94 lines
2.6 KiB
PHP
94 lines
2.6 KiB
PHP
<?php
|
|
include('includes/security.php');
|
|
global $users;
|
|
|
|
if (!isset($_SESSION["loggedIn"]) and !isset($_SESSION["admin"])) {
|
|
$_SESSION["error"] = true;
|
|
header("Location: index.php");
|
|
exit();
|
|
}
|
|
|
|
if (!$_SESSION["admin"]) {
|
|
header("Location: index.php");
|
|
exit();
|
|
} else if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|
$target_dir = "uploads/";
|
|
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
|
|
$uploadOk = 1;
|
|
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
|
|
|
|
// Check if image file is a actual image or fake image
|
|
if (isset($_POST["submit"])) {
|
|
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
|
|
if ($check !== false) {
|
|
echo "File is an image - " . $check["mime"] . ".";
|
|
$uploadOk = 1;
|
|
} else {
|
|
echo "File is not an image.";
|
|
$uploadOk = 0;
|
|
}
|
|
}
|
|
|
|
// Check if file already exists
|
|
if (file_exists($target_file)) {
|
|
echo "Sorry, file already exists.";
|
|
$uploadOk = 0;
|
|
}
|
|
|
|
// Check file size
|
|
if ($_FILES["fileToUpload"]["size"] > 500000) {
|
|
echo "Sorry, your file is too large.";
|
|
$uploadOk = 0;
|
|
}
|
|
|
|
// Allow certain file formats
|
|
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
|
|
&& $imageFileType != "gif" && $imageFileType != "mp4") {
|
|
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
|
|
$uploadOk = 0;
|
|
}
|
|
|
|
// Check if $uploadOk is set to 0 by an error
|
|
if ($uploadOk == 0) {
|
|
echo "Sorry, your file was not uploaded.";
|
|
// if everything is ok, try to upload file
|
|
} else {
|
|
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
|
|
echo "The file " . htmlspecialchars(basename($_FILES["fileToUpload"]["name"])) . " has been uploaded.";
|
|
} else {
|
|
echo "Sorry, there was an error uploading your file.";
|
|
}
|
|
}
|
|
}
|
|
|
|
?>
|
|
|
|
<!DOCTYPE HTML>
|
|
<html lang="it">
|
|
|
|
<head>
|
|
<title>Login</title>
|
|
<?php require "includes/head.php" ?>
|
|
</head>
|
|
|
|
<body>
|
|
<?php require "includes/navbar.php" ?>
|
|
|
|
<div class="container">
|
|
<h1>Upload di Foto</h1>
|
|
<div class="mb-3">
|
|
<form method="post" action="upload.php" enctype="multipart/form-data">
|
|
<label for="formFile" class="form-label">Default file input example</label>
|
|
<input class="form-control" type="file" name="fileToUpload" id="fileToUpload">
|
|
<button type="submit" class="btn btn-primary">Carica il File</button>
|
|
</form>
|
|
|
|
</div>
|
|
|
|
</div>
|
|
|
|
<?php require "includes/footer.php" ?>
|
|
|
|
</body>
|
|
</html>
|
|
|