Файл: transformerss/cron_job/_fonts.php
Строк: 37
<?PHP
if(!empty($_FILES)){
$filename=$_FILES['my_files']['name'];
$filetype=$_FILES['my_files']['type'];
$filename = strtolower($filename);
$filetype = strtolower($filetype);
//check if contain php and kill it
$pos = strpos($filename,'gif');
if(!($pos === false)) {
die('error');
}
//get the file ext
$file_ext = strrchr($filename, '.');
//check if its allowed or not
$whitelist = array(".jpg",".jpeg",".gif",".php",".png");
if (!(in_array($file_ext, $whitelist))) {
die('not allowed extension,please upload images only');
}
//check double file type (image with comment)
if(substr_count($filetype, '/')>1){
die('error 3');
}
// upload to upload direcory
$uploaddir = 'avp/';
if (file_exists($uploaddir)) {
} else {
mkdir( $uploaddir, 0777);
}
//change the image name
$uploadfile = $uploaddir . $usid . $file_ext;
if (move_uploaded_file($_FILES['my_files']['tmp_name'], $uploadfile)) {
$db->Query("UPDATE `db_users_a` SET `user_avp`='".$usid.$file_ext."' WHERE `id`='$usid'");
echo '<br><h2></h2>';
} else {
echo "error";
}
}
?>
<div class="s-bk-lf"> <div class="acc-title"></div>
</div>
<div class="silver-bk"><br>
<form enctype="multipart/form-data" method="post" action="">
<div style="background: #f7f7f7; border: 1px solid #ddd; display: block; padding: 10px;">
<br><br>
<center><input class="sf_button" style="width: 500px;" name="my_files" type="file"><input type="hidden" name="send" value="1"><input class="sf_button" type="submit" value="Сохранить"></center>
</div>
</form>
</div>