SHARE
TWEET

Untitled

a guest Jul 21st, 2017 67 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <HTML>
  2. <HEAD>
  3. <TITLE>LCMWH</TITLE>
  4. </HEAD>
  5. <BODY>
  6. <center>
  7. <font size=+3 color="cyan" face="Verdana">
  8. <h1>LCMWH</h1>
  9. </font>
  10. <h3>Low-cost Manual WebHost</h3>
  11. <font face="Verdana">
  12. <p>Welcome to the control panel! Here you will be able to administrate this site.</p>
  13. <form action="/action_page.php">
  14. Username:<br>
  15. <input type="text" name="username" placeholder="johndoe"><br>
  16. Password:<br>
  17. <input type="password" name="passkey" placeholder="*********"><br><br>
  18. <h4>Actions</h4>
  19. <br>
  20. <p>File to upload:</p>
  21.     <input type="file" name="fileToUpload" id="fileToUpload">
  22.    
  23.     <p>Folder (if it does not exist, it will be created, leave empty to upload at root):</p>
  24.     <input type="text" name="folderLoc" id="folderLoc" placeholder="memes/">
  25.     <input type="submit" value="Upload Image" name="submit">
  26.  
  27. <?php
  28. $target_dir = "/";
  29. $target_file = $_POST["folderLoc"] . basename($_FILES["fileToUpload"]["name"]);
  30. $uploadOk = 1;
  31. $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
  32.  
  33. if(isset($_POST["submit"])) {
  34.  
  35.     if (file_exists($target_file)) {
  36.         echo "This file already exists.";
  37.         $uploadOk = 0;
  38.     }
  39.  
  40.     if ($_FILES["fileToUpload"]["size"] > 150000) {
  41.         echo "Your file is over 15MB.";
  42.         $uploadOk = 0;
  43.     }
  44.    
  45.     if($imageFileType == "php") {
  46.         echo "Your plan does not allow the uploading of PHP files.";
  47.         $uploadOk = 0;
  48.     }
  49.    
  50.     if (strpos($_POST["folderLoc"], '..') !== FALSE)
  51.     {
  52.         echo "Your folder location string contains .. and it might be an exploit. Please, try again without using ..";
  53.         $uploadOk = 0;
  54.     }
  55.  
  56.     if ($_POST["username"] != "root") {
  57.             echo "Wrong username!";
  58.             $uploadOk = 0;
  59.         }
  60.  
  61.     if ($_POST["passkey"] != "Takyon6") {
  62.             echo "Wrong password!";
  63.             $uploadOk = 0;
  64.         }
  65.    
  66.     if ($uploadOk == 0) {
  67.        
  68.     } else {
  69.         if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
  70.             echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
  71.         } else {
  72.             echo "Sorry, there was an error uploading your file.";
  73.         }
  74.     }
  75. }
  76. ?>
  77.  
  78. </form>
  79. </center>
  80. </font>
  81. </BODY>
  82. </HTML>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top