$target_dir="data/"; function sanitize_file_name( $string ) { // Remove special accented characters - ie. sí. $clean_name = strtr($string, array('Š' => 'S','Ž' => 'Z','š' => 's','ž' => 'z','Ÿ' => 'Y','À' => 'A','Á' => 'A','Â' => 'A','Ã' => 'A','Ä' => 'A','Å' => 'A','Ç' => 'C','È' => 'E','É' => 'E','Ê' => 'E','Ë' => 'E','Ì' => 'I','Í' => 'I','Î' => 'I','Ï' => 'I','Ñ' => 'N','Ò' => 'O','Ó' => 'O','Ô' => 'O','Õ' => 'O','Ö' => 'O','Ø' => 'O','Ù' => 'U','Ú' => 'U','Û' => 'U','Ü' => 'U','Ý' => 'Y','à' => 'a','á' => 'a','â' => 'a','ã' => 'a','ä' => 'a','å' => 'a','ç' => 'c','è' => 'e','é' => 'e','ê' => 'e','ë' => 'e','ì' => 'i','í' => 'i','î' => 'i','ï' => 'i','ñ' => 'n','ò' => 'o','ó' => 'o','ô' => 'o','õ' => 'o','ö' => 'o','ø' => 'o','ù' => 'u','ú' => 'u','û' => 'u','ü' => 'u','ý' => 'y','ÿ' => 'y')); $clean_name = strtr($clean_name, array('Þ' => 'TH', 'þ' => 'th', 'Ð' => 'DH', 'ð' => 'dh', 'ß' => 'ss', 'Œ' => 'OE', 'œ' => 'oe', 'Æ' => 'AE', 'æ' => 'ae', 'µ' => 'u')); $clean_name = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), $clean_name); return($clean_name); } function getQuest($num = 0) { $quests = array(); $quest[0] = "ludwig::What was Beethoven's first name"; $quest[1] = "miller::Name the famous big band leader who's name starts with 'Glenn' .."; $quest[2] = "vinyl::What material is a record made out of"; $quest[3] = "45::What rpm spins a 7 inch record at (only digits)"; $quest[4] = "radio::What is the name of the device that wirelessly receives audio"; $work = explode("::",$quest[$num]); $ret = array(); $ret['answer'] = strtolower($work[0]); $ret['question'] = $work[1]; return($ret); } $qnum = rand(0,4); $question = getQuest($qnum); $error = null; $fileok=null; if (isset($_POST) && isset($_POST['sq']) && isset($_POST['qa'])) { $question = getQuest(intval($_POST['sq'])); if (md5($question['answer']) != md5(trim(strtolower($_POST['qa'])))) { // echo "-" . "Sorry, wrong answer - " . $question['answer'] . " [" . $_POST['qa'] . "]"; echo "-" . "Sorry, wrong answer to security question"; exit(0); } if (isset($_POST['fs'])) { $size = $_POST['fs']; if ($size < (1024 * 1024 * 100)) { echo "+Continue"; exit(0); } else { echo "-Sorry - File to large"; exit(0); } } if ( isset($_FILES['qf']['error']) && isset($_FILES['qf']['name'])) { $error = "Invalid Upload 1"; if (!$_FILES['qf']['error']) { $error = "Invalid Upload 2"; $target_file = $target_dir . sanitize_file_name( $_FILES['qf']['name']); if (!move_uploaded_file( $_FILES['qf']['tmp_name'], $target_file)) { echo "-Unable to store your data"; exit(0); } echo "+OK: [" .$target_file . "]"; exit(0); } } echo "-Upload failed"; exit(0); } ?>