Jump to content

Upload.php - not good with php and i'm getting syntax problems


morbidchimp

Recommended Posts

Hi all. I'm not great with php and I'm trying to use a simple upload.php file that I got online. it used to work fine but then i changed something and saved without watching what i was doing and I'm getting syntax errors around line 30.

 

Can anyone review my code and tell me where I'm going wrong?

 

Much appreciated.

 

 

 

<?php

require( "include/config.php" );

require( "include/function.php" );

require( "include/functions_upload.php" );

require( "include/settings/upload.php" );

require( "include/language/".$language."/upload.php" );

require( "include/language/".$language."/subscription.php" );

require( "include/functions_seo_name.php" );

$guest_upload = get_config( "guest_upload" );

chk_member_login( );

if ( $guest_upload != 1 && $config['enable_package'] == "yes" )

{

    check_subscriber_bandwidth( $_SESSION['UID'] );

    check_subscriber_space( $_SESSION['UID'] );

    check_subscriber_videos( $_SESSION['UID'] );

}

header( "Expires: Mon, 26 Jul 1997 05:00:00 GMT" );

header( "Last-Modified: ".gmdate( "D, d M Y H:i:s" )." GMT" );

header( "Cache-Control: no-store, no-cache, must-revalidate" );

header( "Cache-Control: post-check=0, pre-check=0", FALSE );

header( "Pragma: no-cache" );

( "use_upload_progress_bar", $use_upload_progress_bar );

( "yui_disable", "1" );

if ( $use_upload_progress_bar == 1 )

{

    require( $config['basedir']."/include/settings/uu_conlib.php" );

    $THIS_VERSION = "2.6";

    $temp_sid = generatetempsid( );

    $config_file = $default_config_file;

    $tmp_sid = md5( uniqid( mt_rand( ), true ) );

    $path_to_upload_script .= "?temp_sid=".$temp_sid;

    $path_to_ini_status_script .= "?temp_sid=".$temp_sid;

    ( "tmp_sid", $tmp_sid );

    ( "disallow_extensions", $disallow_extensions );

    ( "allow_extensions", $allow_extensions );

    ( "path_to_ini_status_script", $path_to_ini_status_script );

    ( "check_file_name_format", $check_file_name_format );

    ( "check_disallow_extensions", $check_disallow_extensions );

    ( "check_allow_extensions", $check_allow_extensions );

    ( "check_null_file_count", $check_null_file_count );

    ( "check_duplicate_file_count", $check_duplicate_file_count );

    ( "max_upload_slots", $max_upload_slots );

    ( "progress_bar_width", $progress_bar_width );

    ( "path_to_upload_script", $path_to_upload_script );

    ( "multi_upload_slots", $multi_upload_slots );

    ( "cedric_progress_bar", $cedric_progress_bar );

    ( "show_percent_complete", $show_percent_complete );

    ( "show_files_uploaded", $show_files_uploaded );

    ( "show_current_position", $show_current_position );

    ( "show_elapsed_time", $show_elapsed_time );

    ( "show_est_time_left", $show_est_time_left );

    ( "show_est_speed", $show_est_speed );

}

if ( isset( $_POST['action_upload'] ) )

{

    if ( get_magic_quotes_gpc( ) )

    {

        $_POST['video_keywords'] = stripslashes( $_POST['video_keywords'] );

        $_POST['video_title'] = stripslashes( $_POST['video_title'] );

        $_POST['video_description'] = stripslashes( $_POST['video_description'] );

    }

    $_POST['chlist'] = isset( $_POST['chlist'] ) ? $_POST['chlist'] : array( );

    $channel_arr = array( );

    foreach ( $_POST['chlist'] as $channel )

    {

        $channel = intval( $channel );

        if ( in_array( $channel, $channel_arr ) || !check_field_exists( $channel, "CHID", "channel" ) )

        {

            $channel_arr[] = $channel;

        }

    }

    $_POST['chlist'] = $channel_arr;

    if ( strlen( $_POST['video_title'] ) < 4 )

    {

        $err = $lang['title_too_short'];

