Jump to content
php.lv forumi

Failu augšupielāde un lejupielāde, izmantotjot mysql

janculis

By janculis
in PHP skripti

 Share

Recommended Posts

janculis Newbie

janculis

Posted
Posted

Man ir tāda vēlme - lietotājs var augšupielādēt kādu failu, pievienot tam aprakstu un vēlāk to jauki lejupielādēt. Taču esmu es liels iesācējs un nūģis.

 

Tas ir mans open_db.inc inklūds. It kā tur viss strādā un notiek. 

<?php
$db = mysql_connect("localhost", "root", "");
mysql_select_db("eiroinfocentrs", $db) or die(mysql_errno() . ": " . mysql_error() . "<br>");
?>

 

Tālāk seko mans viltīgais add.php, iekš kura tā kā vajadzētu notikt augšupielādei. Bet... Viņš nekur tālāk netiek - apstājās pie tāpat kā tikko atvērtas add.php lapas. Esmu palicis jau izmisis!!! 

<?php
if ($action == "upload") {
 include "open_db.inc";

 if (isset($binFile) && $binFile != "none") {
$data = addslashes(fread(fopen($binFile, "r"), filesize($binFile)));
$strDescription = addslashes(nl2br($txtDescription));
$sql = "INSERT INTO tbl_Files ";
$sql .= "(description, bin_data, filename, filesize, filetype) ";
$sql .= "VALUES ('$strDescription', '$data', ";
$sql .= "'$binFile_name', '$binFile_size', '$binFile_type')";
$result = mysql_query($sql, $db);
mysql_free_result($result); // it's always nice to clean up!
echo "Thank you. The new file was successfully added to our database.<br><br>";
echo "<a href='main.php'>Continue</a>";
 }
 mysql_close();

} else {
?>
<HTML>
<BODY>
<FORM METHOD="post" ACTION="add.php" ENCTYPE="multipart/form-data">
<INPUT TYPE="hidden" NAME="MAX_FILE_SIZE" VALUE="1000000">
<INPUT TYPE="hidden" NAME="action" VALUE="upload">
<TABLE BORDER="1">
 <TR>
  <TD>Description: </TD>
  <TD><TEXTAREA NAME="txtDescription" ROWS="10" COLS="50"></TEXTAREA></TD>
 </TR>
 <TR>
  <TD>File: </TD>
  <TD><INPUT TYPE="file" NAME="binFile"></TD>
 </TR>
 <TR>
  <TD COLSPAN="2"><INPUT TYPE="submit" VALUE="Upload"></TD>
 </TR>
</TABLE>
</FORM>
</BODY>
</HTML>
<?php
}
?>

 

Nu un tālāk jātiek pie nolasīšanas. Tas ir mans tipa galvenais logs, iekš kuras būtu jārādās augšupielādētajiem failiem

 

<?php
include "open_db.inc";

$sql = "SELECT * FROM tbl_Files ";
$sql .= "ORDER BY filename ASC";
$result = mysql_query($sql, $db);
$rows = mysql_num_rows($result);

echo "<table>\n";
echo " <tr>\n";
echo "  <td>Filename</td>\n";
echo "  <td>Type</td>\n";
echo "  <td>Size</td>\n";
echo "  <td>Description</td>\n";
echo "  <td> </td>\n";
echo " </tr>\n";

for ($i = 0; $i < $rows; $i++) {
 $data = mysql_fetch_object($result);
 echo " <tr>\n";
 echo "  <td>$data->filename</td>\n";
 echo "  <td>$data->filetype</td>\n";
 echo "  <td>$data->filesize</td>\n";
 echo "  <td>" . stripslashes($data->description) . "</td>\n";
 echo "  <td>( <a href='download.php?id=$data->id_files'>Download</a> )</td>\n";
 echo " </tr>\n";
}
mysql_free_result($result);
mysql_close($db);
?>

 

 

Un tad atkal download.php failiņš, kurā vajadzētu lejupielādēt nepiciešamos failiņus.

Dikti to gribu izprast, lai varētu likt iekš mājas lapas!

 

<?php
if ($id_files) {
 include "open_db.inc";
 $sql = "SELECT bin_data, filetype, filename, filesize FROM tbl_Files WHERE id_files=$id_files";

 $result = @mysql_query($sql, $db);
 $data = @mysql_result($result, 0, "bin_data");
 $name = @mysql_result($result, 0, "filename");
 $size = @mysql_result($result, 0, "filesize");
 $type = @mysql_result($result, 0, "filetype");

 header("Content-type: $type");
 header("Content-length: $size");
 header("Content-Disposition: attachment; filename=$name");
 header("Content-Description: PHP Generated Data");
 echo $data;
}
?>

koko Newbie

koko

Posted
Posted

Kārtējais globals ON lietotājs? Varbūt pamēģini tos visus savus mainīgos pārrakstīt ar $_POST/$_GET (tikai pareizos, protamS).

janculis Newbie

janculis

Posted
  • Author
Posted
Kārtējais globals ON lietotājs? Varbūt pamēģini tos visus savus mainīgos pārrakstīt ar $_POST/$_GET (tikai pareizos, protamS).

