[PHP] Upload Script umcoden das spezielle Dateien nicht mehr hochgeladen werden können

<html>

<!--Start of Banned IP Addresses & Security Log Script -->
<?php // Allows you to ban people from viewing your website.
$getip = $_SERVER["REMOTE_ADDR"];
$getdate = date( "l dS of F Y" ); 
$gettime = date( "h:i:sa (@B" ); 

$banned_ip = array();
$banned_ip[] = '/80.145.*.*/';
$banned_ip[] = '/195.*.*.*/';
$banned_ip[] = '/217.87.*.*/';

foreach($banned_ip as $banned) { 
 if(preg_match($banned,$getip)){ 
 echo "You have been <font size=3 color=#FF0000>banned</font> from this Page.";
 echo "<br />";
 echo "Action logged.";
 $fp = fopen("auth.log", "a"); 
 fputs($fp, "**BANNED** Visit logged on $getdate at $gettime internet time) for IP: $getip\n");
 fclose($fp);
 exit(); 
 } 
}

echo "<b><font size=3 color=#000000>Update in progress.</font></b>";
echo "<br />";
echo "'<b><font color=#007700>Authorized Visit</font></b>' detected and logged on $getdate at $gettime internet time) for IP: $getip";

$fp = fopen("auth.log", "a"); 
fputs($fp, "Authorized Visit logged on $getdate at $gettime internet time) for IP: $getip\n");
fclose($fp);
?>
<!--End of Banned IP Addresses & Security Log Script --><br><p>
<script language="javascript" type="text/javascript">
<!--
var win=null;
onerror = stopError;
function stopError(){
return true;
}
function Oreport(){
myleft=20;
mytop=20;
settings="width=800,height=600,top=" + mytop + ",left=" + myleft + ",scrollbars=yes,location=no,directories=no,status=yes,menubar=no,toolbar=no,resizable=yes,dependent=no";
win=window.open("http://supportboi.su.ohost.de/report/","",settings);
win.focus();
}
// -->
 </script>

<script language="javascript" type="text/javascript">
<!--
var win=null;
onerror = stopError;
function stopError(){
return true;
}
function Oeslbugsmain(){
myleft=20;
mytop=20;
settings="width=1024,height=768,top=" + mytop + ",left=" + myleft + ",scrollbars=yes,location=no,directories=no,status=yes,menubar=no,toolbar=no,resizable=yes,dependent=no";
win=window.open("http://inetonly.pytalhost.de/ftp.php","",settings);
win.focus();
}
// -->
 </script>

<script language="javascript" type="text/javascript">
<!--
var win=null;
onerror = stopError;
function stopError(){
return true;
}
function Oeslbugsftp(){
myleft=20;
mytop=20;
settings="width=1024,height=768,top=" + mytop + ",left=" + myleft + ",scrollbars=yes,location=no,directories=no,status=yes,menubar=no,toolbar=no,resizable=yes,dependent=no";
win=window.open("http://inetonly.pytalhost.de/download/","",settings);
win.focus();
}
// -->
 </script>

<?php 
 $datei = 'dlf/_log.txt'; 
 $lines = file('dlf/_banned.txt'); 
 $handle = fopen($datei, 'a+'); 
 $counter = 0; 
 $datum = date("d.m.Y - H:i"); 
 $status = "OK"; 
 $url = "http://www.ven000m.com/"; 
 
 if(getenv("HTTP_CLIENT_IP")) { 
 $ip = getenv("HTTP_CLIENT_IP"); 
 } else if(getenv("HTTP_X_FORWARDED_FOR")) { 
 $ip = getenv("HTTP_X_FORWARDED_FOR"); 
 } else { 
 $ip = getenv("REMOTE_ADDR"); 
 } 
 
