Downloading BLOB .pdf from MySQL Problems (please delete my old thread)

[jpdbaugh]

Hello php freaks,

 

I am currently trying to develop a script for uploading .pdf files as blobs to a mysql database.  The same script is also responsible for the downloading of the script and for the html of the page.  I know that it probably makes more sense to have the upload and download functions separate but I am just intern and I have to keep things to one script to fit with the paradigm for the rest of the web application.

 

The problem I am running into is that the html from the top of the script and the included header.php file are being embedded into the .pdf file once it is downloaded from the database.  I have determined this from examining the file in emacs.  Also, the file that is downloaded is just a little bit larger than the original file, and the file that is in the database, due to the extra html tags. I am at stumbling block trying to fix this because I can't use a separate script that doesn't have any html.  The download script must be on this script as well all of the other functionality.

 

I have made bold the part of the script that deals with the file upload, download, as well as the included files.  I would appreciated any help.

 

upload.php:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="../../psustyle.css" />
<link rel="stylesheet" type="text/css" href="../OMSstyle.css" />
<link rel="StyleSheet" href="/dTree/dtree.css" type="text/css" />
<?php include '/var/www/html/OMSinclude.php'; ?>
<title>Operational Monitor and Statistics</title>
</head>
<body OnKeyPress="return disableKeyPress(event)">
<?php
include '/var/www/html/header.php';
?>

<?php
if ($_SESSION['highestRole'] != 'Admin') exit;

$dbh = new PDO('mysql:host='.$_SESSION['OpsDBServer'].'.ops.tns.its.psu.edu;dbname='.$_SESSION['OpsDB'], $_SESSION['yoM'], $_SESSION['aMa']);
echo "<form action='upload.php' enctype='multipart/form-data' method='POST'>";
echo "<a href=\"upload.php\"> Upload: </a>";

$_SESSION['upload'] = 0;
$_SESSION['search'] = 0;


foreach($_REQUEST as $key => $value)
{
   if ($value == 'Download')
   {
      
      $id = $key;
      $sqlDownload = "SELECT name, type, content, size  FROM upload WHERE id='".$id."'";
      $result = $dbh->query($sqlDownload);
      
      list($name, $type, $content, $size) = $result->fetch();
      
      header("Content-type: $type");
      header("Content-length: $size");
      header("Content-Disposition: attachment; filename=$name");

      echo $content;
      exit;
   }
   if($value == 'Deactivate')
   {
      $_SESSION['key'] = $key;
      $contents = $key;
      $first_token = strtok($contents, '_');
      $second_token = strtok('_');
      $third_token = strtok('_');
      $id = $first_token;
      $type = $second_token;
      $netKey = $third_token;
      $user = strtoupper($_SERVER['REMOTE_USER']);
      $sqlDeactivate = "UPDATE upload SET active = 0, modifiedBy = '$user', modifiedDate = Now() WHERE id = '".$id."' AND active ='1'";
      $dbh->query($sqlDeactivate);
      
      if ($_SESSION['searchTypeNullNull'])
      {
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE active = '1'";
         $_SESSION['searchTypeNullNull'] = 0;
      }
      if ($_SESSION['searchTypeTypeNull'])
      {
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE documentType = '".$type."' AND active = '1'";
         $_SESSION['searchTypeTypeNull'] = 0;      
      }
      if ($_SESSION['searchTypeNullNetKey'])
      {
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE networkKey= '".$netKey."' AND active = '1'";
         $_SESSION['searchTypeNullNetKey'] = 0;
      }
      if ($_SESSION['searchTypeTypeNetKey'])
      {
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE documentType = '".$type."' AND networkKey= '".$netKey."' AND active = '1'";
         $_SESSION['searchTypeTypeNetKey'] = 0;
      }
      if ($_SESSION['uploadSearch'])
      {
         "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE active = '1'";
         $_SESSION['uploadSearch'] = 0;
      }
      $_SESSION['search'] = 1;
   }
   if ($key == 'upload')
   {
      $_SESSION['upload'] = $value;
      
      if ($_FILES['userfile']['name'])
      {
         $fileName = $_FILES['userfile']['name'];
         $tmpName  = $_FILES['userfile']['tmp_name'];
         $fileSize = $_FILES['userfile']['size'];
         $fileType = $_FILES['userfile']['type'];
         $docType = $_POST['docType'];
         $netKey = $_POST['netKey'];
         $fp       = fopen($tmpName, 'r');
         $content  = fread($fp, filesize($tmpName));
         $content  = addslashes($content);
           fclose($fp);

         if(!get_magic_quotes_gpc())
         {
             $fileName = addslashes($fileName);
         }

