RidgeandGable
-
Posts
90 -
Joined
-
Last visited
Everything posted by RidgeandGable
-
This is what I've tried with no luck <html> <head></head> <body> <form method="post" enctype="multipart/form-data"> <table width="350" border="0" cellpadding="1" cellspacing="1" class="box"> <tr> <td>please select a file</td></tr> <tr> <td> <input type="hidden" name="MAX_FILE_SIZE" value="99000000"> <input name="userfile" type="file" id="userfile"> <input name="username" type="text" id="username"> ADDED THIS LINE </td> <td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td> </tr> </table> </form> </body> </html> <?php if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) { $fileName = $_FILES['userfile']['name']; $tmpName = $_FILES['userfile']['tmp_name']; $fileSize = $_FILES['userfile']['size']; $fileType = $_FILES['userfile']['type']; $username = $_FILES['username']['username']; ADDED THIS LINE HERE $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string( $_FILES['userfile']['type']) : mysql_real_escape_string( stripslashes($_FILES['userfile']))); $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); $content = addslashes($content); fclose($fp); if (!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); } $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error()); $db = mysql_select_db('company', $con); if ($db) { $query = "INSERT INTO upload (username name, size, type, content ) " . ADDED USERNAME AT THE START "VALUES ('$fileName', '$fileSize', '$fileType', '$content')"; mysql_query($query) or die('Error, query failed'); mysql_close(); echo "<br>File $fileName uploaded<br>"; } else { echo "file upload failed"; } } ?> No errors at loading but once submitted I get : Notice: Undefined index: username in C:\xampp\htdocs\ridge\upload.php on line 31 Error, query failed
-
I scraped ID from the tbl Upload as it wasn't actually being used for anything as everything else calls on username as this is unique,in the tbl upload I have: upid - primary username name type size content The upload script above uploads everything else but I can't figure out how to add the username to upload with the file at the same time. It just makes since to try and add the username field at upload than having to amend it manually later. The script was downloaded, not my own work To answer your other question I have 2 tables. 1: Login: id username password 2: Upload upid username name type size content Cheers
-
Cheers. what about adding the username? at the moment I upload the file, and then go into phpmyadmin and edit the uploaded file to enter the username, a long way round lol but it works, would be easier if I was able to add username and send that field through with the rest of the data. Doesn't matter what I try I either get errors for index: username or something else I will add that little bit of code tho, thanks
-
Just before you go can you help me add "username" to the upload page <html> <head></head> <body> <form method="post" enctype="multipart/form-data"> <table width="350" border="0" cellpadding="1" cellspacing="1" class="box"> <tr> <td>please select a file</td></tr> <tr> <td> <input type="hidden" name="MAX_FILE_SIZE" value="99000000"> <input name="userfile" type="file" id="userfile"> </td> <td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td> </tr> </table> </form> </body> </html> <?php if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) { $fileName = $_FILES['userfile']['name']; $tmpName = $_FILES['userfile']['tmp_name']; $fileSize = $_FILES['userfile']['size']; $fileType = $_FILES['userfile']['type']; $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string( $_FILES['userfile']['type']) : mysql_real_escape_string( stripslashes($_FILES['userfile']))); $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); $content = addslashes($content); fclose($fp); if (!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); } $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error()); $db = mysql_select_db('company', $con); if ($db) { $query = "INSERT INTO upload (name, size, type, content ) " . "VALUES ('$fileName', '$fileSize', '$fileType', '$content')"; mysql_query($query) or die('Error, query failed'); mysql_close(); echo "<br>File $fileName uploaded<br>"; } else { echo "file upload failed"; } } ?> This should allow me to upload the file with the username as opposed to editing the file l8r in myphpadmin as I have been through the testing
-
lol omg I did think about a connection to the database but thought nah, won't be as simple as adding <?php require_once('/Connections/new.php'); ?> so I left it out, changed the select statement from select name etc to select * incase I was missing a spelling error or something. Added <?php require_once('/Connections/new.php'); ?> and working with valid files Thank you so so much for all your help guys expc, Ch0cu3r I'll be in touch when I start the picture gallery lol However, no the code is there and working, I should be able to use all this as a reference to fall back on. I have downloaded & printed a book for Mysqli and PDO, so I'll be looking into changing to PDO I think for any future upgrades but will see how everything runs for a month or two first Thanks again
-
Ah ok so the downloading setion must be a page. When its on its own i cant get it working, no files to see and no error messages
-
I just uploaded a txt file called text.txt and the file only had my name in it, no other text, after I downloaded the file, I opened it and found this Hello alex !</p> <h2>Uploaded Files</h2><a href="?upid=11">A4 Invoice CREDIT.pdf - 25059</a><br /><a href="?upid=12">test.txt - 7</a><br /><br /> <b>Notice</b>: A session had already been started - ignoring session_start() in <b>C:\xampp\htdocs\ridge\success.php</b> on line <b>31</b><br /> Harry Any ideas ?
