Module so each user can have his own file storing system (fully customizable!)

-EDIT-
Decided to change the post subject
____________________________


Well Olaf or anyone who can help me, I'm working on customizing the Access_User Class, I'm adding a feature that allows each registered user to upload files. I got that done, it saves the users files into a directory that's like: "files/$username/"
situation here is that when Administrators log-in and look for a user (i.e. username: john) I want Administrators to be able to send John files, (putting them on John's folder: files/john/).
John will see the files stored at his folder with a folder scan function.

I was wondering if anyone can help me with an FTP very very simple script..
just one 'input type=file' a submit button and the specific functions to upload the file.
Thanks

By the way, you can save and use this as:
upload_file.php
Just remember to add the upload_file.php hyperlink to the example.php file.

Some variables are in spanish and also the html layout is designed according to my site, but I'm sure you guys can change this values by yourself.
Hope ya'll find it useful, peace.

<?php
include($_SERVER['DOCUMENT_ROOT']."/classes/access_user/ext_user_profile.php");

$update_profile = new Users_profile;

$update_profile->access_page($_SERVER['PHP_SELF'], $_SERVER['QUERY_STRING']); // protect this page too.

$update_profile->get_profile_data();

if (isset($_POST['user_data'])) {
   $update_profile->update_user($_POST['password'], $_POST['confirm'], $_POST['user_full_name'], $_POST['user_info'], $_POST['user_email']); // the update method
}
if (isset($_POST['profile_data'])) {
   $update_profile->save_profile_date($_POST['id'], $_POST['language'], $_POST['address'],
   $_POST['postcode'], $_POST['city'], $_POST['country'], $_POST['phone'], $_POST['fax'],
   $_POST['homepage'], $_POST['notes'], $_POST['field_one'], $_POST['field_one'],
   $_POST['field_two']."##eu_date"); // note the last trailing string, this used to optimize the value as a euro date.
} 
$error = $update_profile->the_msg; // error message

//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
//   You may change maxsize, and allowable upload file types.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
//Mmaximum file size. You may increase or decrease.
$MAX_SIZE = 99000000;
                           
//Allowable file Mime Types. Add more mime types if you want
$FILE_MIMES = array('image/jpeg','image/jpg','image/gif','image/png','application/msword');

//Allowable file ext. names. you may add more extension names.           
$FILE_EXTS  = array('.zip','.mp3','.wma','.jpg','.png','.gif','.psd','.doc','.txt');

//Allow file delete? no, if only allow upload only
$DELETABLE  = true;                               


//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
//   Do not touch the below if you are not confident.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/*******************************     Setup variables     ************************************************/

$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this =  "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];

$upload_dir = "files/".$update_profile->user."/";
$upload_url = "files/".$update_profile->user."/";
$message ="";

/********************************     Create Upload Directory ***********************************/
if (!is_dir("files/".$update_profile->user."/")) {
  if (!mkdir($upload_dir))
     die ("upload_files no existe dicho directorio y fallo la creacion");
  if (!chmod($upload_dir,0755))
     die ("cambiar permisos a 755 fallido.");
}

/*****************************************  Process User's Request *********************************************/
if ($_REQUEST[del] && $DELETABLE)  {
  $resource = fopen("log.txt","a");
  fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\n");
  fclose($resource);
 
  if (strpos($_REQUEST[del],"/.")>0);                  //possible hacking
  else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking
  else if (substr($_REQUEST[del],0,6)==$upload_dir) {
    unlink($_REQUEST[del]);
    print "<script>window.location.href='$url_this?message=eliminado exitosamente'</script>";
  }
}
else if ($_FILES['userfile']) {
  $resource = fopen("log.txt","a");
  fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
            .$_FILES['userfile']['name']." "
            .$_FILES['userfile']['type']."\n");
  fclose($resource);

   $file_type = $_FILES['userfile']['type'];
  $file_name = $_FILES['userfile']['name'];
  $file_ext = strtolower(substr($file_name,strrpos($file_name,".")));

  //File Size Check
  if ( $_FILES['userfile']['size'] > $MAX_SIZE)
     $message = "El archivo excede los 99MB permitidos.";
  //File Type/Extension Check
  else if (!in_array($file_type, $FILE_MIMES)
          && !in_array($file_ext, $FILE_EXTS) )
     $message = "La extensi&#242;n $file_name($file_type) no est&#224; permitida.";
  else
     $message = do_upload($upload_dir, $upload_url);
 
  print "<script>window.location.href='$url_this?message=$message'</script>";
}
else if (!$_FILES['userfile']);
else
   $message = "Extensi&#242;n prohibida.";

/******************************************** List Files *********************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
   if(!is_dir($file) && !is_link($file)) {
      $filelist .= "<P><a href='$upload_dir$file'>".$file."</a>";
      if ($DELETABLE)
        $filelist .= " <!--<a href='?del=$upload_dir".urlencode($file)."' title='borrar'>x</a>-->";
      $filelist .= "<small><font color=white>  ".date("d-m H:i", filemtime($upload_dir.$file))
                   ."</font></small>";
      $filelist .="</P>";
   }
}
function do_upload($upload_dir, $upload_url) {

   $temp_name = $_FILES['userfile']['tmp_name'];
   $file_name = $_FILES['userfile']['name'];
  $file_name = str_replace("\\","",$file_name);
  $file_name = str_replace("'","",$file_name);
   $file_path = $upload_dir.$file_name;

   //File Name Check
  if ( $file_name =="") {
     $message = "Extensi&#242;n prohibida";
     return $message;
  }

  $result  =  move_uploaded_file($temp_name, $file_path);
  if (!chmod($file_path,0777))
      $message = "Cambiar permisos a 777 fallido.";
  else
    $message = ($result)?"$file_name se subi&#242; correctamente." :
              "Algo anda mal y no se pudo subir el archivo.";
  return $message;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd ">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title></title>
<link rel="stylesheet" type="text/css" href="estilos.css">
</head>
<body>         
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
     
<fieldset>
<legend><P><B><font color="#A4A4A4">Subir archivo.</font></B></P></legend>
   <P align="center"><font color=white><?=$_REQUEST[message]?></font></P>
<P>
   <form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
     Subir un archivo:<BR>
   <input type="file" id="userfile" name="userfile" size="23" value="Elija un archivo presionando aqu&#237;..."><BR>
   <input type="submit" name="upload" value="Subir el archivo seleccionado"><BR>
   </form>
   
   <br><b>Mis archivos</b>
   <hr width=70%>
   <?=$filelist?>
</P>
<BR>
</fieldset>
<!-- Notice! you have to change this links here, if the files are not in the same folder -->
<p><a href="<?php echo $update_profile->main_page; ?>">Inicio</a></p>
</body>
</html>

[Free WordPress Themes]

Elizer,you know that I have an upload class on my website?
http://www.finalwebsites.com/snippets.php?id=7

Elizer,you know that I have an upload class on my website?
http://www.finalwebsites.com/snippets.php?id=7

No, I didn't know that. Damn.. haha.. Im'a try your upload class today and see if I can merge'em.

[Guest]

[37.736]

Googlebot, Yahoo crawler, Msnbot, Baidu Spider