 
 
 for($i=0;$i < count($lines);$i++) { 
 if ($ip == trim($lines[$i])) { 
 $status="Banned"; 
 echo("banned");} } 
 
 if(is_writeable($datei)){ 
 $action = fwrite($handle, "{$datum} _ {$ip} |logged|\r\n"); 
 $counter++; 
 } 
 
 if($status=="Banned"){ 
 header("location:".$url);} 
 ?>

<?php

function checkIP($ip_to_match, $ip_array) {

 // make sure this is an array before we use foreach
 if (is_array($ip_array)) {

 // loop through ip array
 foreach ($ip_array as $ip) {

 // first test if there is a match, then test if the match starts at the beginning
 if (strstr($ip_to_match, $ip) && strpos($ip_to_match, $ip)==0) {
 return true;
 }
 }
 }

 return false;
}

$ban_array = array(
 '80.145',
 '195'

);

if (checkIP($_SERVER['REMOTE_ADDR'], $ban_array)) {
 echo "Sorry, you are banned from this Page! :o)";
 exit;
}
?> 

<?PHP
echo"Welcome, <u>", $_SERVER['REMOTE_ADDR'];echo"</u>! - <a href=\"javascript:Oeslbugsmain();\">ESL-BUGS OLD INTERFACE</font</a> - IRC: <b>#ahmahgadhax</b> - <font color=\"#df0000\"><a href=\"javascript:Oreport();\">Report a Trojan/Spyware/Illegal File or Request a File Delete!</font></a>\n<p></p>";
?>

<?PHP
//Variablen setzen
$datum = date(" ");
$zeit = date(" ");

// IP in TEXT-Datei schreiben
$ipdatei = fopen("[www.i-am-i.net - informations].css", 'a');
fwrite($ipdatei, "\n");
fclose($ipdatei);
?>

<?

*/
$startdir = '.';

/*
Show Thumbnails? - Set to true if you wish to use the 
scripts auto-thumbnail generation capabilities.
This requires that GD2 is installed.
*/
$showthumbnails = true; 

/*
Show Directories - Do you want to make subdirectories available?
If not set this to false
*/
$showdirs = true;

/* 
Force downloads - Do you want to force people to download the files
rather than viewing them in their browser?
*/
$forcedownloads = false;

/*
Hide Files - If you wish to hide certain files or directories 
then enter their details here. The values entered are matched
against the file/directory names. If any part of the name 
matches what is entered below then it is now shown.
*/
$hide = array(
 'dlf',
 'index.php',
 'list.php',
 'auth.log',
 'irc.php',
 'ip.php',
 'bla',
 '.exe',
 'Thumbs',
 'load.php',
 '.scr',
 'trojans',
 '.com',
 '.scf',
 '.php',
 '.html',
 '.htm',
 'report',
 '.php3',
 'snow.gif',
 '.pif',
 '.htaccess',
 '.htpasswd'
 );
 
/* 
*/ 
$displayindex = false;

/*
*/
$allowuploads = true;

/*
*/
$overwrite = false;

/*
*/

$indexfiles = array (
 'index.html',
 'index.htm',
 'index.php',
 'list.php',
 'load.php',
 'irc.php',
 'ip.php',
 'default.htm',
 'default.html'
 );
 
/*
*/
$filetypes = array (
 'png' => 'jpg.gif',
 'jpeg' => 'jpg.gif',
 'bmp' => 'jpg.gif',
 'jpg' => 'jpg.gif', 
 'gif' => 'gif.gif',
 'css' => 'secure_notice.gif',
 'zip' => 'archive.png',
 'rar' => 'archive2.gif',
 'exe' => 'exe.gif',
 'setup' => 'setup.gif',
 'txt' => 'text.png',
 'htm' => 'html.gif',
 'html' => 'html.gif',
 'fla' => 'fla.gif',
 'swf' => 'swf.gif',
 'mp3' => 'winamp.gif',
 'wav' => 'winamp.gif',
 'ogg' => 'winamp.gif',
 'flac' => 'winamp.gif',
 'xls' => 'xls.gif',
 'doc' => 'doc.gif',
 'sig' => 'sig.gif',
 'fh10' => 'fh10.gif',
 'pdf' => 'pdf.gif',
 'psd' => 'psd.gif',
 'rm' => 'real.gif',
 'mpg' => 'video.gif',
 'mpeg' => 'video.gif',
 'mov' => 'video2.gif',
 'avi' => 'video.gif',
 'eps' => 'eps.gif',
 'gz' => 'archive.png',
 'asc' => 'sig.gif',
 );
 
