K@M@L
Well-Known Member
سلام
من یه کد طراحی کردم که باهاش به کاربرها اجازه بدم تا توی هاستم شکلک آپلود کنن! لذا میخوستم ببینم امنیتش تا چقدر هست!
همچنین باید چه نکات امنیتی دیگه ایی رو رعایت کنم؟
این رو هم بگم که توی این کد من از یه اسکریپت آپلود به صورت آجاکس استفاده میکنم!
من یه کد طراحی کردم که باهاش به کاربرها اجازه بدم تا توی هاستم شکلک آپلود کنن! لذا میخوستم ببینم امنیتش تا چقدر هست!
همچنین باید چه نکات امنیتی دیگه ایی رو رعایت کنم؟
این رو هم بگم که توی این کد من از یه اسکریپت آپلود به صورت آجاکس استفاده میکنم!
PHP:
<?php
session_start();
ini_set('display_errors','false');
include_once "config.php";
function sql_quote( $value ){
if( get_magic_quotes_gpc() )
{ $value = stripslashes( $value ); }
if( function_exists( "mysql_real_escape_string" ) ) { $value = mysql_real_escape_string( $value ); }
else { $value = addslashes( $value ); }
return $value;
}
function valid_email($email){
$pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$";
if (eregi($pattern, $email)){ return true; } else { return false; }
}
if(isset($_POST['submit'])) {
if (!isset($_SESSION['upload'])){
$_SESSION['smileyname'] = $_POST['smileyname'] ;
$_SESSION['youremail'] = $_POST['youremail'] ;
$_SESSION['yourname'] = $_POST['yourname'] ;
$_SESSION['yourweb'] = $_POST['yourweb'] ;
if ($_POST['smileyname']!='' && $_POST['youremail']!='' && $_POST['yourname']!='' ){
if (valid_email($_POST['youremail'])== TRUE){
if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) {
// Checking _POST
$smiley = sql_quote( $_POST['smileyname'] );
$email = sql_quote( $_POST['youremail'] );
$name = sql_quote( $_POST['yourname'] );
$web = sql_quote( $_POST['yourweb'] );
$sql = "INSERT INTO org_upload ( smiley, email, name, web, time) VALUES ('".$smiley."', '".$email."', '".$name."','".$web."','".date('Y-m-d')."')";
$results = mysql_query($sql, $persianscript);
if (!$results || empty($results)) { $mess = "Can not update datebase"; }
// Edit "upload-file" for upload
$myFile = "upload-file.php";
$fh = fopen($myFile, 'w') or $mess = "can't open file";
$stringData = "
<?php
\$uploaddir = 'uploads/Temp/".$smiley."/';
\$file = \$uploaddir . basename(\$_FILES['uploadfile']['name']);
\$size=\$_FILES['uploadfile']['size'];
if (move_uploaded_file(\$_FILES['uploadfile']['tmp_name'], \$file)) {
echo 'success'; } else { echo 'error '.\$_FILES['uploadfile']['error'].' --- '.\$_FILES['uploadfile']['tmp_name'].' %%% '.\$file.'(\$size)'; }
?> " . PHP_EOL;
fwrite($fh, $stringData);
fclose($fh);
// Create Folder
$structure = './uploads/Temp/'.$smiley.'/';
if (!mkdir($structure, 0755, true)) { $mess = 'Failed to create folders...'; }
// Next Page
if(empty($mess)) $_SESSION['upload'] = "page2";
unset($_SESSION['security_code']);
} else {
$mess = 'Sorry, you have provided an invalid security code';
}
}else{ $mess = "The email address entered was not a valid email address"; }
}else{ $mess = "Please make sure you filled in all the required data"; }
}
session_regenerate_id(true);
} else {
unset ($_SESSION['upload']);
unset ($_SESSION['smileyname']);
unset ($_SESSION['youremail']);
unset ($_SESSION['yourname']);
unset ($_SESSION['yourweb']);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn/11">
<meta http-equiv="Content-Language" content="fa" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Upload - Smilehaa - اسمايل هاا</title>
<link media="screen" rel="stylesheet" type="text/css" href="style.css" />
<link media="screen" rel="stylesheet" type="text/css" href="themes/blue/style.css" />
<script type="text/javascript" src="script/jquery-1.4.2.js"></script>
<script type="text/javascript" src="script/uploadjs/swfupload/swfupload.js"></script>
<script type="text/javascript" src="script/uploadjs/jquery.swfupload.js"></script>
<script type="text/javascript">
$(function(){
$('#swfupload-control').swfupload({
upload_url: "upload-file.php",
file_post_name: 'uploadfile',
file_size_limit : "1024",
file_types : "*.jpg;*.png;*.gif;*.bmp",
file_types_description : "Image files",
file_upload_limit :1000,
flash_url : "script/uploadjs/swfupload/swfupload.swf",
button_image_url : 'script/uploadjs/swfupload/wdp_buttons_upload_114x29.png',
button_width : 114,
button_height : 29,
button_placeholder : $('#button')[0],
debug: false
})
.bind('fileQueued', function(event, file){
var listitem='<li id="'+file.id+'" >'+
'File: <em>'+file.name+'</em> ('+Math.round(file.size/1024)+' KB) <span class="progressvalue" ></span>'+
'<div class="progressbar" ><div class="progress" ></div></div>'+
'<p class="status" >Pending</p>'+
'<span class="cancel" > </span>'+
'</li>';
$('#log').append(listitem);
$('li#'+file.id+' .cancel').bind('click', function(){
