[SOLVED] downloading from DB doesnt work

[LearningKid]

HI i found this code online and it helped me out alot however im getting some errors in a part,

can someone let me know wats wrong and to fix it.

 

i divided it into 3 parts

 

part 1

login_success.php  (works fine)

<?php
session_start();
if(!session_is_registered(myusername)){
header("location:login.php");
}

echo "Welcome $_SESSION[myusername] <br />";

?>
<html>
<body>
Login Successful <br />



<form action="upload.php" method="POST" enctype="multipart/form-data" name="upload_form" id="upload_form">
    <label>Title:</label><input name="title" type="text" id="title" value="<?=htmlentities(stripslashes($_POST['title']));?>" size="35">
    <label>File:</label><input type="file" name="file">   
    <input name="action" type="hidden" id="action" value="add_document">
    <input type="submit" name="upload">
    
</form>



</body>
</html>

 

Part 2

upload.php (works great but i have a username field in the table which i also want to add but dont kno how the username is from $_SESSION[myusername] so askin for some hlp here)

<?php
// Connect to the database
// replace "user_name" and "password" with your real login info

$dbh = mysql_connect("localhost","root","") or die("There was a problem with the database connection.");
    $dbs = mysql_select_db("test", $dbh) or die("There was a problem selecting the categories.");

// Set up a list of acceptable file extensions.
// This keeps out malicious files

$acceptable_extensions[0] = "pdf";
$acceptable_extensions[1] = "jpg";
$acceptable_extensions[2] = "gif";
$acceptable_extensions[3] = "doc";
$acceptable_extensions[4] = "ppt";
$acceptable_extensions[5] = "xls";
$acceptable_extensions[6] = "xsl";
$acceptable_extensions[7] = "PDF";
$acceptable_extensions[8] = "JPG";
$acceptable_extensions[9] = "GIF";
$acceptable_extensions[10] = "DOC";
$acceptable_extensions[11] = "PPT";
$acceptable_extensions[12] = "XLS";
$acceptable_extensions[13] = "XSL";
$acceptable_extensions[14] = "txt";
$acceptable_extensions[15] = "TXT";
$acceptable_extensions[16] = "csv";
$acceptable_extensions[17] = "CSV";
$acceptable_extensions[18] = "docx";
$acceptable_extensions[19] = "DOCX";

// Check the uploaded file to make sure it's a valid file

$validated = 1;

if($_FILES && $_FILES['file']['name']){
           
    //make sure the file has a valid file extension
   
    $file_info = pathinfo($_FILES['file']['name']);
    $acceptable_ext = 0;
               
    for($x = 0; $x < count($acceptable_extensions); $x++){
                   
        if($file_info['extension'] == $acceptable_extensions[$x]){
            $acceptable_ext = 1;
                       
        }
    }
               
    if(!$acceptable_ext){
        $validated = 0;
    }  
}else{
    $validated = 0;
}

//Now that we're sure we have a valid file,
//we'll add it into the database

if($validated ){

    // Get important information about the file and put it into variables
  
    $fileName = $_FILES['file']['name'];
    $tmpName  = $_FILES['file']['tmp_name'];
    $fileSize = $_FILES['file']['size'];
    $fileType = $_FILES['file']['type'];

    // Slurp the content of the file into a variable
                   
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);

    if(!get_magic_quotes_gpc()){
        $fileName = addslashes($fileName);
     }
                   
    $file_info = pathinfo($_FILES['file']['name']);

    $sql = "INSERT INTO Files SET

                Title = '".htmlentities(stripslashes($_POST['title']))."',
                File_Name = '".$fileName."',
                File_Type = '".$fileType."',
                File_Size = '".$fileSize."',
                File_Content = '".$content."',
                File_Extension = '".$file_info['extension']."'";
               
               
    $result = mysql_query($sql);
           
    // If the query was successful, give success message

    if(!$result){
        echo "Could not add this file.";
         exit;
    }
    else{
        echo  "New file successfully added.";
    }

}else{
    echo "Invalid file.";
    exit;
}

?>

 

part 3 which doesnt work i get error (Parse error: parse error in C:\xampplite\htdocs\print\download.php on line 10) please let me know wats wrong

 

download.php

<?php
// We'll start out again by connecting to the database
// replace "user_name" and "password" with your real login info

$dbh = mysql_connect("localhost","root","") or die("There was a problem with the database connection.");
    $dbs = mysql_select_db("test", $dbh) or die("There was a problem selecting the categories.");

// Now, We'll check to make sure our $_GET variable is a number

if(!is_numeric($_GET['id']){
    echo "Invalid file chosen.";
    exit;
}

// Next, we'll run a query on the database to get the file out

$sql = "SELECT * FROM Files
            WHERE Files.ID = ".$_GET['id'];
           
$result = mysql_query($sql);

// If the query was invalid or failed to return a result, an error is thrown

if(!$result || !mysql_num_rows($result)){
    echo "Invalid file chosen.";
    exit;
}

// Finally, we will send the file to the browser

$curr_file = mysql_fetch_assoc($result);

$size = $curr_file['File_Size'];
$type = $curr_file['File_Type'];
$name = $curr_file['File_Name'];
$content = $curr_file['File_Content'];

header("Content-length: ".$size."");
header("Content-type: ".$type."");
header('Content-Disposition: attachment; filename="'.$name.'"');
echo $content;

// That's it. We're finished.

?>

 

plz someone hlp me  wit this stuff so tht in the future i will learn and might be able to hlp someone out.

[Adam]

You're missing a bracket, should be:

 

if(!is_numeric($_GET['id'])){

[mikesta707]

the parse error is because of the following line

if(!is_numeric($_GET['id']){

 

which needs to be

if(!is_numeric($_GET['id'])){

 

ahh damit Adam get here first

[LearningKid]

Thank You guys, its funny how forgetting those small things can make u go crazy lol.

Thank YOU