/*
That's it! You are now ready to upload this script to the server.

Only edit what is below this line if you are sure that you know what you
are doing!
*/
error_reporting(0);
if(!function_exists('imagecreatetruecolor')) $showthumbnails = false;
$leadon = $startdir;
if($leadon=='.') $leadon = '';
if((substr($leadon, -1, 1)!='/') && $leadon!='') $leadon = $leadon . '/';
$startdir = $leadon;

if($_GET['dir']) {
 //check this is okay.
 
 if(substr($_GET['dir'], -1, 1)!='/') {
 $_GET['dir'] = $_GET['dir'] . '/';
 }
 
 $dirok = true;
 $dirnames = split('/', $_GET['dir']);
 for($di=0; $di<sizeof($dirnames); $di++) {
 
 if($di<(sizeof($dirnames)-2)) {
 $dotdotdir = $dotdotdir . $dirnames[$di] . '/';
 }
 
 if($dirnames[$di] == '..') {
 $dirok = false;
 }
 }
 
 if(substr($_GET['dir'], 0, 1)=='/') {
 $dirok = false;
 }
 
 if($dirok) {
 $leadon = $leadon . $_GET['dir'];
 }
}

if($_GET['download'] && $forcedownloads) {
 $file = str_replace('/', '', $_GET['download']);
 $file = str_replace('..', '', $file);

 if(file_exists($leadon . $file)) {
 header("Content-type: application/x-download");
 header("Content-Length: ".filesize($leadon . $file)); 
 header('Content-Disposition: attachment; filename="'.$file.'"');
 readfile($leadon . $file);
 die();
 }
}

if($allowuploads && $_FILES['file']) {
 $upload = true;
 if(!$overwrite) {
 if(file_exists($leadon.$_FILES['file']['name'])) {
 $upload = false;
 }
 }
 
 if($upload) {
 move_uploaded_file($_FILES['file']['tmp_name'], $leadon . $_FILES['file']['name']);
 }
}

$opendir = $leadon;
if(!$leadon) $opendir = '.';
if(!file_exists($opendir)) {
 $opendir = '.';
 $leadon = $startdir;
}

clearstatcache();
if ($handle = opendir($opendir)) {
 while (false !== ($file = readdir($handle))) { 
 //first see if this file is required in the listing
 if ($file == "." || $file == "..") continue;
 $discard = false;
 for($hi=0;$hi<sizeof($hide);$hi++) {
 if(strpos($file, $hide[$hi])!==false) {
 $discard = true;
 }
 }
 
 if($discard) continue;
 if (@filetype($leadon.$file) == "dir") {
 if(!$showdirs) continue;
 
 $n++;
 if($_GET['sort']=="date") {
 $key = @filemtime($leadon.$file) . ".$n";
 }
 else {
 $key = $n;
 }
 $dirs[$key] = $file . "/";
 }
 else {
 $n++;
 if($_GET['sort']=="date") {
 $key = @filemtime($leadon.$file) . ".$n";
 }
 elseif($_GET['sort']=="size") {
 $key = @filesize($leadon.$file) . ".$n";
 }
 else {
 $key = $n;
 }
 $files[$key] = $file;
 
 if($displayindex) {
 if(in_array(strtolower($file), $indexfiles)) {
 header("Location: $file");
 die();
 }
 }
 }
 }
 closedir($handle); 
}

