simpleup.php

Sound recorder application using swing...

<?php
	/*
		Code by Bert Szoghy
		webmaster@quadmore.com

		THIS CODE ALLOWS UNRESTRICTED FILE UPLOADING, THEREFORE IS A SECURITY RISK.
		IT SHOULD NOT BE USED WITHOUT USER AUTHENTICATION.

		This program is free software; you can redistribute it and/or modify it under the terms
		of the GNU General Public License version 2 as published by the Free Software Foundation;
		This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even
		the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
		See the GNU General Public License for more details, at:
		http://www.gnu.org/licenses/licenses.html
		You should have received a copy of
		the GNU General Public License along with this program; if not, write to the
		Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	*/

	$headers = getallheaders();

	foreach ($headers as $header => $value)
	{
	   //Grab the header sent by JavaToPHP.java in the line: conn.setRequestProperty("email", GlobalStorage.getEmail());
	   if($header == 'email')
	   {
	   		$email = $value;
	   }
	   //echo "$header: $value <br />\n";
	}

	echo "Email address which was received: $email" . "\n";

	if(!isValidEmail($email))
	{
		die ("The email provided is not valid, file will not be uploaded. End of response.");
	}

	$site_name = $_SERVER['HTTP_HOST'];
	$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
	$url_this =  "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
	$ThisServerLocation = "http://24.202.126.216:8090/swingrecorder/";

	//The directory created will be named using the email address sent by Java:
	$upload_dir = $email . "/";
	$upload_url = $url_dir."/" . $upload_dir;
	$message ="";

	if (!is_dir($email))
	{
	  if (!mkdir($upload_dir))
	  {
		die ("upload_files directory doesn't exist and creation failed");
	  }
	  if (!chmod($upload_dir,0755))
	  {
		die ("change permission to 755 failed.");
	  }
	}

	/************************************************************
	 *     Process User's Request
	 ************************************************************/

	$file_type = $_FILES['userfile']['type'];
	$file_name = $_FILES['userfile']['name'];
	$file_ext = substr($file_name,strrpos($file_name,"."));
	$message = do_upload($upload_dir,$upload_url);

	echo $message;

	//Email message
	if($email != "unknown@localhost.com")
	{
		$subject = "File received " . $file_name;
		$headers = "From: webmaster@quadmore.com\nReply-To: webmaster@quadmore.com\nContent-Type: text/html; charset=iso-8859-1";
		$bodydata = "Just to let you know we received your file fine! You can view it at:\n" . $ThisServerLocation . $email . "/" . $file_name;
		mail("$email","$subject","$bodydata","$headers");
	}
	else
	{
		echo "Cannot send an email to the non-existent email address 'unknown@localhost.com'.";
	}

	function do_upload($upload_dir, $upload_url)
	{
		$temp_name = $_FILES['userfile']['tmp_name'];
		$file_name = $_FILES['userfile']['name'];
		$file_name = str_replace("\\","",$file_name);
		$file_name = str_replace("'","",$file_name);
		$file_path = $upload_dir.$file_name;

		//File Name Check
		if ( $file_name =="")
		{
			$message = "Invalid File Name Specified";
			return $message;
		}

		$result  =  move_uploaded_file($temp_name, $file_path);

		if (!chmod($file_path,0755))
		{
			$message = "change permission to 755 failed.";
		}
		else
		{
			$message = ($result)?"$file_name was uploaded successfully to the web server." : "Something is wrong with uploading a file.";
		}
		return $message;
	}

	function isValidEmail($address)
	{
		// quick check to see if an email address is possibly valid
		if (ereg('^[a-zA-Z0-9_\.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$', $address))
		{
			return true;
		}
		else
		{
			return false;
		}
	}
?>
 End of web server response.