Does anyone know of any tutorials which take you though a step by step process on making a filesharing script I found lots of how to make file uploaders but none of them return a link for other people to download the stuff uploaded.
be great if someone could hit me back with some sort of tutorial for this
thank
Literally all you need is a hyperlink
<?php
//where
$url = "http://www.theurlineed.com";
$myuploadfolder = "/var/www/html/mydir/uploaddir";
if (is_dir($myuploadfolder)) foreach (scandir($myuploadfolder) as $file){
if ($file!="." || $file!=".."){
echo "<p>".$file."</p>\n";
}
}
?>
Almost certainly the issue is actually understanding for yourself the $url and the $myuploadfolder bit at the top. i.e. how to get from "serverland" to "url-land" and no-one can do that for you you have to suck it and see what works.
Related
I know this question has been asked millions of times, but please actually take the time to understand my problem before marking as duplicate or closing.
So I am using the following code. For some reason it gets all of the correct header information the first time I run the code EXCEPT for content-length. The second time I run the code it actually gets it correctly. I am retrieving the images from Facebook API if that changes anything.
function remote_filesize($url) {
$data = get_headers($url, 1);
if(isset($data['Content-Length'])) {
return (int) $data['Content-Length'];
}
else {
return -1;
}
}
Edit
Gotta love when you get downvoted with no explanation. Personally I think it should be required to provide a reason.
Anyway, this is still an issue, but in case anyone googling this needs a solution for getting the remote filesize, I would suggest using this awesome snippet from the PHP docs http://php.net/manual/en/function.filesize.php#114952
Sounds like a server caching issue.
So you may have to issue a full GET request instead of just a HEAD request.
Also, maybe check different casing -- 'content-length:' -- lowercase.
I have been struggling with a couple of strange issues in my free time project I'm workig on. It's my first "big" PHP / JS project, and to be honest I'm using ajax for the first time so I might be just missing something.
Anyways, here how it is. I'm programming a very simple invoicing system using PHP and jQuery technologies with mPDF library to generate an PDF file from HTML/CSS. I'm using mainly Session variables inside the template that gets sent to mPDF to generate an PDF invoice.
Issue I'm experiencing is on Chrome for Android, tested on latest version on OnePlus One. The Session variables are not showing in the PDF itself. I think it worked like once or twice totally at random. My friend with Android device and Google Chrome also confirms same issue.
test.php:
<?php
session_start();
error_reporting(E_ALL);
if (!isset($_SESSION['GLO_IS_LOGGED_IN'])) {
header("Location: index.php");
exit;
}
include('libs/mPDF/mpdf.php');
ob_start();
include('protected/templates/template.php');
$data = ob_get_clean();
$mpdf = new mPDF();
$mpdf->WriteHTML($data);
$mpdf->Output('protected/invoices/Faktura ' . date('j-m-Y-H-i-s') . '.pdf');
$mpdf->Output('Faktura ' . date('j-m-Y-H-i-s') . '.pdf', 'D');
unset($_SESSION['VAR_DESCRIPTION_ARRAY']);
unset($_SESSION['VAR_AMOUNT_ARRAY']);
unset($_SESSION['VAR_PRICE_ARRAY']);
unset($_SESSION['VAR_TO_ADDRESS']);
unset($_SESSION['VAR_INVOICE_NUMBER']);
Here is generateInvoice.php file that you might have noticed in the invoice-script.js:
<?php
session_start();
error_reporting(E_ALL);
if (!isset($_SESSION['GLO_IS_LOGGED_IN'])) {
header("Location: index.php");
exit;
}
if (!empty($_POST['invoice-number'])) {
$_SESSION['VAR_INVOICE_NUMBER'] = trim($_POST['invoice-number']);
} else {
echo('Please add invoice number');
exit;
}
if (!empty($_POST['to-address'])) {
$_SESSION['VAR_TO_ADDRESS'] = ($_POST['to-address']);
} else {
echo('Internal Error');
exit;
}
$_SESSION['VAR_DESCRIPTION_ARRAY'] = $_POST['invoice-description'];
$_SESSION['VAR_AMOUNT_ARRAY'] = $_POST['invoice-amount'];
$_SESSION['VAR_PRICE_ARRAY'] = $_POST['invoice-price'];
I don't want to make this post very-long so I'll stop posting any code snippets here. Believe me that I have done everything I could to find out myself what's going on and it feels really bad that I cant figure it out myself and that I need to ask others for help. Anyways thanks for any feedback and help. Cheers!