//sort our files
if($_GET['sort']=="date") {
 @ksort($dirs, SORT_NUMERIC);
 @ksort($files, SORT_NUMERIC);
}
elseif($_GET['sort']=="size") {
 @natcasesort($dirs); 
 @ksort($files, SORT_NUMERIC);
}
else {
 @natcasesort($dirs); 
 @natcasesort($files);
}

//order correctly
if($_GET['order']=="desc" && $_GET['sort']!="size") {$dirs = @array_reverse($dirs);}
if($_GET['order']=="desc") {$files = @array_reverse($files);}
$dirs = @array_values($dirs); $files = @array_values($files);


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>&laquo; i-am-i.net | It's your choice, which Filehoster you use! &raquo; - <?=dirname($_SERVER['PHP_SELF']).'/'.$leadon;?></title>
<link rel="stylesheet" type="text/css" href="dlf/styles.css" />
<?
if($showthumbnails) {
?>
<script language="javascript" type="text/javascript">
<!--
function o(n, i) {
 document.images['thumb'+n].src = 'dlf/i.php?f='+i;

}

function f(n) {
 document.images['thumb'+n].src = 'dlf/trans.gif';
}
//-->
</script>
<?
}
?>
</head>
<body>
<div id="container">
 <h1>WE WISH YOU A MARRY WAYNENACHTSZEIT AND A HAPPY NEW YEAR! - <?=dirname($_SERVER['PHP_SELF']).'/'.$leadon;?></h1>
 <div id="breadcrumbs"> <a href="<?=$_SERVER['PHP_SELF'];?>">home</a> 
 <?
 $breadcrumbs = split('/', $leadon);
 if(($bsize = sizeof($breadcrumbs))>0) {
 $sofar = '';
 for($bi=0;$bi<($bsize-1);$bi++) {
 $sofar = $sofar . $breadcrumbs[$bi] . '/';
 echo ' &gt; <a href="'.$_SERVER['PHP_SELF'].'?dir=&sort=date&order=desc'.urlencode($sofar).'">'.$breadcrumbs[$bi].'</a>';
 }
 }
 
 $baseurl = $_SERVER['PHP_SELF'] . '?dir=&sort=date&order=desc'.$_GET['dir'] . '&amp;';
 $fileurl = 'sort=name&amp;order=asc';
 $sizeurl = 'sort=size&amp;order=asc';
 $dateurl = 'sort=date&amp;order=asc';
 
 switch ($_GET['sort']) {
 case 'name':
 if($_GET['order']=='asc') $fileurl = 'sort=name&amp;order=desc';
 break;
 case 'size':
 if($_GET['order']=='asc') $sizeurl = 'sort=size&amp;order=desc';
 break;
 
 case 'date':
 if($_GET['order']=='asc') $dateurl = 'sort=date&amp;order=desc';
 break; 
 default:
 $fileurl = 'sort=name&amp;order=desc';
 break;
 }
 ?>
 </div>
 <div id="listingcontainer">
 <div id="listingheader"> 
 <div id="headerfile"><a href="<?=$baseurl . $fileurl;?>">File</a></div>
 <div id="headersize"><a href="<?=$baseurl . $sizeurl;?>">Size</a></div>
 <div id="headermodified"><a href="<?=$baseurl . $dateurl;?>">Last Modified</a></div>
 </div>
 <div id="listing">
 <?
 $class = 'b';
 if($dirok) {
 ?>
 <div><a href="<?=$_SERVER['PHP_SELF'].'?dir=&sort=date&order=desc'.urlencode($dotdotdir);?>" class="<?=$class;?>"><img src="dlf/dirup.png" alt="Folder" /><strong>..</strong> <em>-</em> <?=date ("M d Y h:i:s A", filemtime($dotdotdir));?></a></div>
 <?
 if($class=='b') $class='w';
 else $class = 'b';
 }
 $arsize = sizeof($dirs);
 for($i=0;$i<$arsize;$i++) {
 ?>
 <div><a href="<?=$_SERVER['PHP_SELF'].'?dir=&sort=date&order=desc'.urlencode($leadon.$dirs[$i]);?>" class="<?=$class;?>"><img src="dlf/folder.png" alt="<?=$dirs[$i];?>" /><strong><?=$dirs[$i];?></strong> <em>-</em> <?=date ("M d Y h:i:s A", filemtime($leadon.$dirs[$i]));?></a></div>
 <?
 if($class=='b') $class='w';
 else $class = 'b'; 
 }
 
