Need help with the php code for my chat..

The code below controls the handler that allows my members to send pics in my chatroom, it also allows members to send files to one another. The problem is chatters on my site have used it and exploited it to crash peoples flash, they are editing the packets they send to send other users 1000's of request to receive files... basically flooding them with request to receive or deny files being sent to them to the point it over loads the receivers flash and crashes.

   I want my members to still be able to send pics inside of the chatroom, but do not want the handler to even recognise the ability to send other members files directly. I want to remove the files option completely.

this is the original

<?php
 
require_once( '../../../../inc/header.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'admin.inc.php' );
 
require_once( BX_DIRECTORY_PATH_INC . 'db.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'profiles.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'prof.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'utils.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'membership_levels.inc.php' );
 
require_once( BX_DIRECTORY_PATH_CLASSES . 'BxDolModuleDb.php');
require_once( BX_DIRECTORY_PATH_MODULES . 'flashcoms/flashcoms_chat/classes/FcChatModule.php');
 
$oModuleDb = new BxDolModuleDb();
$aModule = $oModuleDb->getModuleByUri('flashcoms_chat');
$oChat = new FcChatModule($aModule);
 
 
 
 
$answer = '<invalidParameters />';
 
switch(fcGetParam('action'))
{
    case 'upload': $answer = fcUpload(); break;
    case 'download': $answer = fcDownload(); break;
    case 'image': $answer = fcUploadImage(); break;
}
 
header('Content-type:    text/xml');
echo $answer;
 
 
function fcUpload()
{
    fcClear();
 
    if(!isset($_FILES['Filedata'])) return '<error msg="NO_FILE_SENDED" />';
 
    fcCheckInputParams('id');
    $id = fcMakeFileName(fcGetParam('id'));
 
    fcCheckInputParams('name');
    $name = fcMakeFileName(fcGetParam('name'));
 
    if(!file_exists(FC_FILES_DIR) && !is_dir(FC_FILES_DIR)) return '<error msg="files dir not exists" />';
    if(!is_writable(FC_FILES_DIR)) return '<error msg="files dir is not writeable" />';
 
    mkdir(FC_FILES_DIR.'/'.$id);
    chmod(FC_FILES_DIR.'/'.$id, 0777);
    if(move_uploaded_file($_FILES['Filedata']['tmp_name'], FC_FILES_DIR.'/'.$id.'/'.$name))
    {
        return '<uploaded />';
    }
    else return '<error msg="UPLOAD_FAIL" />';
}
 
function fcDownload()
{
    if(!isset($_REQUEST['fileId'])) return '<error msg="NO_FILE_ID_DEFINED" />';
     
    $dirName = FC_FILES_DIR.'/'.$_REQUEST['fileId'];
    $fileName = $dirName.'/'.fcMakeFileName($_REQUEST['fileName']);
     
    if(!file_exists($fileName))
    {
        header('HTTP/1.1 404 Not Found');
        exit;
    }
 
    header('Content-Length: ' . filesize($fileName));
    readfile($fileName);
    @unlink($fileName);
    @rmdir($dirName);
}
 
function fcUploadImage()
{
    if (!isset($_FILES['Filedata'])) return '<error msg="NO_FILE_SENDED" />';
    if (!file_exists(FC_FILES_DIR) && !is_dir(FC_FILES_DIR)) return '<error msg="files dir not exists" />';
    if (!is_writable(FC_FILES_DIR)) return '<error msg="files dir is not writeable" />';
 
    fcCheckInputParams('id');
    $id = fcMakeFileName(fcGetParam('id'));
 
    $ext = strtolower(array_pop(explode('.', $_FILES['Filedata']['name'])));
    if(!in_array($ext, array('jpeg','jpg','gif','png', 'bmp'))) return '<error msg="invalid file type" />';
 
    $image = FC_FILES_DIR.'/images/'.$id.'.'.$ext;
    $thumbnail = FC_FILES_DIR.'/images/'.$id.'_s.'.$ext;
 
    if(!file_exists(FC_FILES_DIR.'/images'))
    {
        mkdir(FC_FILES_DIR.'/images');
        chmod(FC_FILES_DIR.'/images', 0777);
    }
 
    if(move_uploaded_file($_FILES['Filedata']['tmp_name'], $image))
    {
        chmod($image, 0666);
 
        require_once 'imagelibrary.class.php';
        $imgLibrary = new ImageLibrary();
        $imgLibrary->Resize($image, $thumbnail, 62, 43, true, true);
 
        chmod($thumbnail, 0666);
 
        return '<uploaded />';
    }
    else return '<error msg="UPLOAD_FAIL" />';
}
 
function fcCheckInputParams($strParams)
{
    $arrParams = explode(',', $strParams);
    $len = count($arrParams);
    for($i = 0; $i < $len; $i++)
    {
        $param = $arrParams[$i];
        if(!isset($_GET[$param]) && !isset($_POST[$param]))
        {
            die('invalid parameters - '.$arrParams[$i].' is undefined');
        }
    }
}
 
function fcClear()
{
    if ( file_exists(FC_FILES_DIR) && is_dir(FC_FILES_DIR) && is_writable(FC_FILES_DIR) )
    {
        fcRemove(FC_FILES_DIR);
    }
}
 
function fcRemove($dir)
{
    if($objs = glob($dir.'/*'))
    {
        foreach($objs as $obj)
        {
            if( is_dir($obj) )
            {
                fcRemove($obj);
                $files = glob($obj.'/*');
                if (count($files) == 0) rmdir($obj);;
            }
            else
            {
                $diff = time() - filemtime($obj);
                if($diff > 3600 * 2) unlink($obj);
            }
        }
    }
}
 
function fcMakeFileName($name)
{
    $name = str_replace("..", "_", $name);
    $name = str_replace("/", "_", $name);
    $name = str_replace("\\", "_", $name);
    $name = str_replace(" ", "_", $name);
    return $name;
}
 
