Geek asks and answers

Download and Download Php MySQL Script

I used a script that is available on the Internet. The upload.php file allows the user to upload the file and then save the selected file in the MySQL database. Later, the download.PHP script displays links for all files stored in the database. When the user clicks on the link, the file must be uploaded. I have attached the script below. But the problem is that when I click the link, the contents of the file are displayed instead of downloading.

upload.php

<!--

CREATE TABLE IF NOT EXISTS `upload` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(30) NOT NULL,
  `type` varchar(30) NOT NULL,
  `size` int(11) NOT NULL,
  `content` longblob NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=5 ;


-->
<html>
    <head></head>
    <body>
        <form method="post" enctype="multipart/form-data">
            <table width="350" border="0" cellpadding="1"
                   cellspacing="1" class="box">
                <tr>
                    <td>please select a file</td></tr>
                <tr>
                    <td>
                        <input type="hidden" name="MAX_FILE_SIZE"
                               value="16000000">
                        <input name="userfile" type="file" id="userfile"> 
                    </td>
                    <td width="80"><input name="upload"
                                          type="submit" class="box" id="upload" value=" Upload "></td>
                </tr>
            </table>
        </form>
    </body>
</html>

<?php
if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) {
    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
    $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string(
                            $_FILES['userfile']['type']) : mysql_real_escape_string(
                            stripslashes($_FILES['userfile'])));
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if (!get_magic_quotes_gpc()) {
        $fileName = addslashes($fileName);
    }
    $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error());
    $db = mysql_select_db('test', $con);
    if ($db) {
        $query = "INSERT INTO upload (name, size, type, content ) " .
                "VALUES ('$fileName', '$fileSize', '$fileType', '$content')";
        mysql_query($query) or die('Error, query failed');
        mysql_close();
        echo "<br>File $fileName uploaded<br>";
    } else {
        echo "file upload failed";
    }
}
?>

download.php

<html>
    <head>
        <title>Download File From MySQL Database</title>
        <meta http-equiv="Content-Type" content="text/html; 
              charset=iso-8859-1">
    </head>
    <body>
        <?php
        $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error());
        $db = mysql_select_db('test', $con);
        $query = "SELECT id, name FROM upload";
        $result = mysql_query($query) or die('Error, query failed');
        if (mysql_num_rows($result) == 0) {
            echo "Database is empty <br>";
        } else {
            while (list($id, $name) = mysql_fetch_array($result)) {
                ?>
                <a href="download.php?id=<?php echo urlencode($id); ?>"
                   ><?php echo urlencode($name); ?></a> <br>
                <?php
            }
        }
        mysql_close();
        ?>
    </body>
</html>
           <?php
           if (isset($_GET['id'])) {
               $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error());
               $db = mysql_select_db('test', $con);
               $id = $_GET['id'];
               $query = "SELECT name, type, size, content " .
                       "FROM upload WHERE id = '$id'";
               $result = mysql_query($query) or die('Error, query failed');
               list($name, $type, $size, $content) = mysql_fetch_array($result);
               header("Content-length: $size");
               header("Content-type: $type");
               header("Content-Disposition: attachment; filename=$name");
               ob_clean();
               flush();
               echo $content;
               mysql_close();
               exit;
           }
           ?>
+3
source share
1 answer

download.phpdisplays all the HTML at the top, even when the user has selected the file to upload. You need to put the entire section in ifso that it does not get to the beginning of the download:

if (!isset($_GET['id']) { ?>
    <html>
    ...
    </html>
<?php } else {
    $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error());
    ... // rest of script
}
+5
source

More articles:


All Articles