Advanced Php Problem, involving uploads

[ultimategamer50]

Before the upload, there is a radio box that gives you the option to hotlink protect your file, I've created a LONG PHP script that when the radio box is ticked it makes a HTM and a PHP file, it works but for some reason when it's ticked it just goes right around it and doesn't carry out the commands when the radio box is ticked, can anyone help me? here is the code, what is wrong with it?

CODE

<?php
   // Configuration - Your Options
      $allowed_filetypes = array('.src','.bak','.zvz','.php','.htm','.html','.mp3','.wav','.ogg'); // These will be the types of file that will NOT pass the validation.
      $max_filesize = 204857600; // Maximum filesize in BYTES (currently 20MB).
      $upload_path = './7344783733/'; // The place the files will be uploaded to (currently a 'files' directory).

   $filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).
   $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename.

   // Check if the filetype is allowed, if not DIE and inform the user.
   if(in_array($ext,$allowed_filetypes))
      die('The file you attempted to upload is not allowed.');

   // Now check the filesize, if it is too large then DIE and inform the user.
   if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
      die('The file you attempted to upload is too large.');

   // Check if we can upload to the specified path, if not DIE and inform the user.
   if(!is_writable($upload_path))
      die('You cannot upload to the specified directory, please CHMOD it to 777.');

   // Upload the file to your specified path.
if($_REQUEST['verification'] == 'true') {
echo rand() . "";
echo rand(1, 3);
$myFile = "./7344783733/$rand.htm";
$myFile2 = "./7344783733/$rand.php";
$fh = fopen($myFile, 'w') or die("ERROR OPENING FILE");
$stringData = "echo rand(1, 4); <form method=POST action=./7344783733/$rand.php <input type=text name=textfield length=30 value=enter number shown /> <input type=submit value=Submit/>";
fwrite($fh, $stringData);
fclose($fh);
$fh2 = fopen($myFile2, 'w') or die("ERROR CREATING PHP. ABORT");
$stringData2 = "header(Location: $upload_path . $filename) echo File Download is Starting";
fwrite($fh2, $stringData2);
fclose($fh2);
move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename);
         echo 'Uploading to temp...COMPLETE <br> Moving to path...COMPLETE <br> Creating PHP...COMPLETE <br> Configuring HTML...COMPLETE <br> Your file upload was successful, view the file here <a href="' . $upload_path . $rand.htm . '" title="Your File">' . $filename . ' </a>'; // It worked.
} else {
move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename);
         echo 'Uploading to temp...COMPLETE <br> Moving to path...COMPLETE <br> Creating PHP...COMPLETE <br> <br>Your file upload was successful, view the file here <a href="' . $upload_path . $filename . '" title="Your File">' . $filename . ' </a>'; // It worked.
}

?>

[Ed]

Can you post the form too?

At a stab:

CODE

if($_REQUEST['verification'] == 'true') {

Replaced with:

CODE

if(isset($_REQUEST['verification'])) {

what's the purpose to this?

CODE

echo rand() . "";

[ultimategamer50]

Can you post the form too?

At a stab:

CODE

if($_REQUEST['verification'] == 'true') {

Replaced with:

CODE

if(isset($_REQUEST['verification'])) {

what's the purpose to this?

CODE

echo rand() . "";

sure:

CODE

<form action="http://imagetube.uuuq.com/regupload.php" method="post" enctype="multipart/form-data">
   <p>
      <label for="file">Select a file:</label> <input type="file" name="userfile" id="file"> <br> <input type="radio" name="verification" value="Do you want to hotlink protect your file?"> Do you want to hotlink protect your file? <br>
   <p>
<input type="Submit" value="Upload File" onClick="loading.style.visibility = 'visible';">
<img src="http://imagetube.uuuq.com/loading.gif" alt="Please wait" name = "loading" id = "loading" style = "visibility: hidden;">
</form>

and that's just another random number added to the one after it. Thanks for replying

[ultimategamer50]

Can you post the form too?

At a stab:

CODE

if($_REQUEST['verification'] == 'true') {

Replaced with:

CODE

if(isset($_REQUEST['verification'])) {

what's the purpose to this?

CODE

echo rand() . "";

ok got it working the only problem I'm having is it keeps saying this error when I try and use it: Parse error: "syntax error, unexpected '}' in /www/uuuq.com/f/i/l/imagetube/htdocs/regupload.php on line 51".

here's the code I have right now:

CODE

<?php
   // Configuration - Your Options
      $allowed_filetypes = array('.src','.bak','.zvz','.php','.htm','.html'); // These will be the types of file that will NOT pass the validation.
      $max_filesize = 104857600; // Maximum filesize in BYTES (currently 100MB).
      $upload_path = './7344783733/'; // The place the files will be uploaded to (currently a 'files' directory).

   $filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).
   $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename.