    }

    else if ( strlen( $_POST['video_description'] ) < 4 )

    {

        $err = $lang['description_too_short'];

    }

    else if ( strlen( $_POST['video_keywords'] ) < 4 )

    {

        $err = $lang['tags_too_short'];

    }

    else if ( !isset( $_POST['chlist'] ) || count( $_POST['chlist'] ) < 1 || 3 < count( $_POST['chlist'] ) )

    {

        $err = $lang['channel_not_selected'];

    }

    $upload_from = isset( $_POST['upload_from'] ) ? $_POST['upload_from'] : "local";

    if ( $_POST['field_privacy'] != "public" )

    {

        $_POST['field_privacy'] = "private";

    }

    require_once( $config['basedir']."/include/classes/class.inputfilter_clean.php" );

    $myFilter = new inputfilter( );

    $_POST['video_description'] = $myFilter->process( $_POST['video_description'] );

    $_POST['video_title'] = $myFilter->process( $_POST['video_title'] );

    $_POST['video_keywords'] = $myFilter->process( $_POST['video_keywords'] );

    $_POST['video_description'] = htmlspecialchars( strip_tags( $_POST['video_description'] ), ENT_QUOTES );

    $_POST['video_title'] = htmlspecialchars( strip_tags( $_POST['video_title'] ), ENT_QUOTES );

    $_POST['video_keywords'] = htmlspecialchars( strip_tags( $_POST['video_keywords'] ), ENT_QUOTES );

    $listch = "";

    if ( isset( $_POST['chlist'] ) && 0 < count( $_POST['chlist'] ) )

    {

        $listch = implode( "|", $_POST['chlist'] );

        $listch = $myFilter->process( $listch );

    }

    $upload_id = md5( time( ) );

    $upload_info = array( );

    $upload_info['title'] = $_POST['video_title'];

    $upload_info['description'] = $_POST['video_description'];

    $upload_info['keywords'] = $_POST['video_keywords'];

    $upload_info['channels'] = $listch;

    $upload_info['field_privacy'] = $_POST['field_privacy'];

    $upload_info['adult'] = 0;

    $upload_info['type'] = $_POST['field_privacy'];

    $_SESSION["{$upload_id}"] = $upload_info;

    if ( $err == "" )

    {

        if ( $upload_from == "remote" )

        {

            $redirect_url = $config['baseurl']."/upload_remote.php?upload_id=".$upload_id;

            redirect( $redirect_url );

        }

        else

        {

            ( "upload_id", $upload_id );

            ( "secondpage", "second" );

        }

    }

}

if ( isset( $_GET['rnd_id'] ) )

{

    require( "./uu_finished_lib.php" );

    $DELETE_XML_FILE = 1;

    if ( preg_match( "/^[a-zA-Z0-9]{32}$/", $_REQUEST['temp_sid'] ) )

    {

        kak( "<font color='red'>WARNING</font>: Invalid session-id.<br>\n" );

    }

    $PARAM_DIR = $_REQUEST['param_dir'];

    $TEMP_SID = $_REQUEST['temp_sid'];

    $_XML_DATA = array( );

    $_CONFIG_DATA = array( );

    $_POST_DATA = array( );

    $_FILE_DATA = array( );

    $_FILE_DATA_TABLE = "";

    $_FILE_DATA_EMAIL = "";

    $xml_parser = new xml_parser( );

    $xml_parser->setxmlfile( $PARAM_DIR, $TEMP_SID );

    $xml_parser->setxmlfiledelete( $DELETE_XML_FILE );

    $xml_parser->parsefeed( );

    if ( $xml_parser->geterror( ) )

    {

        kak( $xml_parser->geterrormsg( ) );

    }

    $_XML_DATA = $xml_parser->getxmldata( );

    $_CONFIG_DATA = getconfigdata( $_XML_DATA );

    $_POST_DATA = getpostdata( $_XML_DATA );

    $_FILE_DATA = getfiledata( $_XML_DATA );

    ( "upload_page", "upload" );

    $upload_dir = $_CONFIG_DATA['upload_dir'];

