$this_page = $_SERVER['PHP_SELF'];
function MakeButton($name, $src, $validation) {
echo "
\n";
}
function StartHtml($logged_in) {
echo "\n\nNCF members' upload page\n",
"\n",
"\n\n\n";
if ($logged_in) {
echo "Welkom, ", $_POST['name'], "!
\n";
}
else {
echo "Welkom!
\n";
}
echo "\n";
}
function Par($text) {
echo "\t
\n\t\t", $text, "\n\t
\n";
}
function EndHtml() {
echo "\n
\nCopyright (C) 2006 Jelle Hurkens. Alle rechten voorbehouden.
\n\n";
}
$logged = 0;
$msg = "";
if (isset($_POST['src'])) {
if ($_POST['src'] == "login") {
require_once("../connect.php");
if (UploadPageLogin($_POST['name'], $_POST['password'])) {
$logged = 3;
}
else {
sleep(3);
}
}
else if ($_POST['src'] == "list" && $_POST['val'] == "9eCIoR7R") {
$logged = 1;
}
else if ($_POST['src'] == "upload" && $_POST['val'] == "k6JKZZy8") {
$logged = 2;
}
else if ($_POST['src'] == "change" && $_POST['val'] == "SfCla3Et") {
$logged = 4;
}
else if ($_POST['src'] == "send" && $_POST['val'] == "w1SLOfnR") {
$logged = 3;
// check uploaded file
if (isset($_FILES['upload']) && $_FILES['upload']['tmp_name'] != "") {
$target_name = $_POST['name'] . "/" . $_FILES['upload']['name'];
if (move_uploaded_file($_FILES['upload']['tmp_name'], $target_name)) {
$url = "http://ncf.ddrmmr.nl/" . $target_name;
$msg = "Het bestand is correct geupload.
\n" . $url . "";
}
else {
$msg = "Het bestand kon niet worden verplaatst.";
}
}
else {
$msg = "Er is geen bestand geupload.";
}
}
else if ($_POST['src'] == "set_pw" && $_POST['val'] == "d7gbpaIT") {
if ($_POST['name'] != $_POST['user']) {
$msg = "De opgegeven naam klopt niet.";
$logged = 4;
}
else if ($_POST['new1'] != $_POST['new2']) {
$msg = "Het nieuwe wachtwoord is niet goed herhaald.";
$logged = 4;
}
else {
$logged = 3;
require_once("../connect.php");
$mysql = new MysqlWrapper("UploadStuff");
$mysql->query("SELECT user FROM upload WHERE user='" . mysql_real_escape_string($_POST['name']) . "' AND password='" . md5($_POST['old']) . "'");
if ($mysql->fetch_array()) {
if ($mysql->query("UPDATE upload SET password='" . md5($_POST['new1']) . "' WHERE user='" . mysql_real_escape_string($_POST['name']) . "'")) {
$msg = "Je wachtwoord is veranderd.";
}
else {
$msg = "Sorry, je wachtwoord kon niet worden veranderd.";
}
}
else {
$msg = "Het oude wachtwoord dat je hebt opgegeven klopt niet.";
$logged = 4;
}
$mysql->close();
}
}
else {
Par("Interne fout code 1.");
}
}
if ($logged) {
// display links
StartHtml(true);
echo "\n";
if (strlen($msg) > 0) {
Par($msg);
}
if ($logged == 1) { // list
Par("Lijst van bestanden:");
if ($dh = opendir($_POST['name'])) {
while (($file = readdir($dh)) !== false) {
if (!is_dir($file)) {
echo "", $file, "
\n";
}
}
closedir($dh);
}
else {
Par("Interne fout code 2.");
}
}
else if ($logged == 2) { // upload
Par("Kies een bestand en klik op 'Upload' om het te uploaden.");
echo "\n";
}
else if ($logged == 4) {
Par("Voer de gegevens in om je wachtwoord te veranderen.");
echo "\n";
}
EndHtml();
}
else { // log in
StartHtml(false);
Par("Voer je naam en wachtwoord in om in te loggen.");
echo "\n";
EndHtml();
}
?>