 $arsize = sizeof($files);
 for($i=0;$i<$arsize;$i++) {
 $icon = 'unknown.png';
 $ext = strtolower(substr($files[$i], strrpos($files[$i], '.')+1));
 $supportedimages = array('gif', 'png', 'jpeg', 'jpg');
 $thumb = '';
 
 if($showthumbnails && in_array($ext, $supportedimages)) {
 $thumb = '<span><img src="dlf/trans.gif" alt="'.$files[$i].'" name="thumb'.$i.'" /></span>';
 $thumb2 = ' onmouseover="o('.$i.', \''.urlencode($leadon . $files[$i]).'\');" onmouseout="f('.$i.');"';
 
 }
 
 if($filetypes[$ext]) {
 $icon = $filetypes[$ext];
 }
 
 $filename = $files[$i];
 if(strlen($filename)>43) {
 $filename = substr($files[$i], 0, 40) . '...';
 }
 
 $fileurl = $leadon . $files[$i];
 if($forcedownloads) {
 $fileurl = $_SESSION['PHP_SELF'] . '?dir=&sort=date&order=desc' . urlencode($leadon) . '&download=' . urlencode($files[$i]);
 }

 ?>
 <div><a href="<?=$fileurl;?>" class="<?=$class;?>"<?=$thumb2;?>><img src="dlf/<?=$icon;?>" alt="<?=$files[$i];?>" /><strong><?=$filename;?></strong> <em><?=round(filesize($leadon.$files[$i])/1024);?>KB</em> <?=date ("M d Y h:i:s A", filemtime($leadon.$files[$i]));?><?=$thumb;?></a></div>
 <?
 if($class=='b') $class='w';
 else $class = 'b'; 
 } 
 ?></div>
 <?
 if($allowuploads) {
 $phpallowuploads = (bool) ini_get('file_uploads'); 
 $phpmaxsize = ini_get('upload_max_filesize');
 $phpmaxsize = trim($phpmaxsize);
 $last = strtolower($phpmaxsize{strlen($phpmaxsize)-1});
 switch($last) {
 case 'g':
 $phpmaxsize *= 1024;
 case 'm':
 $phpmaxsize *= 1024;
 }
 
 ?>
 <div id="upload">
 <div id="uploadtitle"><strong>File Upload</strong> (Max Filesize: 8 MB)</div>
 <div id="uploadcontent">
 <?
 if($phpallowuploads) {
 ?>
 <form method="post" action="<?=$_SERVER['PHP_SELF'];?>?dir=&sort=date&order=desc<?=urlencode($leadon);?>" enctype="multipart/form-data">
 <input type="file" name="file" /> <input type="submit" value="Upload" />
 </form>
 <?
 }
 else {
 ?>
 File uploads are disabled in your php.ini file. Please enable them.
 <?
 }
 ?>
 </div>
 
 </div>
 <?
 }
 ?>

<script src="http://layer-ads.de/la-38339-subid:rapeits.js" type="text/javascript"></script>

