want to make Email compulsory to upload files

[bkaushik]

I want to make Email input compulsory to upload files on server.

It may be helpful if you make a SMTP email sender for this system, cause PHP mail function not works with goDaddy hosting.

Best Regards:
Bharat Kaushik
Trinity Touch

[SamEA]

I want to make Email input compulsory to upload files on server.

It may be helpful if you make a SMTP email sender for this system, cause PHP mail function not works with goDaddy hosting.

Best Regards:
Bharat Kaushik
Trinity Touch

This post has been moved to Feature Requests as your post does not fit into the category "Hacks and Mods".

Is there a reason you want email to be compulsory?

Your smtp request will be taken into consideration for our future versions.

[bkaushik]

I want to make Email compulsory cause I want it to use only for my company's employees.

So if also any of our customer uploads any file then we would able to know who had uploaded this file on server.

[PeterS]

I want to make Email compulsory cause I want it to use only for my company's employees.

So if also any of our customer uploads any file then we would able to know who had uploaded this file on server.

But isn't that what IP Logging does? You could view the file's IP to find out who from your company uploaded the file. Relying on the e-mail address to provide you with who uploaded the file is a bad idea unless you have a user management system where the e-mail address is already entered as readonly, because the employee could just fake his/her e-mail address :S. Regardless, if you still want e-mail to be compulsory, you'll require a MOD for that.

[bkaushik]

I want to make Email compulsory cause I want it to use only for my company's employees.

So if also any of our customer uploads any file then we would able to know who had uploaded this file on server.

But isn't that what IP Logging does? You could view the file's IP to find out who from your company uploaded the file. Relying on the e-mail address to provide you with who uploaded the file is a bad idea unless you have a user management system where the e-mail address is already entered as readonly, because the employee could just fake his/her e-mail address :S. Regardless, if you still want e-mail to be compulsory, you'll require a MOD for that.

I understand that one can enter fake email, but I have to give them links and password info after they upload the file on server, thats I can filter using their email address that what link I have to provide them.

This would be only internal system, so we does'nt require much security. IP address of internet in whole company is same as we had bought a static IP address.

[PeterS]

I want to make Email compulsory cause I want it to use only for my company's employees.

So if also any of our customer uploads any file then we would able to know who had uploaded this file on server.

But isn't that what IP Logging does? You could view the file's IP to find out who from your company uploaded the file. Relying on the e-mail address to provide you with who uploaded the file is a bad idea unless you have a user management system where the e-mail address is already entered as readonly, because the employee could just fake his/her e-mail address :S. Regardless, if you still want e-mail to be compulsory, you'll require a MOD for that.

I understand that one can enter fake email, but I have to give them links and password info after they upload the file on server, thats I can filter using their email address that what link I have to provide them.

This would be only internal system, so we does'nt require much security. IP address of internet in whole company is same as we had bought a static IP address.

Yes I understand, but if DFH was accessed locally within the company, the private IPs of the network will be logged and not the public static IP used for accessing the Internet outside the company.

I'll make the MOD for you hopefully later tonight if you still need it .

[wrenchca]

Has there been any work on this mod? I look after a wesite with about 300 active members and we are looking for a system to allow members to upload files to management without having to resort to FTP. My biggest concern is in regards to someone not registered uploading files that could be of illegal content. If our site were found to have pirated software or illegal p**n, we could be faced with losing our hosting and possible charges. Being able to say here is the IP address of who uploaded is fine but how many internet cafes are there?

I think it would be great if there was a way to make it mandatory to register with your email address and if it could be selected to have manual approval for new registrations. Just look at your forum here, you have to register before you can post. Imagine what kinds of crap your forum would be flooded with if you didn't have registrations. I know, I looked after a forum where we left one sub forum unlocked for visitors. After a week deleting posts from p**n sites and viagra, we locked it.