-
Strange, I got it working all by myself Instead of having to click on the filename in Success.php and then that directs to Download.php, if I just paste the contents of download.php into the bottom of success.php it downloads the file however, whatever file I download appears to be corrupt. Letter1.PDF when try to open the file it says - Failed to Load PDF Document. Adobe PDF Reader Download Formget.jpg - This is not a valid bitmap / jpeg file
-
nope no errors at all
-
Hang on that errow was due to the error reporting code
-
ok got an error - Parse error: syntax error, unexpected 'MM_Username' (T_STRING) in C:\xampp\htdocs\ridge\download1.php on line 7
-
I added <?PHP error_reporting() ?> at the top of Download.php and still get no errors. All error Reporting is enabled on Xampp
-
Hi The basic example from Ch0cu3r has been left untouched at the moment // fetch the file where the upid matches $result = mysql_query('SELECT name, type, size, content FROM upload WHERE upid='.intval($_GET['upid']));
-
Hmm ok, not sure where to start as there is no error message on this one lol. I will google querys tho and see what I can pickup, are you around tonight ?
-
wow thats working great I added to your line: echo '<a href="download1.php?upid='.$row['upid'].'">'.$row['name'].' - '.$row['size'].'</a><br />'; as nothing happend when I clicked the link before Now when I click the link the URL shows http://scotair.noip.me/download1.php?upid=1 with a blank page
-
Yip that got rid of that error now I get 1 more error, probably something I missed Notice: Cannot get users files from database: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''alex\'' at line 1 in C:\xampp\htdocs\ridge\success.php on line 81 I created a new page rather than copying over other codes etc to reduce any errors, this is the new page for profile, new name Success.php <?php require_once('Connections/new.php'); ?> <?php if (!isset($_SESSION)) { session_start(); } ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $colname_Recordset1 = "-1"; if (isset($_SESSION['MM_Username'])) { $colname_Recordset1 = $_SESSION['MM_Username']; } mysql_select_db($database_new, $new); $query_Recordset1 = sprintf("SELECT * FROM login WHERE username = %s", GetSQLValueString($colname_Recordset1, "text")); $Recordset1 = mysql_query($query_Recordset1, $new) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <p>Hello <?php echo $_SESSION['MM_Username']?> !</p> <p> </p> <p> </p> </body> </html> <?php mysql_free_result($Recordset1); ?> <?PHP echo '<h2>Uploaded Files</h2>'; // get the files belonging to the logged in user $result = mysql_query('SELECT upid, filename, size FROM upload WHERE username=\''.mysql_real_escape_string($_SESSION['MM_Username'].'\'')); // check query did execute without errors if($result) { // output each file while($row = mysql_fetch_assoc($result)) { // set a link to download.php passing the files upid as a query string parameter echo '<a href="download.php?upid='.$row['upid'].'">'.$row['filename'] - $row['size'].'</a><br />'; } // query did not execute, log or show error message } else { trigger_error('Cannot get users files from database: ' . mysql_error()); } ?>
-
Cheers I added your code for profile.php and get an error Parse error: syntax error, unexpected ';' in C:\xampp\htdocs\ridge\success.php on line 64
-
Just an update, I managed to get everything linking and now the logged in user can see his own files but, there is an option to download the files and rather than display just his files, he gets the option to dwnload all files Heres the script for the download part <?php $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error()); $db = mysql_select_db('company', $con); $query = "SELECT username, name FROM upload"; $result = mysql_query($query) or die('Error, query failed'); if (mysql_num_rows($result) == 0) { echo "Database is empty <br>"; } else { while (list($id, $name) = mysql_fetch_array($result)) { ?> <a href="download.php?username=<?php echo urlencode($username); ?>" ><?php echo urlencode($name); ?></a> <br> <?php } } mysql_close(); ?> </body> </html> <?php if (isset($_GET['username'])) { $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error()); $db = mysql_select_db('company', $con); $username = $_GET['username']; $query = "SELECT name, type, size, content " . "FROM upload WHERE username = '$username'"; $result = mysql_query($query) or die('Error, query failed'); list($username, $name, $type, $size, $content) = mysql_fetch_array($result); header("Content-link: $username"); header("Content-length: $size"); header("Content-type: $type"); header("Content-Disposition: attachment; filename=$name"); ob_clean(); flush(); echo $content; mysql_close(); exit; } ?>;</td> Above is what I have amended to try and make it, original code below <html> <head> <title>Download File From MySQL Database</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <?php $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error()); $db = mysql_select_db('test', $con); $query = "SELECT id, name FROM upload"; $result = mysql_query($query) or die('Error, query failed'); if (mysql_num_rows($result) == 0) { echo "Database is empty <br>"; } else { while (list($id, $name) = mysql_fetch_array($result)) { ?> <a href="download.php?id=<?php echo urlencode($id); ?>" ><?php echo urlencode($name); ?></a> <br> <?php } } mysql_close(); ?> </body> </html> <?php if (isset($_GET['id'])) { $con = mysql_connect('localhost', 'username', password') or die(mysql_error()); $db = mysql_select_db('test', $con); $id = $_GET['id']; $query = "SELECT name, type, size, content " . "FROM upload WHERE id = '$id'"; $result = mysql_query($query) or die('Error, query failed'); list($name, $type, $size, $content) = mysql_fetch_array($result); header("Content-length: $size"); header("Content-type: $type"); header("Content-Disposition: attachment; filename=$name"); ob_clean(); flush(); echo $content; mysql_close(); exit; } ?> I have a session available called MM_Username which pulls the logged in user to filter everything else. Tbl Login: ID - Primary Username Password Tbl Upload upid - Primary ID - For Login username name type size content A viewing can be seen at http://scotair.noip.me/new.php alex is password and username If you look, Alex has actually got 3 files available, whilst the download at the side has 4 files (all files from mysql) file axismapping.dat belongs to another user with ID 3 and Username Fugo
