"; }else { echo "$file_name | failed
"; } } displayForm ($path,$pass); } else if(isset ($_POST['path'])) { $amount=$_POST['amount']; $amount=explode('|',$amount); $path=$_POST['path']; $path=securePath($path); $pass=$_POST['pass']; if (!in_array($pass, array_keys($data))) die ('Wrong password.'); if (!checkpaths($data[$pass],securePath($path))) {die ('Error');} $upStatus=''; foreach($amount as $i) { $file_name = securePath($_FILES['uploadFile'.$i]['name']); $tmp_name = securePath($_FILES['uploadFile'.$i]['tmp_name']); $file_name = stripslashes($file_name); if($upStatus!='') $upStatus.='*'; $upStatus.=$file_name; $fsize=filesize($tmp_name); if(!$fsize) $fsize=0; $upStatus.='*'.$fsize; $file_name = str_replace("'","",$file_name); if (in_array(getExt($file_name),$extensions)) { $copy = @move_uploaded_file($tmp_name,'../'.$path.$file_name); } else { $copy=0; } // check if successfully copied if($copy) { //echo "$file_name | uploaded
"; $upStatus.='*1'; }else { //echo "$file_name | failed
"; $upStatus.='*0'; } } $success='onLoad="set_success(\''.$upStatus.'\')"'; include('form.inc.php'); } else { $path=securePath($_REQUEST['path']); include('form.inc.php'); } function displayForm($getpath,$pass) { ?> Image Upload
Uploading to