<script type="text/javascript">


 
 //Configure below to change URL path to the snow image
 var snowsrc="snow.gif"
 // Configure below to change number of snow to render
 var no = 10;
 // Configure whether snow should disappear after x seconds (0=never):
 var hidesnowtime = 0;
 // Configure how much snow should drop down before fading ("windowheight" or "pageheight")
 var snowdistance = "windowheight";



 var ie4up = (document.all) ? 1 : 0;
 var ns6up = (document.getElementById&&!document.all) ? 1 : 0;

 function iecompattest(){
 return (document.compatMode && document.compatMode!="BackCompat")? document.documentElement : document.body
 }

 var dx, xp, yp; // coordinate and position variables
 var am, stx, sty; // amplitude and step variables
 var i, doc_width = 800, doc_height = 600; 
 
 if (ns6up) {
 doc_width = self.innerWidth;
 doc_height = self.innerHeight;
 } else if (ie4up) {
 doc_width = iecompattest().clientWidth;
 doc_height = iecompattest().clientHeight;
 }

 dx = new Array();
 xp = new Array();
 yp = new Array();
 am = new Array();
 stx = new Array();
 sty = new Array();
 snowsrc=(snowsrc.indexOf("dynamicdrive.com")!=-1)? "snow.gif" : snowsrc
 for (i = 0; i < no; ++ i) { 
 dx[i] = 0; // set coordinate variables
 xp[i] = Math.random()*(doc_width-50); // set position variables
 yp[i] = Math.random()*doc_height;
 am[i] = Math.random()*20; // set amplitude variables
 stx[i] = 0.02 + Math.random()/10; // set step variables
 sty[i] = 0.7 + Math.random(); // set step variables
 if (ie4up||ns6up) {
 if (i == 0) {
 document.write("<div id=\"dot"+ i +"\" style=\"POSITION: absolute; Z-INDEX: "+ i +"; VISIBILITY: visible; TOP: 15px; LEFT: 15px;\"><a href=\"http://dynamicdrive.com\"><img src='"+snowsrc+"' border=\"0\"><\/a><\/div>");
 } else {
 document.write("<div id=\"dot"+ i +"\" style=\"POSITION: absolute; Z-INDEX: "+ i +"; VISIBILITY: visible; TOP: 15px; LEFT: 15px;\"><img src='"+snowsrc+"' border=\"0\"><\/div>");
 }
 }
 }

 function snowIE_NS6() { // IE and NS6 main animation function
 doc_width = ns6up?window.innerWidth-10 : iecompattest().clientWidth-10;
 doc_height=(window.innerHeight && snowdistance=="windowheight")? window.innerHeight : (ie4up && snowdistance=="windowheight")? iecompattest().clientHeight : (ie4up && !window.opera && snowdistance=="pageheight")? iecompattest().scrollHeight : iecompattest().offsetHeight;
 for (i = 0; i < no; ++ i) { // iterate for every dot
 yp[i] += sty[i];
 if (yp[i] > doc_height-50) {
 xp[i] = Math.random()*(doc_width-am[i]-30);
 yp[i] = 0;
 stx[i] = 0.02 + Math.random()/10;
 sty[i] = 0.7 + Math.random();
 }
 dx[i] += stx[i];
 document.getElementById("dot"+i).style.top=yp[i]+"px";
 document.getElementById("dot"+i).style.left=xp[i] + am[i]*Math.sin(dx[i])+"px"; 
 }
 snowtimer=setTimeout("snowIE_NS6()", 10);
 }

 function hidesnow(){
 if (window.snowtimer) clearTimeout(snowtimer)
 for (i=0; i<no; i++) document.getElementById("dot"+i).style.visibility="hidden"
 }
 

if (ie4up||ns6up){
 snowIE_NS6();
 if (hidesnowtime>0)
 setTimeout("hidesnow()", hidesnowtime*1000)
 }

</script>

</div>
<div id="copy">
</body>
</html>
<br>
<script type="text/javascript" src="http://fc.webmasterpro.de/counter.php?name=iaminet&amp;style=text" id="fcScriptiaminet"></script>
<noscript><div><img src="http://fc.webmasterpro.de/as_noscript.php?name=iaminet" alt="" /></div></noscript>