   // Check if the filetype is allowed, if not DIE and inform the user.
   if(in_array($ext,$allowed_filetypes))
      die('The file you attempted to upload is not allowed.');

   // Now check the filesize, if it is too large then DIE and inform the user.
   if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
      die('The file you attempted to upload is too large.');

   // Check if we can upload to the specified path, if not DIE and inform the user.
   if(!is_writable($upload_path))
      die('You cannot upload to the specified directory, please CHMOD it to 777.');

   // Upload the file to your specified path.
if(isset($_REQUEST['verification'])) {
$rand = rand() . "";
$rand2 = rand(1, 3);
move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename);
$myFile = "./7344783733/$rand.htm";
$myFile2 = "./7344783733/$rand.php";
$fh = fopen($myFile, 'w') or die("ERROR OPENING FILE");
$stringData = "<?php
$rand4 = rand(1, 4);
echo $rand4;
?>
<form method=POST action=$rand.php> <input type=text name=textfield length=30 value=enter number shown /> <input type=submit value=Submit />";
fwrite($fh, $stringData);
fclose($fh);
}
$test = $_REQUEST['textfield'];
$fh2 = fopen($myFile2, 'w') or die("ERROR CREATING PHP. ABORT");
$stringData2 = "<?php
if($test == $rand4) {
header('Location: $filename');
echo File Download is Starting;
} else {
die(NUMBER IS INCORRECT, PLEASE TRY AGAIN);
}
?>";
fwrite($fh2, $stringData2);
fclose($fh2);
         echo 'Uploading to temp...COMPLETE <br> Moving to path...COMPLETE <br> Creating PHP...COMPLETE <br> Configuring HTML...COMPLETE <br> Your file upload was successful, view the file here <a href="' . $upload_path . $rand .'.htm" title="Your File">' . $filename . ' </a>'; // It worked.
} else {
move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename);
         echo 'Uploading to temp...COMPLETE <br> Moving to path...COMPLETE <br> Creating PHP...COMPLETE <br> <br>Your file upload was successful, view the file here <a href="' . $upload_path . $filename . '" title="Your File">' . $filename . ' </a>'; // It worked.
}

?>

[Ed]

I didn't realise you were hosting this on Zymic, we don't allow file hosts on the free hosting.

I will give you a grace period of two days to remove it, if its primary aim was to host files, then I can remove the account for you also.

[ultimategamer50]

I didn't realise you were hosting this on Zymic, we don't allow file hosts on the free hosting.

I will give you a grace period of two days to remove it, if its primary aim was to host files, then I can remove the account for you also.

oh ok. it'll be gone tomarrow. I didn't know I couldn't do that. But just one question, why?

[Ed]

oh ok. it'll be gone tomarrow. I didn't know I couldn't do that. But just one question, why?

Well the hosting is for hosting websites, not files. The aim is to give users a place to host personal (or business), content rich websites, not file storage.

There's plenty of normal file hosting websites out there, http://www.hidemyass.com/upload allows you to set restrictions on who can download the files too.

[ultimategamer50]

Well the hosting is for hosting websites, not files. The aim is to give users a place to host personal (or business), content rich websites, not file storage.

There's plenty of normal file hosting websites out there, http://www.hidemyass.com/upload allows you to set restrictions on who can download the files too.

oh, I just wanted to ceate my own file hosting site for other people to upload stuff using web hosting since I don't have a server, database, or any of that stuff that I don't understand...but I took all the files off so you can delete the site now (http://filehost101.uuuq.com) I have another site on my account but it's not mine it's a friend but it's not a file hosting site.

[Ed]

oh, I just wanted to ceate my own file hosting site for other people to upload stuff using web hosting since I don't have a server, database, or any of that stuff that I don't understand...but I took all the files off so you can delete the site now (http://filehost101.uuuq.com) I have another site on my account but it's not mine it's a friend but it's not a file hosting site.

Thank you. What about filetube.uuuq.com? that was the site I originally spotted.

[ultimategamer50]

Thank you. What about filetube.uuuq.com? that was the site I originally spotted.

hm? There is no filetube, all I have is filehost101 and imagetube. Imagetube belongs 2 my friend, and filehost101 is gone, so no filetube. Oh yeah, I spent most of the year working on filehost101, so do you know of any web hosting sites like zymic except it allows file host sites?

[Ed]

hm? There is no filetube, all I have is filehost101 and imagetube. Imagetube belongs 2 my friend, and filehost101 is gone, so no filetube. Oh yeah, I spent most of the year working on filehost101, so do you know of any web hosting sites like zymic except it allows file host sites?

Sorry I meant imagetube, that is being used as an upload site too.

Not that I'm aware of, couldn't you just host it on your own computer?

[ultimategamer50]

Sorry I meant imagetube, that is being used as an upload site too.

Not that I'm aware of, couldn't you just host it on your own computer?

how?

[Ed]

how?

There's an amp (apache, mysql, php) solution for pretty much all platforms, you can either install them all separately or what a lot of people use is an amp package, for example xampp:

http://www.apachefriends.org/en/xampp.html

[ultimategamer50]

There's an amp (apache, mysql, php) solution for pretty much all platforms, you can either install them all separately or what a lot of people use is an amp package, for example xampp:

http://www.apachefriends.org/en/xampp.html

I haven't installed or downloaded yet but how will I be able to make my PHP files public and accessible on the web from my computer, or all the files after installation? (something like http://mysite.com/lookatme.php)