Thanks,
Chuck
Canada

[SamEA]

Open ./pages/upload.php and replace all with the following:

Code: Select all

<?php
///////////////////////////////////////////////////////////////////////////
//  Product: Daddy's File Host               
//  Version: 1.2                       
//                        
// by DaddyScripts.com                  
//                               
// original source code by Jim (j-fx.ws) and Steven (galaxyscripts.com)
//////////////////////////////////////////////////////////////////////////

require_once("./config.php");

if(in_array($language, $LANGUAGE_LIST)) {
  include('./lang/'.$language.'.php');
} else {
  include('./lang/'.$LANGUAGE_LIST[0].'.php');
}
if(isset($_SESSION['user'])){
include ('./styles/'.$style.'/file_upload_form.php');
}else{
?>
<center><div class="notices"><img src="./img/note.png">Only registered users are allowed to upload using our file management system. Thank you.</div><p></center>
<?
}
?>

Also, open ./upload.php and replace all with the following:

Code: Select all

<?php
///////////////////////////////////////////////////////////////////////////
//  Product: Daddy's File Host               
//  Version: 1.2                       
//                        
// by DaddyScripts.com                  
//                               
// original source code by Jim (j-fx.ws) and Steven (galaxyscripts.com)
//////////////////////////////////////////////////////////////////////////

if (isset($_POST['usercheck']) && isset($_POST['passcheck'])){
if (is_file('./users/' .$_POST['usercheck'] .'.dfh')){
   $fop =  fopen('./users/' .$_POST['usercheck'] .'.dfh', 'r');

    $uscontent = fread($fop, '999');
    fclose($fop);
   $uscontent = explode("|", $uscontent);
      if($_POST['passcheck'] == $uscontent[2] || $_POST['passcheck'] == $adminpass) {
      $_SESSION['user'] = $_POST['usercheck'];
      $maxfilesize = $content[32];
      }
}
}

if(!isset($_SESSION['user'])){
header('Location: index.php');
die();
}

require_once("./config.php");
include("./header.php");
if(in_array($language, $LANGUAGE_LIST)) {
  include('./lang/'.$language.'.php');
} else {
  include('./lang/'.$LANGUAGE_LIST[0].'.php');
}

$file_types_check = substr(strrchr($_FILES['upfile']['name'], '.'), 1);
$file_types2 = $file_types;
$file_types = explode("*.", $file_types);
$i_file = count($file_types);
$i = 0;
$ii = 0;
$iii = 0;

while($i<=$i_file)
  {
$file_types[$ii] = str_replace(";",'',"$file_types[$ii]");
$file_types[$ii] = str_replace(" ",'',"$file_types[$ii]");
  if ($file_types[$ii] == $file_types_check) {
  $iii++;
  }
  $i++;
  $ii++;
  }

if ($iii > 0 || $file_types2 == "*") {

$junk = array('.' , ',' , '/' , '\\' , '`' , ';' , '[' , ']' , '-', "'", '*', '&', '^', '%', '$', '@', '!', '~', '+', '(', ')', '|', '{', '}', ' ', '?', ':', '"', '=', "<", ">", " &");
$multi = array('__', '___', '____', '_____', '______');

$filename = $_FILES['upfile']['name'];
$filename = str_replace("'",'',"$filename");
$filename = str_replace("&",'_',"$filename");
$filename = str_replace("!",'_',"$filename");
$filename = str_replace("@",'_',"$filename");
$filename = str_replace("#",'_',"$filename");
$filename = str_replace("$",'_',"$filename");
$filename = str_replace("%",'_',"$filename");
$filename = str_replace("^",'_',"$filename");
$filename = str_replace("*",'_',"$filename");
$filename = str_replace("(",'_',"$filename");
$filename = str_replace(")",'_',"$filename");
$filename = str_replace("-",'_',"$filename");
$filename = str_replace("+",'_',"$filename");
$filename = str_replace("=",'_',"$filename");
$filename = str_replace("|",'_',"$filename");
$filename = str_replace(" ",'',"$filename");
$filename = stripslashes("$filename");
$filesize = $_FILES['upfile']['size'];
$fancyurl=rand('1','999');
$rand2=("$fancyurl$filename");
$m=$shourturl;
if ($m=="true")
  $short= "";
else
  $short= "download.php?file=";

$bans=file("./secure/bans.dfh");
foreach($bans as $line)
{
  if ($line==$rand2."\n"){
?> <center>
<?
    echo "$lang[noallow]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
    include("./footer.php");
    die();
  }
  if ($line==$_SERVER['REMOTE_ADDR']."\n"){
?><center>
   <? echo "$lang[nallow]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
    include("./footer.php");
    die();
  }
}

if(isset($categorylist)){
$validcat = 0;
foreach($categories as $cat) {
  if($_POST['category']==$cat || $_POST['category'] = ""){ $validcat = 1; }
}
if($validcat==0) {
?><center><?
   echo "$lang[icat]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
   include("./footer.php");
   die();
}
$cat = $_POST['category'];
} else { $cat = ""; }

if($filesize==0) {
?>
<script type="text/javascript">
<!--
window.location = "./index.php?error=nofile"
//-->
</script>
<?
echo "$lang[dpick]";
?>
</center></td></tr></table><p style="margin:3px;text-align:center"><?
die();
}

