96 lines
2.5 KiB
PHP
96 lines
2.5 KiB
PHP
<?php
|
|
|
|
session_start();
|
|
|
|
// Assign unique session ID to the client
|
|
if (!isset($_SESSION["id"]))
|
|
$_SESSION["id"] = uniqid();
|
|
|
|
// Specify uploads target directory
|
|
define('UPLOAD_DIR', __DIR__ . "/uploads/" . $_SESSION["id"]);
|
|
|
|
if (isset($_FILES["file"])) {
|
|
$dest_file_name = (string) time() . "-" . str_replace("/", "", $_FILES["file"]["name"]);
|
|
|
|
// Create target directory
|
|
if (!is_dir(UPLOAD_DIR) && !mkdir(UPLOAD_DIR, 0770, true)) {
|
|
$error = "Failed to create storage directory!";
|
|
} else if ($_FILES["file"]["size"] > 500000) {
|
|
$error = "File is too large (max 500kb)!";
|
|
} else if (move_uploaded_file($_FILES["file"]["tmp_name"], UPLOAD_DIR . "/" . $dest_file_name)) {
|
|
$success = "The file was successfully uploaded!";
|
|
} else {
|
|
$error = "Error while uploading file!";
|
|
}
|
|
}
|
|
|
|
?><!doctype html>
|
|
<html lang="en" data-bs-theme="auto">
|
|
|
|
<head>
|
|
|
|
<meta charset="utf-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
<title>Safe gallery</title>
|
|
|
|
<link href="/bootstrap.min.css" rel="stylesheet"
|
|
integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">
|
|
<link href="/style.css" rel="stylesheet">
|
|
</head>
|
|
|
|
<body class="d-flex align-items-center py-4 bg-body-tertiary">
|
|
<main class="form-signin w-100 m-auto">
|
|
|
|
<h1>Gallery manager</h1>
|
|
|
|
<div class="alert alert-secondary">
|
|
<strong>Note</strong> : Une information se cache dans la variable d'environnement <i>FLAG</i>.
|
|
</div>
|
|
|
|
<?php
|
|
if (isset($success)) {
|
|
?>
|
|
<div class="alert alert-success">
|
|
<?= $success ?>
|
|
</div><?php
|
|
}
|
|
|
|
if (isset($error)) {
|
|
?>
|
|
<div class="alert alert-danger">
|
|
<?= $error ?>
|
|
</div><?php
|
|
}
|
|
?>
|
|
|
|
<h2>Upload file</h2>
|
|
|
|
<form action="/" method="post" enctype="multipart/form-data">
|
|
<div>
|
|
<label for="formFile" class="form-label mt-4">Select image to upload</label>
|
|
<input class="form-control" type="file" id="formFile" name="file" required />
|
|
</div>
|
|
<div style="margin-top: 10px;">
|
|
<button type="submit" class="btn btn-primary">Perform upload</button>
|
|
</div>
|
|
</form>
|
|
|
|
<?php
|
|
if (is_dir(UPLOAD_DIR)) {
|
|
?>
|
|
<h2 style="margin-top: 50px;">Your files</h2>
|
|
<ul>
|
|
<?php
|
|
foreach (scandir(UPLOAD_DIR) as $f) {
|
|
if ($f === "." or $f === "..")
|
|
continue;
|
|
echo "<li><a href='uploads/" . $_SESSION['id'] . "/$f' target='_blank'>" . $f . "</a></li>";
|
|
}
|
|
?>
|
|
</ul><?php
|
|
}
|
|
?>
|
|
</main>
|
|
</body>
|
|
|
|
</html>
|