Jump to content
php.lv forumi

Failu augšupielāde un lejupielāde, izmantotjot mysql

janculis

By janculis
in PHP skripti

 Share

Recommended Posts

janculis Newbie

janculis

Posted
Posted

Man ir tāda vēlme - lietotājs var augšupielādēt kādu failu, pievienot tam aprakstu un vēlāk to jauki lejupielādēt. Taču esmu es liels iesācējs un nūģis.

 

Tas ir mans open_db.inc inklūds. It kā tur viss strādā un notiek. 

<?php
$db = mysql_connect("localhost", "root", "");
mysql_select_db("eiroinfocentrs", $db) or die(mysql_errno() . ": " . mysql_error() . "<br>");
?>

 

Tālāk seko mans viltīgais add.php, iekš kura tā kā vajadzētu notikt augšupielādei. Bet... Viņš nekur tālāk netiek - apstājās pie tāpat kā tikko atvērtas add.php lapas. Esmu palicis jau izmisis!!! 

<?php
if ($action == "upload") {
 include "open_db.inc";

 if (isset($binFile) && $binFile != "none") {
$data = addslashes(fread(fopen($binFile, "r"), filesize($binFile)));
$strDescription = addslashes(nl2br($txtDescription));
$sql = "INSERT INTO tbl_Files ";
$sql .= "(description, bin_data, filename, filesize, filetype) ";
$sql .= "VALUES ('$strDescription', '$data', ";
$sql .= "'$binFile_name', '$binFile_size', '$binFile_type')";
$result = mysql_query($sql, $db);
mysql_free_result($result); // it's always nice to clean up!
echo "Thank you. The new file was successfully added to our database.<br><br>";
echo "<a href='main.php'>Continue</a>";
 }
 mysql_close();

} else {
?>
<HTML>
<BODY>
<FORM METHOD="post" ACTION="add.php" ENCTYPE="multipart/form-data">
<INPUT TYPE="hidden" NAME="MAX_FILE_SIZE" VALUE="1000000">
<INPUT TYPE="hidden" NAME="action" VALUE="upload">
<TABLE BORDER="1">
 <TR>
  <TD>Description: </TD>
  <TD><TEXTAREA NAME="txtDescription" ROWS="10" COLS="50"></TEXTAREA></TD>
 </TR>
 <TR>
  <TD>File: </TD>
  <TD><INPUT TYPE="file" NAME="binFile"></TD>
 </TR>
 <TR>
  <TD COLSPAN="2"><INPUT TYPE="submit" VALUE="Upload"></TD>
 </TR>
</TABLE>
</FORM>
</BODY>
</HTML>
<?php
}
?>

 

Nu un tālāk jātiek pie nolasīšanas. Tas ir mans tipa galvenais logs, iekš kuras būtu jārādās augšupielādētajiem failiem

 

<?php
include "open_db.inc";

$sql = "SELECT * FROM tbl_Files ";
$sql .= "ORDER BY filename ASC";
$result = mysql_query($sql, $db);
$rows = mysql_num_rows($result);

echo "<table>\n";
echo " <tr>\n";
echo "  <td>Filename</td>\n";
echo "  <td>Type</td>\n";
echo "  <td>Size</td>\n";
echo "  <td>Description</td>\n";
echo "  <td> </td>\n";
echo " </tr>\n";

for ($i = 0; $i < $rows; $i++) {
 $data = mysql_fetch_object($result);
 echo " <tr>\n";
 echo "  <td>$data->filename</td>\n";
 echo "  <td>$data->filetype</td>\n";
 echo "  <td>$data->filesize</td>\n";
 echo "  <td>" . stripslashes($data->description) . "</td>\n";
 echo "  <td>( <a href='download.php?id=$data->id_files'>Download</a> )</td>\n";
 echo " </tr>\n";
}
mysql_free_result($result);
mysql_close($db);
?>

 

 

Un tad atkal download.php failiņš, kurā vajadzētu lejupielādēt nepiciešamos failiņus.

Dikti to gribu izprast, lai varētu likt iekš mājas lapas!