$filesize = $filesize / 1048576;

if($filesize > $maxfilesize) {
?>

<script type="text/javascript">
<!--
window.location = "./index.php?error=too_large"
//-->
</script>
<?
echo "$lang[tlarge]";
?></center></td></tr></table><p style="margin:3px;text-align:center"><?
include("./footer.php");
die();
}

$userip = $_SERVER['REMOTE_ADDR'];
$time = time();

if($filesize > $nolimitsize)
{
$newfile = "./uploader/".$userip.".dfh";
$f=fopen($newfile, "w");
fwrite ($f,$userip."|".$time."|");
fclose($f);
chmod($newfile,0777);
}

$passkey = rand(100000, 999999);

if($emailoption && isset($_POST['myemail']) && $_POST['myemail']!="") {
$rand2 = urlencode($rand2);
$uploadmsg = "$lang[ufile] (".$filename.") $lang[wup].\n  ". $lang[udownfile] . ":" . $scripturl . "$short" . $rand2 . "\n ". $lang[udeletefile] . ":" . $scripturl . "$short" . $rand2 . "&del=" . $passkey . "&ignore=" . "\n $lang[thank]";
mail($_POST['myemail'],"Your Uploaded File",$uploadmsg,"From: ". $email ."\n");
$rand2 = urldecode($rand2);
}

if($passwordoption && isset($_POST['pprotect'])) {
  $passwerd = md5($_POST['pprotect']);
} else { $passwerd = md5(""); }

if($descriptionoption && isset($_POST['descr'])) {
  $description = strip_tags($_POST['descr']);
} else { $description = ""; }

if (isset($_SESSION['user'])) {
emailcheck();
if($ucontent[5] == "true" || $_SESSION['emailactcheck'] == "ok" || $_SESSION['user'] == "admin"){
$_SESSION['emailactcheck'] = "ok";
}
}
$filelist = fopen("./files/".$rand2.".dfh","w");
fwrite($filelist, $rand2 ."|". $filename ."|". $passkey ."|". $userip ."|". $time."|0|".$description."|".$passwerd."|".$cat."|".$_POST['pprotect'] ."|" .$_SESSION['user'] ."|\n");
if (isset($_SESSION['user'])) {
      emailcheck();
      if($ucontent[5] == "true" || $_SESSION['emailactcheck'] == "ok" || $_SESSION['user'] == "admin"){
      $_SESSION['emailactcheck'] = "ok";
      $direname = "./userfiles/files/" .$_SESSION['user'] ."/";
      if(is_dir($direname)){
      }else{
      mkdir($direname, 0777, true);
      }
      $filelist2 = fopen("./userfiles/files/" .$_SESSION['user'] ."/" .$rand2.".dfh","w");
      fwrite($filelist2, "");
      }
}
$movefile = "./storage/" . $rand2;
move_uploaded_file($_FILES['upfile']['tmp_name'], $movefile);
?>

<?php if ($_GET['method'] == "flash") {?><center><table style="margin-top:0px;width:auto;height:auto;"><tr><td style="border:1px #AAAAAA solid;height:100%;background-color:#FFFFFF;padding:20px;text-align:left;" valign=top><? } ?>

<?php
include ('./styles/'.$style.'/file_uploaded.php');
if ($_GET['method'] == "flash") {?></td></tr></table><?php } ?><p style="margin:3px;text-align:center">
<?
} else {
?>
<center>
<?php
echo $lang[itype];
?>
<script type="text/javascript">
<!--
window.location = "./index.php?error=invalid_filetype"
//-->
</script>
</center></td></tr></table><p style="margin:3px;text-align:center">
<?
}
include("./footer.php");
?>
  </td></tr></table></center>

Let me know if it works for you.

[saboor]

I wish I could get any uploaded to work, every time I upload any file, I get error 500, it's vps hosting and I have access to php.ini and apache file, I have increased file/post size, memory limit, execution times etc, and still I can't upload anything over a hundred or so kb's. Any ideas?

[SamEA]

Please open a new topic as your query seems irrelevant to this one. Moreover, before posting have a look at: viewtopic.php?f=33&t=896&p=4111&hilit=phpinfo

Thanks,