HTTP Upload Hack Version 2.0
 

Welcome to the new Update for the HTTP Upload Hack from Pseudomizer.

Do you need version 1.0 for this hack ?

No. This is independant from version 1.0.

What is new compared to the version 1.0 ?

- user authentification is now per config file or per VBulletin database
- new file extension filter to prevent unwanted files to be uploaded
- new overwrite setting to either overwrite or deny the upload
- usergroup authentification against VBulletin database

Changes:

- sessions have been removed because some people could not work due to register_globals off
- all variables are now $_POST and can not be passed via URL

Installation:

For new installs and upgraders:
Open the http_upload_config.php file in an editor and make the appropriate changes BEFORE you upload the files to your forum directory.

Upgrade from 1.0 to 2.0 only:
Remove the old files ( http_upload_config.php, http_upload.php ) and place the new files in the forum root folder.

New Install only:
Just place the 2 files into your forum root directory.

Enjoy it. :devious:

Again: I take no responsibility if someone accidently deletes important files with this hack. This hack is dangerous if misconfigured. So please READ CAREFULLY the config file. If you have any questions or something is unclear feel free to ask in the Thread. I would be more then happy to answer to every question.

IMPORTANT: Support will only be given if the install button in this forum thread has been pressed. So please take the time now to click the install button after your installation. Thanks. :classic:

Cheers,

Pseudomizer

Any screenshots needed ? There are no big changes compared to version 1.0 in the frontend but a lot of changes in the backend.

Cheers,

Where is a demo?

I will not offer a live demo to my forum, so people can upload any files to my forum root folder. Sorry, no way.

Cheers,

screenshot will be good tho :o

Here are some screenshots. They are in GIF format and due to the bug from VB i had to upload a zip file with the gif files. Enjoy.

Cheers,

can i set upload via usergroup and put upload quotas ie premium usergroup each member can upload to 3mb max
and admin usergroup unlimited etc etc settable by the admin ?

Nice job.

How do you want this implemented please ? If you want to set this per group then how do you want to measure how many MB has been uploaded by which group ? This is a simple HTTP Upload hack and nothing else.

What you are asking is something like an FTP server like War FTP where i can set specific limitations and options for groups and you can set permissions for each directory.

There is no way to implemente someting like this for a simple HTTP Upload.

My suggestion to you: If you need something like this then implement either an FTP Server or a SSH chroot environment where you jail in people. Then you can set specific quotas.

Tell me what you want to achieve and we can discuss this offline but not in this thread.

Cheers,

I might be wrong but I don't think you can upload more than 2 MB in most hosts since it is configured in php.ini . There's a way around that, but...I don't think your host will be happy if they found out. :nervous:

You are right about the 2MB. But you can go up to 11MB before VBulletin will reject the upload. This only applies for VBulletin uploads.

My hack does not rely on the VBulletin database so there are the following limitations per default:

- 2MB max due to php.ini
- 30 secs due to timeout set in php.ini

The second limitation can be altered via your php file by adding the following line at the beginning of your php file:

This will give you 10 minutes for uploading but please keep in mind, that many providers are preventing things like this and if you work around their limitation then your account will be disabled very quickly.

The first limitation can not be altered via script. So you need access to the php.ini file to be able to alter this setting.

Cheers,

Excellent work. Thanks. :)

no i mean quotas
quota means a total of allowed diskspace by that user

I am fully aware of what quotas are. Again the question: How do you want to trace what files have been uploaded and which file size they have ? What if he replaces a file and does not add a new file ?

This is not possible to trace that unless you create something special like:

forum/Folder1 for user hugo
forum/Folder 2 for user martin

in both folders you place the http_upload.php but you have to modify each php file for a specific user. You have to run a command to get the directory size of the specific folder and then calculate what he wants to upload. If the size exceeds a specific size ( which you have to set for each php file individually ( or create one global settings file ) then you block the upload.

But this hack does not have a folder management included, does not have usermanagement included, does not have sizing checks included and does not react on specific user accounts. It just reacts on usergroup permissions.

Your request would be very specific and it would take some time to develop something like this. But i doubt that this request will become very popular or not ?

What is your aim ? What do you want to achieve ?

Cheers,

still waiting for you to add on the file type restriction,Pseudomizer :)

D3nnis ? I think you missed something. Please read again all new features for this update. I HAVE implemented a file type restriction. Did you read the whole posting 1 in this thread ?

