password page.

Hello, I have the following php site that uploads a file to a randomly created folder. My question is, is there a way I can prompt via a inputbox to enter a password (not password and username).

Code:

<html> <title>Welcome to website!</title> </html> <?php $action = $_POST["action"]; $max_size = "67108864"; // Max size in BYTES (1MB) $rand_folder = str_rand(15, 'alphanum'); echo " <b>Use the below Uploader to upload the file. Uploads can take a few minutes for large files. Once uploaded, you will be shown the link to the file. From there, you may copy and paste it into an email to send.</b></br></br> <b>Uploader</b><br> <form action='upload with random.php' method=post enctype='multipart/form-data'> File (max size: $max_size bytes/".($max_size/1024)." kb):<br> <input type='file' name='filename'><br> <input type='hidden' name='action' value='upload'> <input type='submit' value='Upload File'> </form>"; if ($action == 'upload') { if ($_FILES["filename"]["size"] > $max_size) die ("<b>File too big! Try again...</b>"); mkdir("./uploads/".$rand_folder); copy($_FILES["filename"]["tmp_name"],"./uploads/".$rand_folder."/".$_FILES["filename"]["name"]) or die("<b>Unknown error!</b>"); echo "<b>File Uploaded. </b>"; // for debug --> $filename --> ".$destination."/".$filename_name."</h2>"; echo "http://www.testwebsite.com/uploads/".$rand_folder."/".$filename_name."</br>"; $urlvar = "http://www.testwebsite.com/uploads/".$rand_folder."/".$filename_name; echo "<a href=\"$urlvar\">Right Click here and Copy Shortcut</a></br>"; echo "<a href=\"mailto:?body=$urlvar\">Click here to open new email message with link in the body.</a>"; } ?> <?php function str_rand($length = 8, $seeds = 'alphanum') { // Possible seeds $seedings['alpha'] = 'abcdefghijklmnopqrstuvwqyz'; $seedings['numeric'] = '0123456789'; $seedings['alphanum'] = 'abcdefghijklmnopqrstuvwqyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; $seedings['hexidec'] = '0123456789abcdef'; // Choose seed if (isset($seedings[$seeds])) { $seeds = $seedings[$seeds]; } // Seed generator list($usec, $sec) = explode(' ', microtime()); $seed = (float) $sec + ((float) $usec * 100000); mt_srand($seed); // Generate $str = ''; $seeds_count = strlen($seeds); for ($i = 0; $length > $i; $i++) { $str .= $seeds { mt_rand(0, $seeds_count - 1) }; } return $str; } ?>

Re: password page.

Add another input variable called password and check this before allowing the page to be accessed. I suggest you check the password on a page of its own rather than have the user upload the file first.

Also, its code coding practice not to use echo to produce HTML and to have any helper functions and processing in an included file.

PHP Code:

<b>Use the below Uploader to upload the file. Uploads can take a few minutes for large files. Once uploaded, you will be shown the link to the file. From there, you may copy and paste it into an email to send.</b></br></br> <b>Uploader</b><br> <form action='upload with random.php' method=post enctype='multipart/form-data'> File (max size: <?php echo($max_size . ' bytes / ' .($max_size/1024) . ' kb') ?>) :<br> <input type='file' name='filename'><br> <input type='hidden' name='action' value='upload'> <input type='submit' value='Upload File'> </form>

Re: password page.

Quote:

Originally Posted by visualAd

Add another input variable called password and check this before allowing the page to be accessed. I suggest you check the password on a page of its own rather than have the user upload the file first.

Also, its code coding practice not to use echo to produce HTML and to have any helper functions and processing in an included file.

PHP Code:

<b>Use the below Uploader to upload the file. Uploads can take a few minutes for large files. Once uploaded, you will be shown the link to the file. From there, you may copy and paste it into an email to send.</b></br></br> <b>Uploader</b><br> <form action='upload with random.php' method=post enctype='multipart/form-data'> File (max size: <?php echo($max_size bytes . '/' .($max_size/1024) 'kb') ?>) :<br> <input type='file' name='filename'><br> <input type='hidden' name='action' value='upload'> <input type='submit' value='Upload File'> </form>

Thank you, I have one more somewhat related question. Is there a way to add a check on the page that see's where the page was linked from? Pretty much, I only want the page to be redirected from www.site.com/index.php....if a user simply types in www.site.com/uploads.php...it redirects them to index.php