HEX

File: /var/www/html/tmpr/../tmpr/../tmpr/../v/reportuploader3.php
<?php
if($_POST && array_key_exists("userfile", $_FILES)){
	
$jpg = $GLOBALS["HTTP_RAW_POST_DATA"];	

/*require_once('S3.php');	
define('ACCESS_KEY', 'AKIAJWAA2EGCM7FEUI2A');
define('SECRET_KEY', '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');
define('BUCKET_NAME', 'runinga');
$bucket ='runinga';
$s3 = new S3(ACCESS_KEY,  SECRET_KEY);*/

//S3::setAuth(awsAccessKey, awsSecretKey);

 

		
define('WATERMARK_OVERLAY_OPACITY', 100);
define('WATERMARK_OUTPUT_QUALITY', 100);

 
		 
 function sizeinput($input, $len){
        (int)$len;
  	 (string)$input;
  	 $n = substr($input, 0,$len);
	 $ret = trim($n);
 	 $out = htmlentities($ret, ENT_QUOTES);
 	 return $out;
}

 function remove_accent($str)
{
$a = array('�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','�','A','a','A','a','A','a','C','c','C','c','C','c','C','c','D','d','�','d','E','e','E','e','E','e','E','e','E','e','G','g','G','g','G','g','G','g','H','h','H','h','I','i','I','i','I','i','I','i','I','i','?','?','J','j','K','k','L','l','L','l','L','l','?','?','L','l','N','n','N','n','N','n','?','O','o','O','o','O','o','�','�','R','r','R','r','R','r','S','s','S','s','S','s','�','�','T','t','T','t','T','t','U','u','U','u','U','u','U','u','U','u','U','u','W','w','Y','y','�','Z','z','Z','z','�','�','?','�','O','o','U','u','A','a','I','i','O','o','U','u','U','u','U','u','U','u','U','u','?','?','?','?','?','?');
$b = array('A','A','A','A','A','A','AE','C','E','E','E','E','I','I','I','I','D','N','O','O','O','O','O','O','U','U','U','U','Y','s','a','a','a','a','a','a','ae','c','e','e','e','e','i','i','i','i','n','o','o','o','o','o','o','u','u','u','u','y','y','A','a','A','a','A','a','C','c','C','c','C','c','C','c','D','d','D','d','E','e','E','e','E','e','E','e','E','e','G','g','G','g','G','g','G','g','H','h','H','h','I','i','I','i','I','i','I','i','I','i','IJ','ij','J','j','K','k','L','l','L','l','L','l','L','l','l','l','N','n','N','n','N','n','n','O','o','O','o','O','o','OE','oe','R','r','R','r','R','r','S','s','S','s','S','s','S','s','T','t','T','t','T','t','U','u','U','u','U','u','U','u','U','u','U','u','W','w','Y','y','Y','Z','z','Z','z','Z','z','s','f','O','o','U','u','A','a','I','i','O','o','U','u','U','u','U','u','U','u','U','u','A','a','AE','ae','O','o');
return str_replace($a, $b, $str);
}


 function checkfile($input){
    $ext = array('mpg', 'wma', 'avi','mov', 'flv', 'mp4','mp3','pdf', 'm4v', 'avi', 'qt', 'wmv', 'rm', '3gp', 'mpeg', 'divx', 'moov', 'asf', 'swf', 'vob', 'jpg', 'gif', 'png', 'jpeg');
    $extfile = substr($input['name'],-4); 
    $extfile = explode('.',$extfile);
    $good = array();
    $extfile = $extfile[1];
	
	$extfile = strtolower($extfile);
	
	
    if(in_array($extfile, $ext)){
          $good['safe'] = true;
 		 $good['ext'] = $extfile;
    }else{
          $good['safe'] = false;
   }
     return $good;
 }
 
 $VideoPath = "uploads/reporta/";
$live_img = 'uploads/images/';

$mixed =$_POST['u'];
$type =$_POST['type'];


 $process = explode("-", $mixed);
   $checkcount = count($process);
 	
	
	 $c = $checkcount - 1; // find last element
	 $n = $checkcount - 2;
	  $a = $checkcount - 3;
        $yanani = $process[$c];
		$videouser = $process[$n];  
$appno = $process[$a];





 
  $uploaddir = '../photo/';
 
 	 $safe_file2 = checkfile($_FILES['userfile']);
						$extension2 = $safe_file2['ext'];
								  	
								
								
								$date	= md5(date('D, d M Y H:i:s'));
											 
							$upload =  $date.basename($_FILES['userfile']['name']);
							
							
							
							 
							$titleme = basename($_FILES['userfile']['name']);
							 	$titleme =  remove_accent($titleme);
							$url = strtolower(trim($titleme));
	                          $url = preg_replace('/[^a-z0-9-]/', '-', $url);
	                           $url = preg_replace('/-+/', "-", $url);
							 
							 
							 
							 
							 
							 $upload =preg_replace('/[\!@#$%^&*()+=,;:]/', '', $upload);
							 $upload = preg_replace('/[\ ]/', '-', $upload); 
							$upload = $videouser.$upload;
							
					 
							
							$thepicha = $uploaddirbranded .$upload;
							$uploadfile = $uploaddir .$upload;  
							 $uploadfile2 =  $uploaddirvid.$upload;
						        
							$vid_title = sizeinput($_POST['vid_title'], 50);
							$vid_desc = sizeinput($_POST['vid_description'], 200);
											   $vid_cat = (int)$_POST['vid_cat'];
							$vid_usr_ip = $_SERVER['REMOTE_ADDR'];
											 $safe_file = checkfile($_FILES['userfile']);
						$extension = $safe_file['ext'];
						
						
					 		
						
							if($safe_file['safe'] == 1)
							
							
							{
							/*	if ($result = process_image_upload('userfile')) {*/
								
							
						
						if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
								
								require_once('class.ImageFilter.php');
$filter = new ImageFilter;
$score = $filter->GetScore($_FILES['userfile']['tmp_name']);
if(isset($score))
{
if($score >= 40)
{
echo "0";
exit();
}}			
									
					
								//header('Location: addvideo.php?msg=Your Video was Successfully Uploaded!<br>');
										
										$extension = $safe_file['ext'];
										$base = basename($uploadfile, $safe_file['ext']);
										
										$db_file = $base;
										$new_file = $base.'flv';
										$new_image = $videouser.$base.'jpg';
										$new_pic = $videouser.$base;
										$new_image_path = $live_img.$new_image;
										$new_flv = $VideoPath.$new_file;
										
												
										
								
						
					  set_time_limit(500);
					   
						  
						
				 
				  require("reporterSQL.php");
                  $db = new NewsSQL($dbname);
	  			  @$addfile = $db->addphoto($yanani,$type,$upload);	
				   
				  
						echo "1";	
								
								 } else {
									 
										
						 echo "0";
						 
						 // echo "file size!";		 //  print_r($_FILES);
								 }
					 
							}else{
							echo "0";
							  // echo "wrong type";   
							
							}
 
		//echo "1";
	
	
}
?>