-
Hiya guys After getting everything else working how I expected, I'm sort of struggling on the last step. Downloading I have an upload.php file that allows me to upload a file to Mysql, the fields available are: upid - Primary id - Need to link this to the logged on user id name type size content The upload works perfectly Can anyone help with implmenting it to the profile.php (1st page after login) On profile page I have: Welcome "username" from Session Dynamic Table display his user id, username and password at the moment, this will be changed as not needed tho. I am using the sessions MM_Username to pass from the login The table for Login looks like: id - primary username password I assume that if I can copy the ID from login and put it in ID in Upload and add colums to dynamic table to show the upload file, will this make that file only available to logged in user? Cheers
-
Hey guys Thought I would just give a quick update. I managed to get it working in the "old" way using php, mysql and dreamweaver againsts everyones advice. I scraped the downloaded login script and did the old way through the dreamweaver inputs, recordsets etc, I set my filter for the username as I was trying before, but somehow I ovelooked a section of right at the top of the profile.php page which was <?php if (!isset($_SESSION)) { session_start(); } ?> The login.php username now sends to profile.php and says welcome "username" and under that I have the dynamic table displaying the links to their own invoices and estimates from mysql db. A simple little bit of code that I overlooked 3 days ago!!! I will still follow Landi advice and over the next week or two attempt to re-do everything using PDO as suggested. Thanks
-
Landi thanks for your help your a star. Just to add, I wasn't looking for someone to write the code for me, I would much rather do it myself, but with learning from a book a few years ago, some of what I knew was outdated. I prefered to use the username option to bring everything together and I will be assigning the usernames to customers and this is alway First & Last Initial with 4 digits so always unique also the PDFs that will be stored are always in this format with the addition of 1 and 2 digits at the end. But in the data there is an ID field Autoinc that could be used. I will look into everything you have said above tonight and will see what I can get done starting from scratch. not sure if I'm allowed to post this or not but my fb is facebook.com/harry.lodge.129 if you want to add me Thanks again
-
Ok I'm getting it a little. I only really use DW for the layout etc, like I said before it's just a basic site to hold the invoice & estimates for the customers to log into. Yes there is a page called session.php which is <include session.php> within the profile page. I added a formfield to the profile page and manually entered the username and linked that to my recordset and it displays correctly, so I'm just looking for the exact way to call on the session as the recordset filter. Obivously not able to achieve this through DW I understand that. and I have download PHP for dummies and I am currently working through that trying to understand sessions and variable etc I see there is a section in the code with $login_session, I assume that that is the session that is created and the part in sessions.php with $SESSION 'login_user' = $username I think it says if I remember is where it is getting the answer from. So if I edit my code with textpad or something and find the sections with recordset and change the filter from $login_session to login_user I should get somewhere? Cheers guys for your patience and help
-
Hiya cheers for that I already have the connection setup <?php require_once('../Connections/new.php'); ?> In the new.php file is the connection to the DB etc I have the login working (downloaded script) I think all I need to figure out is how I can use the session already being used to pass the username from the login.php to profile.php so I can filter on my recordset in dreamweaver. The profile page has Welcome <b id="welcome">Welcome : <i><?php echo $login_session; ?></i></b> which displays Welcome Alex (Alex being the username), I need to somehow tell dreamweaver to use that bit of code to filter on the username and display only those records?
-
Thanks So there is no simply way to pickup the sessions already in use with the script to allow me to use it dreamweaver?
-
Ha ha i live in the scottish borders and the answer is yes i did. It was a blue ford escort cost me 100 had it for 5 mnths till i past my test. The login pages were a script that i found. So im just trying to use the session that they created to capture the username at login and use it to filter a recordset where i can hold my files in a db for each user. I have tried looking for all this info myself but having 2 young kids and a business to run i am short on time. Once i have the basic site setup i do intend on doing a home course on php to progress further. I do appreciate any help i can get