         $values = "'".$fileName."','".$docType."','".$fileType."','".$content."','".$fileSize."','".$netKey."','".strtoupper($_SERVER['REMOTE_USER'])."', Now(), 1";
         $sqlUpload = "INSERT INTO upload (name, documentType, type, content, size, networkKey, modifiedBy, modifiedDate, active) VALUES (".$values.")";
         $dbh->query($sqlUpload);
         
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE active = '1'";
         $_SESSION['uploadSearch'] =   1;
      }
   }
   if ($key == 'search')
   {
      $_SESSION['search'] = $value;
   
      if ($_POST['docType'] == 'null' && $_POST['netKey'] == 'null')
      {
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE active = '1'";
         $_SESSION['searchTypeNullNull'] = 1;
      }
      if ($_POST['docType'] != 'null' && $_POST['netKey'] == 'null')
      {
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE active = '1' AND documentType = '".$_POST['docType']."'";
         $_SESSION['searchTypeTypeNull'] = 1;
      }
      if ($_POST['docType'] == 'null' && $_POST['netKey'] != 'null')
      {
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE active = '1' AND networkKey = '".$_POST['netKey']."'";
         $_SESSION['searchTypeNullNetKey'] = 1;
      }
      if ($_POST['docType'] != 'null' && $_POST['netKey'] != 'null')
      {
         $_SESSION['sql'] = "SELECT id, name, documentType, type, size, networkKey, modifiedBy, modifiedDate, active FROM upload WHERE active = '1' AND documentType = '".$_POST['docType']."' AND networkKey = '".$_POST['netKey']."'";
         $_SESSION['searchTypeTypeNetKey'] = 1;
      }
      echo "</table>";
   }
}


if (!$_SESSION['upload'] && !$_SESSION['search'] && !$_SESSION['download'])
{
   echo "<table class='plainTable'>";                  
   echo "<tr>";
   echo "<td>";
   echo "<input type='reset' value=' Clear From '>";
   echo "<input name='upload' type='submit' value='  Upload  '>";
   echo "<input name='search' type='submit' value=' Search '>";
   echo "</td>";
   echo "</tr>";
   echo "<tr>";
   echo "<td>";
   echo "Type: <select name='docType'>";
   echo "<option value='null'></option>";
   echo "<option value = 'SLA'>SLA</option>";
   echo "</select>";
   echo "  Network Key:<select name='netKey'>";
   echo "<option value='null'></option>";
   $sql = "SELECT * FROM Strings Where active='1' ORDER BY networkKey";
   foreach ($dbh->query($sql) as $row)
      {   
      echo "<option value='".$row['networkKey']."'>".$row['networkKey']."</option>";
      }
   echo "</select>";
   echo "</td>";
   echo "</tr>";
   echo "<tr>";
   echo "<td>Choose a File to Upload";
   echo "<input type='hidden' name='MAX_FILE_SIZE' value='2000000'>";
   echo "<input name='userfile' type='file'>";
   echo "</td>";
   echo "</tr>";
   echo "</table>";
   
}

if ($_SESSION['upload'] || $_SESSION['search'] || $_SESSION['download'])
{
   echo "<table>";
   echo "<tr>";
   echo "<th></th>";
   echo "<th>ID</th>";
   echo "<th>Name</th>";
   echo "<th>Document Type</th>";
   echo "<th>File Type</th>";
   echo "<th>Size</th>";
   echo "<th>Network Key</th>";
   echo "<th>ModifiedBy</th>";
   echo "<th>ModifiedDate</th>";
   echo "<th>Active</th>";
   echo "<th></th>";
   echo "</tr>";
   

   $sql = $_SESSION['sql'];
      foreach ($dbh->query($sql) as $row)
      {
         echo "<tr>";
         echo "<td><input name='".$row[id]."' type='submit' value='Download'></td>";
         echo "<td>$row[id]</a></td>";
         echo "<td>$row[name]</td>";
         echo "<td>$row[documentType]</td>";
         echo "<td>$row[type]</td>";
         echo "<td>$row[size]</td>";
         echo "<td>$row[networkKey]</td>";
         echo "<td>$row[modifiedBy]</td>";
         echo "<td>$row[modifiedDate]</td>";
         echo "<td>$row[active]</td>";
         echo "<td><input name='".$row[id]." ".$row[documentType]." ". $row[networkKey]."'   type='submit' value='Deactivate'</td>";
         echo "</tr>";
      }
   echo "</table>";
}


echo "</form>";


?>

<?php
include '/var/www/html/footer.php';
?>
</body>
</html>