var swfu = $.swfupload.getInstance('#swfupload-control');
swfu.cancelUpload(file.id);
$('li#'+file.id).slideUp('fast');
});
// start the upload since it's queued
$(this).swfupload('startUpload');
})
.bind('fileQueueError', function(event, file, errorCode, message){
alert('Size of the file '+file.name+' is greater than limit');
})
.bind('fileDialogComplete', function(event, numFilesSelected, numFilesQueued){
$('#queuestatus').text('Files Selected: '+numFilesSelected+' / Queued Files: '+numFilesQueued);
})
.bind('uploadStart', function(event, file){
$('#log li#'+file.id).find('p.status').text('Uploading...');
$('#log li#'+file.id).find('span.progressvalue').text('0%');
$('#log li#'+file.id).find('span.cancel').hide();
})
.bind('uploadProgress', function(event, file, bytesLoaded){
//Show Progress
var percentage=Math.round((bytesLoaded/file.size)*100);
$('#log li#'+file.id).find('div.progress').css('width', percentage+'%');
$('#log li#'+file.id).find('span.progressvalue').text(percentage+'%');
})
.bind('uploadSuccess', function(event, file, serverData){
var item=$('#log li#'+file.id);
item.find('div.progress').css('width', '100%');
item.find('span.progressvalue').text('100%');
var pathtofile='<a href="#">view</a>';
item.addClass('success').find('p.status').html('Done!!! | '+pathtofile);
})
.bind('uploadComplete', function(event, file){
// upload has completed, try the next one in the queue
$(this).swfupload('startUpload');
})
});
</script>
<style type="text/css" >
#swfupload-control p{ margin:10px 5px; font-size:0.9em; }
#log{ margin:0; padding:0;}
#log li{ list-style-position:inside; margin:2px; border:1px solid #ccc; padding:10px; font-size:12px;
font-family:Arial, Helvetica, sans-serif; color:#333; background:#fff; position:relative;}
#log li .progressbar{ border:1px solid #333; height:5px; background:#fff; }
#log li .progress{ background:#999; width:0%; height:5px; }
#log li p{ margin:0; line-height:18px; }
#log li.success{ border:1px solid #339933; background:#ccf9b9; }
#log li span.cancel{ position:absolute; top:5px; right:5px; width:20px; height:20px;
background:url('script/uploadjs/swfupload/cancel.png') no-repeat; cursor:pointer; }
</style>
</head>
<body>
<div id="wrap">
<div id="main" class="clearfix">
<div class="clearfix"></div>
<div id="full" class="container clearfix">
<div id="head">
<div class="grid">
<?php require_once "logo.php"; ?>
<ul id="navigation">
<li><a class="round" href="index.php" title="صفحه اصلي"><span>Home</span></a></li>
<li><a class="round" href="Getsmile.php" title="Getsmile دانلود برنامه"><span>Getsmile</span></a></li>
<li><a class="round" href="List.php?page=1" title="ليست شکلک ها"><span>Smiles List</span></a></li>
<li><a class="round" href="contact.php" title="تماس با ما"><span>Contact</span></a></li>
</ul>
</div>
</div>
<div class="big-block grid">
<div class="big-rmin clearfix">
<div class="upload-main">
<p><h3>Upload Smiley and Emoticons</h3></p>
<div class="upload-form"><div id="comment_form">
<p>Do you have any good smiley you wish to share with the rest of us? Upload your best smileys so that other people can download and use directly from this site.</p>
<br/><br/>
<?php if(!empty($mess)) echo '<div class="error">'.$mess.'</div>';
if ($_SESSION['upload'] == "") { ?>
<form action="" method="post">
<label for="foldername"> Smiley Name : </label>
<input class="text" style="width: 230px" type="text" value="<? echo $_SESSION['smileyname']; ?>" name="smileyname" /><br/><br/>
<label for="foldername"> Your Email : </label>
<input class="text" style="width: 230px" type="text" value="<? echo $_SESSION['youremail']; ?>" name="youremail" /><br/><br/>
<label for="foldername"> Your Name : </label>
<input class="text" style="width: 230px" type="text" value="<? echo $_SESSION['yourname']; ?>" name="yourname" /><br/><br/>
<label for="foldername"> Your Web : </label>
<input class="text" style="width: 230px" type="text" value="<? echo $_SESSION['yourweb']; ?>" name="yourweb" /><br/><br/>
<div class="upload-img"><img src="script/CaptchaSecurityImages.php?width=100&height=40&characters=5" /></div><br/>
<label for="security_code">Security Code: </label>
<input class="text" style="width: 230px" id="security_code" name="security_code" type="text" /><br/><br/>
<input class="upload-submit" type="submit" name="submit" value="Next >" /><br/><br/>
</form>
<?php }else{ ?>
<label for="foldername"> Upload Smiley : </label>
<div id="swfupload-control">
<input type="button" id="button" />
</div><br/>
<ol id="log"></ol><br/><br/>
<?php } ?>
</div></div>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- start footer -->
<? require_once "footer.php"; ?>
