-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcomplaint.php
54 lines (44 loc) · 1.31 KB
/
complaint.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
require("banking.php");
if (!isset($_SESSION["username"]) or !($_SESSION['authenticated'])) {
header("Location: login.html");
exit();
}
if (!is_vip()) {
die("Unauthorized, this featuer is only for VIP customers");
}
include('complaint.html');
if ($_FILES["upload"]["name"]) {
mkdir("uploads"); //mkdir if doesn't exist
$name = $_FILES["upload"]["name"];
$ext = end((explode(".", $name)));
$target_dir = "uploads/";
$target_file = $target_dir . sha1(super_random()) . "." . $ext;
move_uploaded_file($_FILES["upload"]["tmp_name"], $target_file);
if (checkFileType($target_file)) {
echo "Thank you for contacting us, we will get back to you shortly";
} else {
unlink($target_file);
echo "Sorry, there was an error uploading your file.";
}
}
// My secret secure random generator
function super_random()
{
$rand = rand(0, 100);
for ($i = 0; $i < 100; $i++) {
$rand = $rand * rand(0, 100);
}
return $rand;
}
// Only JPG and PNG are allowed
function checkFileType($fileName)
{
$imageFileType = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
if ($imageFileType != "jpg" && $imageFileType != "png") {
echo "Sorry, only JPG & PNG files are allowed\n";
return false;
} else {
return true;
}
}