Untitled

<?php
// dont use passwd through GET, and a file can only be send through POST method :)
// enctype="multipart/form-data <-= use this in the html form

function getRealIpAddr() {
    if (!empty($_SERVER['HTTP_CLIENT_IP'])) {   //check ip from share internet
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {   //to check ip is pass from proxy
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    } else {
      $ip=$_SERVER['REMOTE_ADDR'];
    }
    return $ip;
}

function connect_db($user, $pass) {
    $link = mysql_connect('localhost', $user, $pass);
    if (!$link) {
        die('error: '. mysql_error());
    }
    mysql_select_db("db", $link);
    return $link
}

function check_login($link, $username, $password) {
    $query = sprintf("SELECT * FROM user WHERE username='%s'",
                        mysql_real_escape_string($username));
    $result = mysql_query($query, $link);
    if ($result) {
        // check user
        $row = mysql_fetch_array($result, MYSQL_ASSOC);
        if ($row['password'] == $password) {
            $query = sprintf("UPDATE 'user' SET lastIP="%d" WHERE username='%s'", getRealIpAddr(),
                                mysql_real_escape_string($username));
            mysql_query($query, $link);
        } else {
            ?> error, incorrect password <?php
        }
    } else {
        // add new user
        $query = sprintf("INSERT INTO table 'user' VALUES \(%s, %s, 0\)",
                            mysql_real_escape_string($username),
                            mysql_real_escape_string($password));
        mysql_query($query, $link);
    }

}

function update_count_db_upload($link, $username) {
    // retrieve user upload count
    $query = sprintf("SELECT 'count' FROM user WHERE username='%s'",
                        mysql_real_escape_string($username));
    $result = mysql_query($query, $link);

    if ($result) {
        $row = mysql_fetch_array($result, MYSQL_ASSOC);
        $row['count']++;

        // update user upload count
        $query = sprintf("UPDATE 'user' SET count="%d" WHERE username='%s'", $row['count']
                            mysql_real_escape_string($username));
        mysql_query($query, $link);
    } else {
        echo "bloody hell, you shouldn't be here, you are here bc it let you go in but didn't find you";
    }
}

function save_file($file, $username) {
    $fname = "/uploads/schematics/".addslashes($username)."_filename.schematic";
    move_uploaded_file($file['tmp_name'], $fname);
    echo "done uploading");
}

function list_schematics() {
    if ($handle = opendir('/uploads/schematics/')) {
        echo "Directory handle: $handle\n <br />";
        echo "Entries:\n <br />";

        /* This is the correct way to loop over the directory. */
        while (false !== ($entry = readdir($handle))) {
            echo "$entry\n <br />";
        }

        closedir($handle);
    }
}
// -------------------------------------------------------------
$link = connect_db($db_username,$db_password);

$username = $_GET['username'];
$password = $_GET['password'];
$file = $_FILES['file'];

if !empty($username) {
    check_login($link, $username, $password);
    if !empty($file) {
        save_file($file, $username);
        update_count_db_upload($link, $username);
    } else {
        ?> error in .schematic file <?php
    }
} else {
    list_schematics();
}
?>