$ufilename $NotAllowed"; else { $uferr = $_FILES['userfile']['error']; if ($uferr > 0) exit ("[Upload error $uferr for $ufilename] "); $newname = okname($ufilename); $target = "$fspath/$newname"; $webname = $webpath ? "$webpath/$newname" : $newname; if (file_exists($target)) @cp($target,"$target.bak"); //Note, previous version silently backed up if (!@move_uploaded_file($ufile, $target)) exit ("[Failed to move upload $ufilename to $webname]"); else exit(' '.$webname.' '); } } else echo '' ; if ($upload_allowed) { //UPLOAD FORM ?>

"; if ($webname) echo "$webname
";?>


+"; foreach ($files as $filename) { if ($filename == '.'){ //current directory $dlist .= "$webpath
\n"; } else if ($filename == '..') { //parent directory if($webpath && $webpath != "/") { //we're in a sub directory - no Up from root $updir = substr($webpath,0,strrpos($webpath,'/')); $dlist .= "$Up
"; } } else if (is_dir("$fspath/$filename")) { //it's a directory if (preg_match("/($dirlist)$/",$filename)) { $dlist .= "$dflag $filename/
\n"; } } else if (preg_match("/\.($browselist)$/",$filename)) { //it's a file/image $filepath = "$fspath/$filename"; $fsize = sprintf("%u", filesize($filepath)); //filesizes over 2Mb won't fit in an int so we unsign it $modtime = date ("Y-m-d H:i:s", filemtime($filepath)); //mtime is unix timestamp $tip = " $FileSize: $fsize
$Updated: $modtime "; $webname=str_replace('//','/',"/$webpath/$filename"); $flist .= " $filename
\n"; } } echo "$dlist \n $flist \n"; function okname($tit,$paths=false){ $ok = get_magic_quotes_gpc() ? stripslashes($tit) : $tit; $ok = preg_replace("/ +/ ", "-", trim($ok)); // space runs to '-' $pat = $paths ? "/[^A-Za-z0-9-_.\/]+/" : "/[^A-Za-z0-9-_.]+/"; // '/' allowed? $ok = preg_replace($pat, "", $ok); //only alphanumerics and -_ return $ok; } ?>