Cheers,

oops miss that out, sorry! :rolleyes:

by the way since u added this new restriction, i can safely mod it into a image hosting module rite? by the way... where are these files uploaded to?

In the same directory where you http_upload.php file is located.

Cheers,

cool, do i need to chmod permission this directory?

Hi D3nnis,

yes. The Webserver needs write access to this directory. Some people just go with 777.

Cheers,

i was looking for something like This =D

Thanks a lot =D

i had this problem:

Warning: copy(avatar1.gif): failed to open stream: Permission denied in /home/lifestre/public_html/foro/http_upload.php on line 311
avatar1.gif could not be uploaded!

also will be cool than when the file was sucessfully uploaded, you can see the exactly url =D

and, there is a way than the files can be saved in /upload directory instead the root?

Hi Anubis,

as already mentioned before, i do not emulate a file manager. Please use other methods for this or just copy the files into the /upload folder.

URL ? How can a file and dir based PHP file know your URL ? No way unless you implement it somewhere manually. This hack just knows your server paths and that's it. Sorry, no way for the URL.

Regarding your problem:

chmod 777 /upload

should solve your problem.

Cheers,

0k, thanks for you answers

You're welcome.

Cheers,

Due to a request here is a slightly modified version of this hack.

What has changed ?

A thumbnail preview is now available after the successfull upload which is also linked to the new uploaded file.

Please keep in mind that you should only allow GIF,JPG,JPEG and PNG files otherwise you will run into errors with the IMG tag.

Screenshot attached.

Enjoy it.

Cheers,

If you will go to hotscripts.com and do a search for file upload in PHP portion, there are two or three scripts that will show the url after upload there. I use one of them on my forum within an iframe.

Thanks,

David

Or do a mouseover over the thumbnails and look into your status line in your browser. I linked them already to their original path. If you want this visible just correct the $advertising line in the new upload script.

Cheers,

@ Pseudomizer

many thx for your help

echt nett von Dir :)


*install*

Limitter

Wherever i can help. Hope you enjoy it.

Cheers,

It seems impossible to change the directory destination of the files uploaded! :(

I put the two files of this hack on a subdirectory of the forum and with chdir I make the file read global.php. The Problem is that all the files uploaded, are in the root forum directory and not in the subdirectory where the 2 hack files are.

Any suggestion?

Don't worry, i solved the problem! Found the solution! :D

After this line:

add this:

and replace YOURSERVERPATH with for example /srv/www/htdocs/forum/httpuploadir

Cheers,

ok i think this is a great mod.. but ican i know where all File will go ..

i think if u update this mod ..

For Exmaple In the Server There is a Files

Files in this Files who ever will uploud any file for Exmpale

Files/NicknameHere/anyfile.jpg

it's add the nickname of the person thankyou and let me know where all the file will be uploud .. and can we do this way to add inside the folders file the nick name of the person..

thanks.

Hi H2k,

i am very sorry, but your english is ... not easy to understand.

To answer your question: The files will be stored in the /forum folder and if you apply the modification from above it will save the file to the directory you specify.

If you want to create folders with your usernames then you have to modify this hack to create the corresponding directories. If you want to do that, feel free to do the changes. I created this hack for some people who needed an independant upload ability. What you are asking is something totally diffent and there are upload hacks out there which should satisfy your needs.

Please correct me if i am wrong but i tried to understand what you wrote.

Cheers,

hello iam sorry about my english ..

what i mean is .. all file is stored in the directory /forums.... it should be in one folders we creat For example

Say that we creat one folders called

"Files" and each user will be uploud it will creat folder with their name

for example

File/Nickname/uploud_hack.zip

so all the file of the user who will uploud it will be stored in him folder "File/Nickname/file.zip"

i dont no if we can do this or not

know if i try to uploud any File it's only let me 9 if i need more .. like 12,13,14 how can i change it .. and if i need all file be stored in one file that me i creat also how ..

thankyou amd i hope u understand my english :mad:

Yes, i understood you but you did not understood my answer from above. What you are asking for is a complete upload system for users. This is not the intention of this hack. There are already hacks out there which do that for you. It does not make sense to recreate this hack to become an complete upload system for users. This hack is for administrators and nothing else. Hope this make things clear now.

Cheers,