HEX
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 mod_fcgid/2.3.9 PHP/5.4.16
System: Linux dvm.vladweb.ru 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: region-gk.ru (1016)
PHP: 8.2.27
Disabled: NONE
$ pwd: /var/www/temp/autoprokat.vladweb.ru/includes/
Upload Files
File: //var/www/temp/autoprokat.vladweb.ru/includes/upload_pic.php
<?
if(isset($_POST['addipic']))
{ 
if (!isset($_SESSION["login"]) || !isset($_SESSION["password"])) //unauthorized
	{
		die("� �� ������ �������!!!");
	}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<title>��������...</title>
</head>
<body>
<h1> �������� �����... </h1>
<?
  if ($HTTP_POST_FILES['userfile']['tmp_name']=='none')
  {
    echo 'Problem: ���� �� �� ��������<br>
    <input type="button" onclick="location=\'./?AUTO&&addipic&&addipicid=\''.$_GET['addipicid'].'" value=\'�����\'/><br>
    <input type="button" onclick="location=\'./index.php\'" value=\'� �����\'/>';
	exit;
  }
  
  if ($HTTP_POST_FILES['userfile']['size']==0)
  {
    echo 'Problem: ���������� ���� ����� ������ 0<br>
    <input type="button" onclick="location=\'./?AUTO&&addipic&&addipicid=\''.$_GET['addipicid'].'" value=\'�����\'/><br>
	<input type="button" onclick="location=\'./index.php\'" value=\'� �����\'/>';
	exit;
  }
  if (($HTTP_POST_FILES['userfile']['type'] != 'image/gif') && ($HTTP_POST_FILES['userfile']['type'] != 'image/pjpeg') && ($HTTP_POST_FILES['userfile']['type'] != 'image/png') && ($HTTP_POST_FILES['userfile']['type'] != 'image/jpeg'))
  {
    echo 'Problem: ���������� ���� �� ������ ������������ <br>
    <input type="button" onclick="location=\'./?AUTO&&addipic\'" value=\'�����\'/><br>
    <input type="button" onclick="location=\'./index.php\'" value=\'� �����\'/>';
	exit;
  }

  if (!is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name']))
  {
    echo 'Problem: �������� ���������� ���� ����������<br>
    <input type="button" onclick="location=\'./?AUTO&&addipic\''.$_POST['edit'].'" value=\'�����\'/><br>
    <input type="button" onclick="location=\'./index.php\'" value=\'� �����\'/>';
//	exit;
  }
  
  $upfile = UPLOAD_AUTO_DIR.$HTTP_POST_FILES['userfile']['name'];
  $upfilennew = strtok($HTTP_POST_FILES['userfile']['name'],'.').$_GET['addipicid'].'.png';
  $upfilenew = UPLOAD_AUTO_DIR.$upfilennew;

  if (!copy($HTTP_POST_FILES['userfile']['tmp_name'], $upfile))
  {
    echo 'Problem: ���������� ���������� ���� � ���������<br>
    <input type="button" onclick="location=\'./?AUTO&&addipic\''.$_POST['edit'].'" value=\'�����\'/><br>
    <input type="button" onclick="location=\'./index.php\'" value=\'� �����\'/>';
	exit;
  }
//delete picture if it exist

  $sql="select a_picname from auto where a_id = ".$_GET['addipicid'];
  $result1 = mysql_query($sql) or DIE ("Delete pict error!!!!!! ".MYSQL_ERROR());
  if (mysql_num_rows($result1) > 0)
  {
	$cres = mysql_result($result1, 0, 'a_picname');
  	if ((!empty($cres)) && ($cres != 'NULL'))
	{
	  unlink(UPLOAD_AUTO_DIR.'preview_'.$cres);
      unlink(UPLOAD_AUTO_DIR.$cres);
	}
  }
		  
  $IQ=("update auto set a_picname='".$upfilennew."' where a_id=".$_GET['addipicid']);
  @mysql_query($IQ) or DIE (" ".MYSQL_ERROR()); 
  echo '���� �������� ������!<br><br>
  <input type="button" onclick="location=\'./?AUTO\'" value=\'���������\'/><br>';

//-------------------------------------RESIZE PICTURE

//Read picture from different file types
switch ($HTTP_POST_FILES['userfile']['type'])
{  
   case 'image/gif':
     $source_im = imagecreatefromgif($upfile);
 	 unlink($upfile);
     imagepng($source_im, $upfilenew);         
	 break;
   case ('image/pjpeg' || 'image/pjpeg'):
     $source_im = imagecreatefromjpeg($upfile);
 	 unlink($upfile);
     imagepng($source_im, $upfilenew);         
	 break;
   case 'image/png':
     $source_im = imagecreatefrompng($upfile);
 	 break;
}

$source_im_xs = imagesx($source_im);
if ($source_im_xs > 150) 
{
  $source_im_ys = imagesy($source_im);
  $koef = $source_im_xs/$source_im_ys;
  $prev_im_xs = 150;
  $prev_im_ys = (integer) ($prev_im_xs/$koef);
  $prev_im = imagecreatetruecolor($prev_im_xs, $prev_im_ys);

  if ($source_im_xs > 428) 
  {
    unlink($upfilenew);
    $im_xs = 428;
    $im_ys = (integer) ($im_xs/$koef);
    $im = imagecreatetruecolor($im_xs, $im_ys);
    // ����������� ����������� ������� imagecopyresampled() 
    // $im - �������� ���� 
    // $source_im - ������� ����������� 
    // $im_xs - ������ ��������� ����� 
    // $im_ys - ����� ��������� �����     
    // $source_im_xs - ������ �������� ���������� 
    // $source_im_ys  - ����� �������� ���������� 
    imagecopyresized($im, $source_im, 0, 0, 0, 0, $im_xs, $im_ys, $source_im_xs, $source_im_ys);
    imagecopyresampled($prev_im, $im, 0, 0, 0, 0, $prev_im_xs, $prev_im_ys, $im_xs, $im_ys);
    // ������� � ���� png 
    imagepng($im, $upfilenew);         
    imagedestroy($im);
  } else  
  {           
    imagecopyresampled($prev_im, $source_im, 0, 0, 0, 0, $prev_im_xs, $prev_im_ys, $source_im_xs, $source_im_ys);
  } // if (source_im_xs > 688)

  $upprevfile = UPLOAD_AUTO_DIR.'preview_'.$upfilennew;
  imagepng($prev_im, $upprevfile);
  imagedestroy($prev_im);
}
imagedestroy($source_im);

//---------------------------------END RESIZE PICTURE

  exit;
?>

</body>
</html>
<?
}
?>
@ Telegram