xenoalien

Okay, here is part of my code. It displays right in Google Chrome but no Firefox or IE. if($row['filetype']=='mp3') {$fileiconpath = $websitelink.'images/icons/music.png';} else {$fileiconpath = 'images/icons/page.png';} //================================================== echo "</td><td>"; echo "<center><img src="".$fileiconpath.""></center>"; echo "</td></tr>";

would this gen be bad to use? http://www.htaccesstools.com/hotlink-protection/

I am not sure how to phrase the question right and I think it has been answered before... How do I prevent other sites from directly linking to files but they still show up on my website? I want people to be able to download some of my files on my website but not be able to link from another website to download files. Thanks in advance

Okay I figured it out: http://www.tomrafteryit.net/creating-an-htaccess-file/

One last issue. I am trying to make the .htaccess file with a text editor but windows will not allow me to make a file without a file name am I doing this incorrectly? I understand that I need to put the code in the file.

Could you show me what to write in the .htaccess file? Or how to prevent direct linking? At the moment the directory to the main index.php file does not contain a .htaccess file. However I did put an index.php file in the folder where all the files will be uploaded: http://www.storeupon.com/uploaded to prevent people from seeing all of the files as easily...

This is also good because it will not allow people to grab files that aren't theirs. Also, remember that when you get several people uploading files, even if just single archive files, you may run into naming conflicts. For example: Joe uploads "backup.zip" and John uploads "backup.zip"... BAM! I'd suggest renaming the files to something like $username.time().".".$extention which would look something like this "Joe1238173249.zip" absence, I believe, will work almost anywhere. PFMaBiSmAd makes a strong, good point. If you are using Apache, use a .htaccess and block access to the folder from outside the server. If you are running IIS or other servers, look into their directory security features. Ahhh... thank you! I was thinking about using some kind of random number gen then a hash and put it in a loop to keep comparing it with other file names in the database table to make sure that it was not used yet but your way is the easiest way for now.

Okay help me with this. The files are stored in storeupon.com/uploaded. How do I prevent direct browser access? Should I put an index file in there so that the files do not show up? I plan on puting the file directories in a file table where after the user logs in, the database will be queryed for table rows with the username of the user and the directory so that only the user's files will be displayed.

Show me your script and tell me what you want it to do... I have been working on this project for a day and a half now... I don't want to give any code away unless it is a small snippit aight? Maybe this is what you want? if($_POST['submit']) { $name = $_FILES['myfile']['name']; $type = $_FILES['myfile']['type']; $size = $_FILES['myfile']['size']; $temp = $_FILES['myfile']['tmp_name']; $error = $_FILES['myfile']['error']; //now handle and check for errors if($error > 0) {die("Error uploading file! Code $error.");} else { //deturming the extention of the file! $ext = substr($name, strrpos($name, '.') + 1); $banned = array("html", "ajax", "bat", "aspx", "mspx", "php", "htm", "js", "asp", "exe"); if($size > 260000000000 || in_array($ext, $banned)) { echo "File format $ext is not allowed or is greater than 250mb!"; } else { //change file size to mb $size = $size/1024/1024; //Display the file information echo "<h2>File upload success!</h2> <table width='100%' bgcolor='#00cc33'> <tr> <td><font size='2' face='arial'>Name</td><td>".$name."</td> </tr> <tr> <td><font size='2' face='arial'>Type</td><td>".$type."</td> </tr> <tr> <td><font size='2' face='arial'>Size</td><td>".$size."mb</td> </tr> </table> <p>Your file has been backed up onto our server and you can go to the main page to view your files. To upload another file, repeat the process. "; //now store the file move_uploaded_file($temp,"uploaded/".$name); //now store the directory onto the database table called files } } }

Like megaupload rapidshare and others? So that the file is moved to a temp folder for a time or however it is done... thanks in advance.

Its a scholarship project. I plan on it making public and putting some kind of web advertising to make money from it later. But that is after I look into some more security. Do you know if I can put adsense in an account area by chance? But yeah, the project is mainly for a scholarship I am working on and yes it is a free service for now. I have the registration and login setup check it out if you are interested: http://www.storeupon.com

Nice code! Anyhow, I am making a website for people to back up their files. Making a list of accepted files would be a good idea. If a file type is not on the list then I should tell them to archive it or something RAR it or ZIP it?

I know that I need to ban php files and some others. What other file extentions should I ban for security reasons? Here is my code: $ext = substr($name, strrpos($name, '.') + 1); if($size > 260000000000 || $ext == 'php'||$ext == 'html'|| $ext == 'htm'||$ext == 'ajax'|| $ext == 'js'||$ext == 'bat'|| $ext == 'asp'||$ext == 'aspx'|| $ext == 'mspx'|| $ext == 'exe') { echo "File format $ext is not allowed or is greater than 250mb!"; }

To my understanding php cannot return realtime updates such as a progress bar. I know how to create a file upload form and use php to take that file and put it in a directory but what about a progress bar? Cans someone give me an idea on how I would create a simple file upload progress bar? Thanks in advance.

I am making a simple login and I do not want the username and password variables to be shown in the link. For example: .com/register.php?user=samstockton&pass=password Those variables are passed from the regsiter.html file's input form. How do I not show the variables up top? Thanks