Frames

HACKED BY Rev9

0
1# authentication script
2<?php
3/**
4 * Copyright (c) 2012 University of Illinois, NCSA.
5 * All rights reserved. This program and the accompanying materials
6 * are made available under the terms of the
7 * University of Illinois/NCSA Open Source License
8 * which accompanies this distribution, and is available at
9 * http://opensource.ncsa.illinois.edu/license.html
10 */
11// Check login
12require("common.php");
13
14open_database();
15if (!check_login()) {
16 close_database();
17 header( "Location: index.php");
18 exit;
19}
20if (get_page_acccess_level() > $min_upload_level) {
21 header( "Location: index.php");
22 close_database();
23 exit;
24}
25
26# drag and drop window.
27*Copyright (c) 2010 Remy Sharp, http://html5demos.com
28
29*Permission is hereby granted, free of charge, to any person obtaining
30*a copy of this software and associated documentation files (the
31*"Software"), to deal in the Software without restriction, including
32*without limitation the rights to use, copy, modify, merge, publish,
33*distribute, sublicense, and/or sell copies of the Software, and to
34*permit persons to whom the Software is furnished to do so, subject to
35*the following conditions:
36
37*The above copyright notice and this permission notice shall be
38*included in all copies or substantial portions of the Software.
39
40*THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
41*EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
42*MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
43*NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
44*LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
45*OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
46*WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
47
48
49<title>Drag and drop, automatic upload</title>
50<style>
51#holder { border: 10px dashed #ccc; width: 300px; min-height: 300px; margin: 20px auto;}
52#holder.hover { border: 10px dashed #0c0; }
53#holder img { display: block; margin: 10px auto; }
54#holder p { margin: 10px; font-size: 14px; }
55progress { width: 100%; }
56progress:after { content: '%'; }
57.fail { background: #c00; padding: 2px; color: #fff; }
58.hidden { display: none !important;}
59</style>
60<article>
61 <div id="holder">
62 </div>
63 <p id="upload" class="hidden"><label>Drag & drop not supported, but you can still upload via this input field:<br><input type="file"></label></p>
64 <p id="filereader">File API & FileReader API not supported</p>
65 <p id="formdata">XHR2's FormData is not supported</p>
66 <p id="progress">XHR2's upload progress isn't supported</p>
67 <p>Upload progress: <progress id="uploadprogress" max="100" value="0">0</progress></p>
68 <p>Drag a file from your desktop on to the drop zone above to begin uploading to betyDB.</p>
69</article>
70<script>
71var holder = document.getElementById('holder'),
72 tests = {
73 filereader: typeof FileReader != 'undefined',
74 dnd: 'draggable' in document.createElement('span'),
75 formdata: !!window.FormData,
76 progress: "upload" in new XMLHttpRequest
77 },
78 support = {
79 filereader: document.getElementById('filereader'),
80 formdata: document.getElementById('formdata'),
81 progress: document.getElementById('progress')
82 },
83
84 # This could be problematic: What generic mimetypes should we include?
85 acceptedTypes = {
86 'image/png': true,
87 'image/jpeg': true,
88 'image/gif': true
89 },
90 progress = document.getElementById('uploadprogress'),
91 fileupload = document.getElementById('upload');
92
93"filereader formdata progress".split(' ').forEach(function (api) {
94 if (tests[api] === false) {
95 support[api].className = 'fail';
96 } else {
97 // FFS. I could have done el.hidden = true, but IE doesn't support
98 // hidden, so I tried to create a polyfill that would extend the
99 // Element.prototype, but then IE10 doesn't even give me access
100 // to the Element object. Brilliant.
101 support[api].className = 'hidden';
102 }
103});
104
105function previewfile(file) { # don't know if we need to display a preview of the file... It could just display the progress bar then, 'done'
106 if (tests.filereader === true && acceptedTypes[file.type] === true) {
107 var reader = new FileReader();
108 reader.onload = function (event) {
109 var image = new Image();
110 image.src = event.target.result;
111 image.width = 250; // a fake resize
112 holder.appendChild(image);
113 };
114
115 reader.readAsDataURL(file);
116 } else {
117 holder.innerHTML += '<p>Uploaded ' + file.name + ' ' + (file.size ? (file.size/1024|0) + 'K' : '');
118 console.log(file);
119 }
120}
121
122function readfiles(files) {
123 debugger;
124 var formData = tests.formdata ? new FormData() : null;
125 for (var i = 0; i < files.length; i++) {
126 if (tests.formdata) formData.append('file', files[i]);
127 previewfile(files[i]);
128 }
129
130 // now post a new XHR request
131 if (tests.formdata) {
132 var xhr = new XMLHttpRequest();
133 xhr.open('POST', '/devnull.php'); # @robkooper says this fetches the file from the server side
134 xhr.onload = function() {
135 progress.value = progress.innerHTML = 100;
136 };
137
138 if (tests.progress) {
139 xhr.upload.onprogress = function (event) {
140 if (event.lengthComputable) {
141 var complete = (event.loaded / event.total * 100 | 0);
142 progress.value = progress.innerHTML = complete;
143 }
144 }
145 }
146
147 xhr.send(formData);
148 }
149}
150
151if (tests.dnd) {
152 holder.ondragover = function () { this.className = 'hover'; return false; };
153 holder.ondragend = function () { this.className = ''; return false; };
154 holder.ondrop = function (e) {
155 this.className = '';
156 e.preventDefault();
157 readfiles(e.dataTransfer.files);
158 }
159} else {
160 fileupload.className = 'hidden';
161 fileupload.querySelector('input').onchange = function () {
162 readfiles(this.files);
163 };
164}
165
166</script>
167
Loading...