Project

General

Profile

« Previous | Next » 

Revision 1457

Added by Dietmar over 13 years ago

Preparing 2.8.2 stable, last tests

View differences:

upload.php
16 16
 *
17 17
 */
18 18

  
19
// Target location
20
if(!isset($_POST['target']) OR $_POST['target'] == '') {
21
	header("Location: index.php");
22
	exit(0);
23
} else {
24
	$target = $_POST['target'];
25
}
26

  
27 19
// Print admin header
28 20
require('../../config.php');
29 21
include_once('resize_img.php');
......
31 23

  
32 24
require_once(WB_PATH.'/framework/class.admin.php');
33 25
require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');	// Required to unzip file.
34
$admin = new admin('Media', 'media_upload');
26
// suppress to print the header, so no new FTAN will be set
27
$admin = new admin('Media', 'media_upload', false);
35 28

  
36
if (!$admin->checkFTAN())
29
if( !$admin->checkFTAN() )
37 30
{
38
	$admin->print_error('UP5::'.$MESSAGE['GENERIC_SECURITY_ACCESS']);
39
	exit();
31
	$admin->print_header();
32
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] );
40 33
}
34
// After check print the header
35
$admin->print_header();
41 36

  
37
// Target location
38
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
39
$target = (isset(${$requestMethod}['target'])) ? ${$requestMethod}['target'] : '';
40

  
42 41
// Include the WB functions file
43 42
require_once(WB_PATH.'/framework/functions.php');
44 43

  
45 44
// Check to see if target contains ../
46 45
if (!check_media_path($target, false))
47 46
{
48
	$admin->print_error('TD5::'.$MESSAGE['MEDIA']['TARGET_DOT_DOT_SLASH']);
47
	$admin->print_error($MESSAGE['MEDIA']['TARGET_DOT_DOT_SLASH'] );
49 48
}
50 49

  
51 50
// Create relative path of the target location for the file
......
68 67
}
69 68
$file_extensions=explode(",",$file_extension_string);
70 69

  
71

  
72 70
// Loop through the files
73 71
$good_uploads = 0;
74 72
for($count = 1; $count <= 10; $count++) {
......
139 137
}
140 138

  
141 139
if($good_uploads == 1) {
142
	$admin->print_success($good_uploads.' '.$MESSAGE['MEDIA']['SINGLE_UPLOADED']);
140
	$admin->print_success($good_uploads.' '.$MESSAGE['MEDIA']['SINGLE_UPLOADED'] );
143 141
	if (isset($_POST['delzip'])) {
144 142
		unlink($filename1);
145 143
	}
146 144
} else {
147
	$admin->print_success($good_uploads.' '.$MESSAGE['MEDIA']['UPLOADED']);
145
	$admin->print_success($good_uploads.' '.$MESSAGE['MEDIA']['UPLOADED'] );
148 146
}
149 147

  
150 148
// Print admin 
151 149
$admin->print_footer();
152

  
153
?>

Also available in: Unified diff