 

Vai Tu domā

; You should do your best to write your scripts so that they do not require

; register_globals to be on; Using form variables as globals can easily lead

; to possible security problems, if the code is not very well thought of.

register_globals = Off

 

Vai tomēr citu parametru?

janculis Newbie

janculis

Posted
  • Author
Posted
To pašu :)

 

Bļe...

Varbūt kādam ir kāds cits normāls koda paraugs... Es jau palieku par nožēlojamu sarkanacaini...

Kodu izmainīju šādi:

<?php
if ($action == "upload") {
include "open_db.inc";

$txtDescription= $_POST['txtDescription'];
$binFile= $_POST['binFile'];

if (isset($binFile) && $binFile != "none") {
$data = addslashes(fread(fopen($binFile, "r"), filesize($binFile)));
$strDescription = addslashes(nl2br($txtDescription));
$sql = "INSERT INTO tbl_Files (
	description, 
	bin_data, 
	filename, 
	filesize, 
	filetype)
  	VALUES (
	'$strDescription', 
	'$data', 
	'$binFile_name', 
	'$binFile_size', 
	'$binFile_type')";
$result = mysql_query($sql, $db);
mysql_free_result($result);
if(!$result) {die('Neievietoja datus:' .mysql_error());}
echo "Jauns ieraksts pievienots.";
echo "Thank you. The new file was successfully added to our database.<br><br>";
echo "<a href='main.php'>Continue</a>";
 }
 mysql_close();

} else {
?>
<HTML>
<BODY>
<FORM METHOD="post" ACTION="add.php" ENCTYPE="multipart/form-data">
<INPUT TYPE="hidden" NAME="MAX_FILE_SIZE" VALUE="1000000">
<INPUT TYPE="hidden" NAME="action" VALUE="upload">
<TABLE BORDER="1">
 <TR>
  <TD>Description: </TD>
  <TD><TEXTAREA NAME="txtDescription" ROWS="10" COLS="50"></TEXTAREA></TD>
 </TR>
 <TR>
  <TD>File: </TD>
  <TD><INPUT TYPE="file" NAME="binFile"></TD>
 </TR>
 <TR>
  <TD COLSPAN="2"><INPUT TYPE="submit" VALUE="upload"></TD>
 </TR>
</TABLE>
</FORM>
</BODY>
</HTML>
<?php
}
?>

 

Bet tas nav devis nekādu labu rezultātu. Kaut kur kaut kas nav kā vajag, jo līdz paziņojumam, ka objekti DB nav ievietoti, viņš netiek. Droši vien parametri netiek padoti PHP. Bļe... Bet kas par vainu???

janculis Newbie

janculis

Posted
  • Author
Posted

Pats ar roku DB sarakstīju muļķības. Viņš spēj nolasīt no DB, bet kā lai dabū iekšā???

Vēeeeeeeeee

 

Sūdi iekš tā, ka mans php.ini fragments ir šāds:

 

; Examples:

;

; - Show all errors, except for notices

;

;error_reporting = E_ALL & ~E_NOTICE

;

; - Show only errors

;

;error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR

;

; - Show all errors except for notices and coding standards warnings

;

error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT

 

; Print out errors (as a part of the output). For production web sites,

; you're strongly encouraged to turn this feature off, and use error logging

; instead (see below). Keeping display_errors enabled on a production web site

; may reveal security information to end users, such as file paths on your Web

; server, your database schema or other information.

display_errors = On

 

; Even when display_errors is on, errors that occur during PHP's startup

 

 

 

 

Tā kā kaut kas ar kodiņu nav tā kā vajaga... Kaut kas tur ir līks...

john.brown Newbie

john.brown

Posted
Posted (edited)

Un pārbaudīt mysql_error() prātā neienāk?

if(!$res = mysql_query($query)) {
 echo mysql_error();
}

P.s. pēc "INSERT" nekāds mysql_free_result() nav jātaisa. atgriežas boolean :)

Edited by john.brown
SanchoZs Newbie

SanchoZs

Posted
Posted (edited)

varbūt kļūda te 

if ($action == "upload") {
 include "open_db.inc";

Aiverošās figūriekavas nav... Līdz ar to cik man zināms viņš uz to var nogļukot un neincludot to open_db.inc

Edited by SanchoZs
 Share
Go to topic listing
×
×
  • Create New...