    $upload_file_name = $_FILE_DATA[0]->name;

    $upload_file_path = $upload_dir.$upload_file_name;

    $pos = strrpos( $upload_file_name, "." );

    $upload_file_extn = strtolower( substr( $upload_file_name, $pos + 1, strlen( $upload_file_name ) - $pos ) );

    if ( in_array( $upload_file_extn, $file_types ) )

    {

        unlink( $upload_file_path );

        $err = "Invalid File format - ".$upload_file_extn;

        write_log( $err );

    }

    if ( $err == "" )

    {

        $upfile_details = "UPLOAD WITH PROGRESS BAR";

        $process_video = 1;

    }

    $upload_id = $_POST_DATA['upload_id'];

}

if ( isset( $_POST['upload_final'] ) )

{

    $upfile_details = "\nTemporary File Name :".$_FILES['field_uploadfile']['tmp_name'];

    $upfile_details .= "\nFile Size :".$_FILES['field_uploadfile']['size'];

    $upfile_details .= "\nFile Type :".$_FILES['field_uploadfile']['type'];

    $upfile_details .= "\nFile Name :".$_FILES['field_uploadfile']['name'];

    if ( is_uploaded_file( $_FILES['field_uploadfile']['tmp_name'] ) )

    {

        $err .= nl2br( $upfile_details );

        $upload_error = $_FILES['field_uploadfile']['error'];

        switch ( $_FILES['field_uploadfile']['error'] )

        {

            case 0 :

                $err = $err."<BR>".( "[ERROR: ".$upload_error."] There is no error, the file uploaded with success." );

                break;

            case 1 :

                $err = $err."<BR>".( "[ERROR: ".$upload_error."] The uploaded file exceeds the upload_max_filesize directive in php.ini" );

                break;

            case 2 :

                $err = $err."<BR>".( "[ERROR: ".$upload_error."] The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form." );

                break;

            case 3 :

                $err = $err."<BR>".( "[ERROR: ".$upload_error."] The uploaded file was only partially uploaded." );

                break;

            case 4 :

                $err = $err."<BR>".( "[ERROR: ".$upload_error."] No file was uploaded." );

                break;

            case 6 :

                $err = $err."<BR>".( "[ERROR: ".$upload_error."] Missing a temporary folder." );

                break;

            case 7 :

                $err = $err."<BR>".( "[ERROR: ".$upload_error."] Failed to write file to disk." );

                break;

            default :

                $err = $err."<BR>".( "[ERROR: ".$upload_error."] There was a problem with your upload." );

        }

    }

    if ( $err == "" )

    {

        $upload_file_name = $_FILES['field_uploadfile']['name'];

        $pos = strrpos( $upload_file_name, "." );

        $upload_file_extn = strtolower( substr( $upload_file_name, $pos + 1, strlen( $upload_file_name ) - $pos ) );

        $upfile_no_extn = basename( $upload_file_name, ".".$upload_file_extn );

        $upfile_no_extn = ereg_replace( "[&$#]+", " ", $upfile_no_extn );

        $upfile_no_extn = ereg_replace( "[ ]+", "-", $upfile_no_extn );

        $upload_file_path = $config['basedir']."/video/".$upfile_no_extn.".".$upload_file_extn;

        $i = 0;

        while ( file_exists( $upload_file_path ) )

        {

            ++$i;

            $upload_file_name = $upfile_no_extn."_".$i.".".$upload_file_extn;

            $upload_file_path = $config['basedir']."/video/".$upload_file_name;

        }

        if ( move_uploaded_file( $_FILES['field_uploadfile']['tmp_name'], $upload_file_path ) )

        {

            if ( in_array( $upload_file_extn, $file_types ) )

            {

                unlink( $upload_file_path );

                $err = "Invalid File format - ".$upload_file_extn;

                write_log( $err );

            }

        }

        else

        {

            $err = "Error in moving file, check permission of video folder";

            write_log( $err );

        }

    }

    else

    {

        write_log( $err );

    }

    if ( $err == "" )

    {

        $process_video = 1;

    }

    $upload_id = $_POST['upload_id'];

