<?php
/**
* Income Pitbull – Quick UnZipper
* Place this in the same directory of the zip file. Then go to the file in your browser, enter the file name in the textbox, and hit “Unzip”.
* For security reasons, this only is allowed to run inside it’s own current directory.
* It is recommended to delete this file after use.
*/
$curdir = dirname(__FILE__) . “/”;
$status = “”;
if ( isset($_POST[‘file’]) )
{
$path = $curdir;
$file = basename($_POST[‘file’]);
$ext = pathinfo($file, PATHINFO_EXTENSION);
if ( (strpos($file, “/”) !== false) || (strpos($file, “..”) !== false) ) {
$status = “<strong>Error:</strong> You must stay within this directory. Slashes and other chars are blocked for security reasons!”;
} elseif ( $ext !== “zip” ) {
$status = “<strong>Error:</strong> The file extension must be a ‘zip’ file!”;
} else {
$zip = new ZipArchive;
$res = $zip->open($file);
if ($res === TRUE) {
$zip->extractTo($path);
$zip->close();
$status = “<strong>Success:</strong> ‘$file’ extracted to ‘$path’.”;
} else {
$status = “<strong>Error:</strong> Could not extract ‘$file’.”;
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset=”UTF-8″>
</head>
<body>
<div style=”border:1px solid black;width:600px; margin: 30px auto; padding:10px 5px 20px 5px; text-align:center;font-family:Arial, Verdana;”>
<h1 style=”font-size:16px;font-weight:900;font-family: Arial, Verdana;text-decoration:underline;”>Income Pitbull Quick Unzipper</h1>
<?php
if ( isset($status) && ! empty($status) ) {
echo ‘<p align=”center”>’ . $status . ‘</p>’;
}
?>
<form name=”unzipform” action=”” method=”post”>
<label for=”file”>Filename:</label>
<input type=”text” name=”file” placeholder=”filename.zip” style=”padding-left:4px;” />
<button>Unzip</button>
</form>
</div>
</body>
</html>