 

<?php
if ($id_files) {
 include "open_db.inc";
 $sql = "SELECT bin_data, filetype, filename, filesize FROM tbl_Files WHERE id_files=$id_files";

 $result = @mysql_query($sql, $db);
 $data = @mysql_result($result, 0, "bin_data");
 $name = @mysql_result($result, 0, "filename");
 $size = @mysql_result($result, 0, "filesize");
 $type = @mysql_result($result, 0, "filetype");

 header("Content-type: $type");
 header("Content-length: $size");
 header("Content-Disposition: attachment; filename=$name");
 header("Content-Description: PHP Generated Data");
 echo $data;
}
?>

Link to comment
Share on other sites
janculis Newbie

janculis

Posted
  • Author
Posted
Kārtējais globals ON lietotājs? Varbūt pamēģini tos visus savus mainīgos pārrakstīt ar $_POST/$_GET (tikai pareizos, protamS).

 

Vai Tu domā

; You should do your best to write your scripts so that they do not require

; register_globals to be on; Using form variables as globals can easily lead

; to possible security problems, if the code is not very well thought of.

register_globals = Off

 

Vai tomēr citu parametru?

Link to comment
Share on other sites
janculis Newbie

janculis

Posted
  • Author
Posted
To pašu :)

 

Bļe...

Varbūt kādam ir kāds cits normāls koda paraugs... Es jau palieku par nožēlojamu sarkanacaini...

Kodu izmainīju šādi:

<?php
if ($action == "upload") {
include "open_db.inc";

$txtDescription= $_POST['txtDescription'];
$binFile= $_POST['binFile'];

if (isset($binFile) && $binFile != "none") {
$data = addslashes(fread(fopen($binFile, "r"), filesize($binFile)));
$strDescription = addslashes(nl2br($txtDescription));
$sql = "INSERT INTO tbl_Files (
	description, 
	bin_data, 
	filename, 
	filesize, 
	filetype)
  	VALUES (
	'$strDescription', 
	'$data', 
	'$binFile_name', 
	'$binFile_size', 
	'$binFile_type')";
$result = mysql_query($sql, $db);
mysql_free_result($result);
if(!$result) {die('Neievietoja datus:' .mysql_error());}
echo "Jauns ieraksts pievienots.";
echo "Thank you. The new file was successfully added to our database.<br><br>";
echo "<a href='main.php'>Continue</a>";
 }
 mysql_close();

} else {
?>
<HTML>
<BODY>
<FORM METHOD="post" ACTION="add.php" ENCTYPE="multipart/form-data">
<INPUT TYPE="hidden" NAME="MAX_FILE_SIZE" VALUE="1000000">
<INPUT TYPE="hidden" NAME="action" VALUE="upload">
<TABLE BORDER="1">
 <TR>
  <TD>Description: </TD>
  <TD><TEXTAREA NAME="txtDescription" ROWS="10" COLS="50"></TEXTAREA></TD>
 </TR>
 <TR>
  <TD>File: </TD>
  <TD><INPUT TYPE="file" NAME="binFile"></TD>
 </TR>
 <TR>
  <TD COLSPAN="2"><INPUT TYPE="submit" VALUE="upload"></TD>
 </TR>
</TABLE>
</FORM>
</BODY>
</HTML>
<?php
}
?>

 

Bet tas nav devis nekādu labu rezultātu. Kaut kur kaut kas nav kā vajag, jo līdz paziņojumam, ka objekti DB nav ievietoti, viņš netiek. Droši vien parametri netiek padoti PHP. Bļe... Bet kas par vainu???

Link to comment
Share on other sites
janculis Newbie

janculis

Posted
  • Author
Posted

Pats ar roku DB sarakstīju muļķības. Viņš spēj nolasīt no DB, bet kā lai dabū iekšā???

Vēeeeeeeeee

 

Sūdi iekš tā, ka mans php.ini fragments ir šāds:

 

; Examples:

;

; - Show all errors, except for notices

;

;error_reporting = E_ALL & ~E_NOTICE

;

; - Show only errors

;

;error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR

;

; - Show all errors except for notices and coding standards warnings

;

error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT

 

; Print out errors (as a part of the output). For production web sites,

; you're strongly encouraged to turn this feature off, and use error logging

; instead (see below). Keeping display_errors enabled on a production web site

; may reveal security information to end users, such as file paths on your Web

; server, your database schema or other information.

display_errors = On

 

; Even when display_errors is on, errors that occur during PHP's startup

 

 

 

 

Tā kā kaut kas ar kodiņu nav tā kā vajaga... Kaut kas tur ir līks...

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...