admin/upload.php

<?php

function hashedName() {
  $now = time();
  $somenumber = rand();
  return sha1("ojhaa $now $somenumber ojhaaa");
}

$target_dir = __DIR__ . "/../slike/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
$hashed_name = hashedName();
$target_file = $target_dir . $hashed_name . ".$imageFileType";

$uploadOk = 1;

// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
  $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
  if($check !== false) {
    echo "File is an image - " . $check["mime"] . ".";
    $uploadOk = 1;
  } else {
    echo "File is not an image.";
    $uploadOk = 0;
  }
}

// Check if file already exists
if (file_exists($target_file)) {
  echo "Sorry, file already exists.";
  $uploadOk = 0;
}

// Check file size
if ($_FILES["fileToUpload"]["size"] > 50000000) {
  echo "Sorry, your file is too large.";
  $uploadOk = 0;
}

// Allow certain file formats
if($imageFileType != "jpg") {
  echo "Sorry, only JPG files are allowed.";
  $uploadOk = 0;
}

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
  echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
  if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
    header("Location: prikazi.php?slika=$hashed_name");
    exit();
  } else {
    echo "Sorry, there was an error uploading your file.";
  }
}
Admin interface 2020-06-10 19:43:29 +02:00			`<?php`

Change redirect 2020-06-10 19:48:49 +02:00			`function hashedName() {`
Admin interface 2020-06-10 19:43:29 +02:00			`$now = time();`
			`$somenumber = rand();`
			`return sha1("ojhaa $now $somenumber ojhaaa");`
			`}`

			`$target_dir = __DIR__ . "/../slike/";`
			`$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);`
			`$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));`
Change redirect 2020-06-10 19:48:49 +02:00			`$hashed_name = hashedName();`
			`$target_file = $target_dir . $hashed_name . ".$imageFileType";`
Admin interface 2020-06-10 19:43:29 +02:00
			`$uploadOk = 1;`

			`// Check if image file is a actual image or fake image`
			`if(isset($_POST["submit"])) {`
			`$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);`
			`if($check !== false) {`
			`echo "File is an image - " . $check["mime"] . ".";`
			`$uploadOk = 1;`
			`} else {`
			`echo "File is not an image.";`
			`$uploadOk = 0;`
			`}`
			`}`

			`// Check if file already exists`
			`if (file_exists($target_file)) {`
			`echo "Sorry, file already exists.";`
			`$uploadOk = 0;`
			`}`

			`// Check file size`
Velicina slike 2020-07-10 19:44:57 +02:00			`if ($_FILES["fileToUpload"]["size"] > 50000000) {`
Admin interface 2020-06-10 19:43:29 +02:00			`echo "Sorry, your file is too large.";`
			`$uploadOk = 0;`
			`}`

			`// Allow certain file formats`
			`if($imageFileType != "jpg") {`
			`echo "Sorry, only JPG files are allowed.";`
			`$uploadOk = 0;`
			`}`

			`// Check if $uploadOk is set to 0 by an error`
			`if ($uploadOk == 0) {`
			`echo "Sorry, your file was not uploaded.";`
			`// if everything is ok, try to upload file`
			`} else {`
			`if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {`
Change redirect 2020-06-10 19:48:49 +02:00			`header("Location: prikazi.php?slika=$hashed_name");`
Admin interface 2020-06-10 19:43:29 +02:00			`exit();`
			`} else {`
			`echo "Sorry, there was an error uploading your file.";`
			`}`
			`}`