File: /home/xedaptot/360.naniguide.com/backend/ajax/upload_vr_icon.php
<?php
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_DEPRECATED);
ob_start();
session_start();
if((($_SERVER['SERVER_ADDR']==$_SESSION['demo_server_ip']) && ($_SERVER['REMOTE_ADDR']!=$_SESSION['demo_developer_ip']) && ($_SESSION['id_user']==$_SESSION['demo_user_id'])) || ($_SESSION['svt_si']!=session_id())) {
die();
}
require_once(dirname(__FILE__).'/../functions.php');
$settings = get_settings();
$user_info = get_user_info($_SESSION['id_user']);
if(!empty($user_info['language'])) {
set_language($user_info['language'],$settings['language_domain']);
} else {
set_language($settings['language'],$settings['language_domain']);
}
session_write_close();
if (!file_exists(dirname(__FILE__).'/../../vr/img/custom/')) {
mkdir(dirname(__FILE__).'/../../vr/img/custom/', 0775);
}
$type = $_GET['type'];
if(isset($_FILES) && !empty($_FILES['file']['name'])){
$allowed_ext = array('png');
$filename = $_FILES['file']['name'];
$ext = explode('.',$filename);
$ext = strtolower(end($ext));
if(in_array($ext,$allowed_ext)){
$name = "$type.png";
$moved = move_uploaded_file($_FILES['file']['tmp_name'],dirname(__FILE__).'/../../vr/img/custom/'.$name);
if($moved) {
ob_end_clean();
echo $name;
} else {
ob_end_clean();
echo 'ERROR: code:'.$_FILES["file"]["error"];
}
}else{
ob_end_clean();
echo 'ERROR: '._("Only png files are supported.");
}
}else{
ob_end_clean();
echo 'ERROR: '._("File not provided.");
}
exit;