\n", "\n", "\n", "\n", "\n", "\n"; } function StartHtml($logged_in) { echo "\n\nNCF members' upload page\n", "\n", "\n\n\n"; if ($logged_in) { echo "

Welkom, ", $_POST['name'], "!

\n"; } else { echo "

Welkom!

\n"; } echo "
\n"; } function Par($text) { echo "\t

\n\t\t", $text, "\n\t

\n"; } function EndHtml() { echo "\n
\n\n\n"; } $logged = 0; $msg = ""; if (isset($_POST['src'])) { if ($_POST['src'] == "login") { require_once("../connect.php"); if (UploadPageLogin($_POST['name'], $_POST['password'])) { $logged = 3; } else { sleep(3); } } else if ($_POST['src'] == "list" && $_POST['val'] == "9eCIoR7R") { $logged = 1; } else if ($_POST['src'] == "upload" && $_POST['val'] == "k6JKZZy8") { $logged = 2; } else if ($_POST['src'] == "change" && $_POST['val'] == "SfCla3Et") { $logged = 4; } else if ($_POST['src'] == "send" && $_POST['val'] == "w1SLOfnR") { $logged = 3; // check uploaded file if (isset($_FILES['upload']) && $_FILES['upload']['tmp_name'] != "") { $target_name = $_POST['name'] . "/" . $_FILES['upload']['name']; if (move_uploaded_file($_FILES['upload']['tmp_name'], $target_name)) { $url = "http://ncf.ddrmmr.nl/" . $target_name; $msg = "Het bestand is correct geupload.
\n" . $url . ""; } else { $msg = "Het bestand kon niet worden verplaatst."; } } else { $msg = "Er is geen bestand geupload."; } } else if ($_POST['src'] == "set_pw" && $_POST['val'] == "d7gbpaIT") { if ($_POST['name'] != $_POST['user']) { $msg = "De opgegeven naam klopt niet."; $logged = 4; } else if ($_POST['new1'] != $_POST['new2']) { $msg = "Het nieuwe wachtwoord is niet goed herhaald."; $logged = 4; } else { $logged = 3; require_once("../connect.php"); $mysql = new MysqlWrapper("UploadStuff"); $mysql->query("SELECT user FROM upload WHERE user='" . mysql_real_escape_string($_POST['name']) . "' AND password='" . md5($_POST['old']) . "'"); if ($mysql->fetch_array()) { if ($mysql->query("UPDATE upload SET password='" . md5($_POST['new1']) . "' WHERE user='" . mysql_real_escape_string($_POST['name']) . "'")) { $msg = "Je wachtwoord is veranderd."; } else { $msg = "Sorry, je wachtwoord kon niet worden veranderd."; } } else { $msg = "Het oude wachtwoord dat je hebt opgegeven klopt niet."; $logged = 4; } $mysql->close(); } } else { Par("Interne fout code 1."); } } if ($logged) { // display links StartHtml(true); echo "\n\n\n\n\n\n
\n"; if (strlen($msg) > 0) { Par($msg); } if ($logged == 1) { // list Par("Lijst van bestanden:"); if ($dh = opendir($_POST['name'])) { while (($file = readdir($dh)) !== false) { if (!is_dir($file)) { echo "", $file, "
\n"; } } closedir($dh); } else { Par("Interne fout code 2."); } } else if ($logged == 2) { // upload Par("Kies een bestand en klik op 'Upload' om het te uploaden."); echo "
\n", "\n", "\n", "\n", "\n", // 1 MB "  \n", "\n", "
\n"; } else if ($logged == 4) { Par("Voer de gegevens in om je wachtwoord te veranderen."); echo "
\n", "\n", "\n", "\n", "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n", "\n\n\n\n\n
Naam:", "
\n", "
Oud wachtwoord:", "
\n", "
Nieuw wachtwoord:", "
\n", "
Herhaal nieuw wachtwoord:", "
\n", "
", "  ", "
\n", "
\n"; } EndHtml(); } else { // log in StartHtml(false); Par("Voer je naam en wachtwoord in om in te loggen."); echo "
\n", "\n", "\n\n\n\n\n\n\n\n\n\n", "\n\n\n\n\n
Naam:", "", "
Wachtwoord:", "", "
", "  ", "
\n", "
\n"; EndHtml(); } ?>