}

if ( isset( $process_video ) && $process_video == 1 )

{

    $video_title = $_SESSION["{$upload_id}"]['title'];

    $video_descr = $_SESSION["{$upload_id}"]['description'];

    $video_keywords = $_SESSION["{$upload_id}"]['keywords'];

    $video_channels = $_SESSION["{$upload_id}"]['channels'];

    $video_privacy = $_SESSION["{$upload_id}"]['field_privacy'];

    $upload_file_size = filesize( $upload_file_path );

    $upload_file_size = round( $upload_file_size / 1048576 );

    if ( get_config( "guest_upload" ) == 1 && !isset( $_SESSION['USERNAME'] ) )

    {

        $username = get_config( "guest_upload_user" );

    }

    else

    {

        $username = $_SESSION['USERNAME'];

    }

    $sql = "INSERT INTO `process_queue` SET\n\t\tfile='".$upload_file_name."',\n\t\ttitle ='".quote_smart( $video_title )."',\n\t\tdescription='".quote_smart( $video_descr )."',\n\t\tkeywords='".quote_smart( $video_keywords ).( "',\n\t\tchannels='".$video_channels."',\n\t\ttype='{$video_privacy}',\n\t\tuser='{$username}',\n\t\tuser_ip='{$_SERVER['REMOTE_ADDR']}',\n\t\tstatus=2" );

    if ( !( $result = mysql_query( $sql ) ) )

    {

    }

    $qid = mysql_insert_id( );

    $process_upload = get_config( "process_upload" );

    write_log( "Upload Finished" );

    if ( $process_upload == 0 )

    {

        write_log( "Batch Processing" );

    }

    else if ( $process_upload == 1 )

    {

        $video_id = process_video( $qid, 0 );

        write_log( "Calling process_video[".$qid.",0]" );

    }

    else

    {

        $php_path = get_config( "php_path" );

        $cmd_bkgnd = "{$php_path} -q {$config['basedir']}/convert.php {$qid} > /dev/null &";

        write_log( "Running: ".$cmd_bkgnd );

        exec( $cmd_bkgnd );

    }

    $redirect_url = $config['baseurl']."/upload_success.php?id=".$qid."&upload_id=".$upload_id;

    redirect( $redirect_url );

}

( "err", $err );

( "msg", $msg );

( "header.tpl" );

( "error.tpl" );

( "upload.tpl" );

( "footer.tpl" );

db_close( );

?>

 

Link to comment
Share on other sites

All of the following lines are not php code. They are either missing part of an instruction or they were copy/pasted from somewhere that has nothing to do with php -

 

    ( "tmp_sid", $tmp_sid );
    ( "disallow_extensions", $disallow_extensions );
    ( "allow_extensions", $allow_extensions );
    ( "path_to_ini_status_script", $path_to_ini_status_script );
    ( "check_file_name_format", $check_file_name_format );
    ( "check_disallow_extensions", $check_disallow_extensions );
    ( "check_allow_extensions", $check_allow_extensions );
    ( "check_null_file_count", $check_null_file_count );
    ( "check_duplicate_file_count", $check_duplicate_file_count );
    ( "max_upload_slots", $max_upload_slots );
    ( "progress_bar_width", $progress_bar_width );
    ( "path_to_upload_script", $path_to_upload_script );
    ( "multi_upload_slots", $multi_upload_slots );
    ( "cedric_progress_bar", $cedric_progress_bar );
    ( "show_percent_complete", $show_percent_complete );
    ( "show_files_uploaded", $show_files_uploaded );
    ( "show_current_position", $show_current_position );
    ( "show_elapsed_time", $show_elapsed_time );
    ( "show_est_time_left", $show_est_time_left );
    ( "show_est_speed", $show_est_speed );

Link to comment
Share on other sites

cheers mate. much appreciated.

 

Gonna have to take the time out to actually learn a bit of php I guess, no quick dirty way to do it and using code off the net i dont fully understand is proving more trouble than its worth.

 

Thanks for the reply, you just confirmed what I already knew - time to learn php /sigh. another langauge, grrrr.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.