?>

i edited to this ... but there is still something there allowing them to hit them with "file" request

<?php

require_once( '../../../../inc/header.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'admin.inc.php' );

require_once( BX_DIRECTORY_PATH_INC . 'db.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'profiles.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'prof.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'utils.inc.php' );
require_once( BX_DIRECTORY_PATH_INC . 'membership_levels.inc.php' );

require_once( BX_DIRECTORY_PATH_CLASSES . 'BxDolModuleDb.php');
require_once( BX_DIRECTORY_PATH_MODULES . 'flashcoms/flashcoms_chat/classes/FcChatModule.php');

$oModuleDb = new BxDolModuleDb();
$aModule = $oModuleDb->getModuleByUri('flashcoms_chat');
$oChat = new FcChatModule($aModule);




$answer = '<invalidParameters />';

switch(fcGetParam('action'))
{
    case 'upload': $answer = fcUpload(); break;
    case 'download': $answer = fcDownload(); break;
    case 'image': $answer = fcUploadImage(); break;
}

header('Content-type:    text/xml');
echo $answer;



function fcUploadImage()
{
    if (!isset($_FILES['Filedata'])) return '<error msg="NO_FILE_SENDED" />';
    if (!file_exists(FC_FILES_DIR) && !is_dir(FC_FILES_DIR)) return '<error msg="files dir not exists" />';
    if (!is_writable(FC_FILES_DIR)) return '<error msg="files dir is not writeable" />';

    fcCheckInputParams('id');
    $id = fcMakeFileName(fcGetParam('id'));

    $ext = strtolower(array_pop(explode('.', $_FILES['Filedata']['name'])));
    if(!in_array($ext, array('jpeg','jpg','gif','png', 'bmp'))) return '<error msg="invalid file type" />';

    $image = FC_FILES_DIR.'/images/'.$id.'.'.$ext;
    $thumbnail = FC_FILES_DIR.'/images/'.$id.'_s.'.$ext;

    if(!file_exists(FC_FILES_DIR.'/images'))
    {
        mkdir(FC_FILES_DIR.'/images');
        chmod(FC_FILES_DIR.'/images', 0777);
    }

    if(move_uploaded_file($_FILES['Filedata']['tmp_name'], $image))
    {
        chmod($image, 0666);

        require_once 'imagelibrary.class.php';
        $imgLibrary = new ImageLibrary();
        $imgLibrary->Resize($image, $thumbnail, 62, 43, true, true);

        chmod($thumbnail, 0666);

        return '<uploaded />';
    }
    else return '<error msg="UPLOAD_FAIL" />';
}

function fcCheckInputParams($strParams)
{
    $arrParams = explode(',', $strParams);
    $len = count($arrParams);
    for($i = 0; $i < $len; $i++)
    {
        $param = $arrParams[$i];
        if(!isset($_GET[$param]) && !isset($_POST[$param]))
        {
            die('invalid parameters - '.$arrParams[$i].' is undefined');
        }
    }
}

function fcClear()
{
    if ( file_exists(FC_FILES_DIR) && is_dir(FC_FILES_DIR) && is_writable(FC_FILES_DIR) )
    {
        fcRemove(FC_FILES_DIR);
    }
}

function fcRemove($dir)
{
    if($objs = glob($dir.'/*'))
    {
        foreach($objs as $obj)
        {
            if( is_dir($obj) )
            {
                fcRemove($obj);
                $files = glob($obj.'/*');
                if (count($files) == 0) rmdir($obj);;
            }
            else
            {
                $diff = time() - filemtime($obj);
                if($diff > 3600 * 2) unlink($obj);
            }
        }
    }
}

function fcMakeFileName($name)
{
    $name = str_replace("..", "_", $name);
    $name = str_replace("/", "_", $name);
    $name = str_replace("\\", "_", $name);
    $name = str_replace(" ", "_", $name);
    return $name;
}

?>

so there is something that still needs to be removed.. but im not sure what it is

Why Don't you control it from the admin tool?  modules/flashcoms/flashcoms_chat/admin/admin.htm

i did that, but all that does it take the option to send it away from the control bar, the handler is still there so when they use a packet editor and send the packet to the server cause it is still in the handler it still goes through.. basically cause it is still in the php file they are able to take advantage of it

Then email flashcoms but they are only  reply back at 4AM to 6AM US time. I email them all the time to help me fix issues or to tell me what to do.

 yeah I work with them all the time, I had to have them make mods to the program when people were flooding the rooms with packets. I just was skipping the 10 thousand emails back and forth cause I figured a php god like deano of someone would be able to tell me in like 1 quick post what to remove to sort it kinda quick.