'invoice-form' doesn't contain any fields - the input tags should be within the form
Ok people, I think I have found a solution for this.
Commenting away all of the unset methods at the end in test.php solved the Chrome for Android issue.
I don't understand why this was happening in the first place. Why were the session variables unset BEFORE the invoice was generated? They shouldn't be, right? Or I am really missing something? I know I shouldn't ask for clarification in my own answer but I think at this point I really need to.
Cheers and thanks to IanMcL for solving my Edge issue!
I need to take all the files in the folder where the PHP file is, dump them together, and echo them. What is the simplest way to do it?
For example, I have the following files:
ILikeFish.txt
I like fish please bring me fish!
Well that's enough don't bring me anymore.
ILikePotatos.js
var Potatos = {yummy:true, amount:5323.6}
function potatoFunc(stuff) {
while (stuff=="cool") moreStuff();
}
Dawgz.png
Picture of a dog
Well, I want the output to be:
(.txt ignored)
var Potatos = {yummy:true, amount:5323.6}
function potatoFunc(stuff) {
while (stuff=="cool") moreStuff();
}
(Picture ignored)
How can I do it? Thanks for answering!
Also, I'm VERY basic in PHP and I know nothing, so please forgive me if this question is super dumb. Also, I AM aware of this question, but it doesn't answer how to do it!
Also, my final goal is to include all my libraries and comments using one line of
<script src="http://MySite/AllJsses.php"></script>
And again, Thanks for taking the time and answering!!!
Okay, after playing a little with google, w3schools and my genius brain I came up with the following:
<?php
$files = glob("*.js");
for ($i = 0; $i < count($files); $i++) {
echo file_get_contents($files[$i]);
}
?>
Thanks to myself and to some guy on other forums for answering this question! :D
Also, if any of you find any errors / performance issues / anything, please comment, because otherwise host gonna kill me. Thank you!
As part of a page I'd like to be able to show files available for download if they contain the GET result number ($_GET[number]). However, what I'm doing doesn't appear to be working, and I'm also not sure it's a particularly secure means of achieving it either. Here's what I'm trying so far (which doesn't display anything at all!):
foreach (glob("Files/*$_GET[number]*.*") as $filename) {
echo $filename."<br />";
}
You definatly should check $_GET["number"] if is really and only a number for security reasons.
$_GET["number"] = intval($_GET["number"]);
Sorry but too low reputation to post this as a comment..
I'm using a script, written in PHP and Jquery, that allows to scrape a static website:
<?php
if(isset($_GET['site'])){
$f = fopen($_GET['site'], 'r');
$html = '';
while (!feof($f)) {
$html .= fread($f, 24000);
}
fclose($f);
echo $html;
}
?>
The Jquery part:
$(function(){
var site = $(input).val();
$.get('proxy.php', { site:site }, function(data){
$('#myDiv').append(data);
}, 'html');
});
As you can see the website that needs to be scraped has to be value in input. I want to give my visitors the ability to set there own website to be scraped.
The problem is that I cant figure out how to secure the PHP part. As I understand the input value is a big security risk because anything can be sent with value. I already experienced slow performance and several 'pc crashes' working with this code. Im not sure if the crashes are related but they only happen when I work on the code.
Anyway I would really like to know how to validate the value(from input) sent to my server, only REAL urls should be aloud. I googled for days but I cant figure it out (new at PHP)
ps If you spot any other security risks please let me know..
I think your main security issue, is that you're using fopen to read the content of the url, if the user wants to read a file in your system, then he has to send the path to that file and if the script has enough permissions, then they'll be able to access the content of your hard drive.
I would recommend using other methods like Curl or at least, validating the user input to make sure that it's a valid url, for this, I would check out some regular expressions
Good luck with your code!
Edit on validation
Here is a little example of what I meant by validation.
<?php
if(isset($_GET['site'])){
if(validURL($_GET['site']) {
$f = fopen($_GET['site'], 'r');
$html = '';
while (!feof($f)) {
$html .= fread($f, 24000);
}
fclose($f);
echo $html;
} else {
echo "Invalid URL, please enter a valid web url (i.e: http://www.google.com)";
}
}
function validURL($url){
//here goes your validation code, returns true if the url is valid
}
?>
But if you're too new to understand this, I would suggest going for simpler examples, since this is pretty basic logic.
Its so sad that you could not find anything on the internet about this topic. Its a common thing. Please refer the links below. It may be of help.
PHP validate input alphanumeric plus a few symbols
http://phpmaster.com/input-validation-using-filter-functions/