart
Latex
Liberty BASIC
Linden Scripting
Lisp
LLVM
Loco Basic
Logtalk
LOL Code
Lotus Formulas
Lotus Script
LScript
Lua
M68000 Assembler
MagikSF
Make
MapBasic
MatLab
mIRC
MIX Assembler
Modula 2
Modula 3
Motorola 68000 HiSoft Dev
MPASM
MXML
MySQL
newLISP
None
NullSoft Installer
Oberon 2
Objeck Programming Langua
Objective C
OCalm Brief
OCaml
OpenBSD PACKET FILTER
OpenGL Shading
Openoffice BASIC
Oracle 11
Oracle 8
Oz
Pascal
PAWN
PCRE
Per
Perl
Perl 6
PHP
PHP Brief
Pic 16
Pike
Pixel Bender
PL/SQL
PostgreSQL
POV-Ray
Power Shell
PowerBuilder
ProFTPd
Progress
Prolog
Properties
ProvideX
PureBasic
PyCon
Python
q/kdb+
QBasic
R
Rails
REBOL
REG
Robots
RPM Spec
Ruby
Ruby Gnuplot
SAS
Scala
Scheme
Scilab
SdlBasic
Smalltalk
Smarty
SQL
SystemVerilog
T-SQL
TCL
Tera Term
thinBasic
TypoScript
Unicon
UnrealScript
Vala
VB.NET
VeriLog
VHDL
VIM
Visual Pro Log
VisualBasic
VisualFoxPro
WhiteSpace
WHOIS
Winbatch
XBasic
XML
Xorg Config
XPP
YAML
Z80 Assembler
ZXBasic
Paste Expiration:
Never
10 Minutes
1 Hour
1 Day
1 Month
Paste Exposure:
Public
Unlisted
Private (members only)
Paste Name / Title:
Hello
Guest
Sign Up
or
Login
You are currently not logged in, this means you can not edit or delete anything you paste.
Sign Up
or
Login
