Jump to content

Recommended Posts

Hi guys,

 

I am trying to create a coding which allows users to upload and download files into mysql server, but I came across some errors. The coding itself works fine on the surface, but when I uploaded the file into mysql and download them, the contents of the downloaded file was different from the original file that was upload. One good example would be when I upload txt file or doc file. I was stuck on this for quite a few days without any leads.

 

Here are the codes:

 

index.html

 

<form action="add_file.php" method="post" enctype="multipart/form-data">

<input type="file" name="uploaded_file"><br>

<input type="submit" value="Upload file">

</form>

<p>

<a href="list_files.php">See all files</a>

</p>

 

 

add_file.php

 

<?php

// Check if a file has been uploaded

if(isset($_FILES['uploaded_file'])) {

// Make sure the file was sent without errors

if($_FILES['uploaded_file']['error'] == 0) {

// Connect to the database

$dbLink = new mysqli('localhost', 'root', 'pwd', 'myTable');

if(mysqli_connect_errno()) {

die("MySQL connection failed: ". mysqli_connect_error());

}

 

// Gather all required data

$name = $dbLink->real_escape_string($_FILES['uploaded_file']['name']);

$mime = $dbLink->real_escape_string($_FILES['uploaded_file']['type']);

$data = $dbLink->real_escape_string(file_get_contents($_FILES ['uploaded_file']['tmp_name']));

$size = intval($_FILES['uploaded_file']['size']);

 

// Create the SQL query

$query = "

INSERT INTO `file` (

`name`, `mime`, `size`, `data`, `created`

)

VALUES (

'{$name}', '{$mime}', {$size}, '{$data}', NOW()

)";

 

// Execute the query

$result = $dbLink->query($query);

 

// Check if it was successfull

if($result) {

echo 'Success! Your file was successfully added!';

}

else {

echo 'Error! Failed to insert the file'

. "<pre>{$dbLink->error}</pre>";

}

}

else {

echo 'An error accured while the file was being uploaded. '

. 'Error code: '. intval($_FILES['uploaded_file']['error']);

}

 

// Close the mysql connection

$dbLink->close();

}

else {

echo 'Error! A file was not sent!';

}

 

// Echo a link back to the main page

echo '<p>Click <a href="index.html">here</a> to go back</p>';

?>

 

 

list_files.php

 

<?php

// Connect to the database

$dbLink = new mysqli('localhost', 'root', 'pwd', 'myTable');

if(mysqli_connect_errno()) {

die("MySQL connection failed: ". mysqli_connect_error());

}

 

// Query for a list of all existing files

$sql = 'SELECT `id`, `name`, `mime`, `size`, `created` FROM `file`';

$result = $dbLink->query($sql);

 

// Check if it was successfull

if($result) {

// Make sure there are some files in there

if($result->num_rows == 0) {

echo '<p>There are no files in the database</p>';

}

else {

// Print the top of a table

echo '<table width="100%">

<tr>

<td><b>Name</b></td>

<td><b>Mime</b></td>

<td><b>Size (bytes)</b></td>

<td><b>Created</b></td>

<td><b> </b></td>

</tr>';

 

// Print each file

while($row = $result->fetch_assoc()) {

echo "

<tr>

<td>{$row['name']}</td>

<td>{$row['mime']}</td>

<td>{$row['size']}</td>

<td>{$row['created']}</td>

<td><a href='get_file.php?id={$row['id']}'>Download</a></td>

</tr>";

}

 

// Close table

echo '</table>';

}

 

// Free the result

$result->free();

}

else

{

echo 'Error! SQL query failed:';

echo "<pre>{$dbLink->error}</pre>";

}

 

// Close the mysql connection

$dbLink->close();

?>

 

 

get_file.php

 

<?php

// Make sure an ID was passed

if(isset($_GET['id'])) {

// Get the ID

$id = intval($_GET['id']);

 

// Make sure the ID is in fact a valid ID

if($id <= 0) {

die('The ID is invalid!');

}

else {

// Connect to the database

$dbLink = new mysqli('localhost', 'root', 'pwd', 'myTable');

if(mysqli_connect_errno()) {

die("MySQL connection failed: ". mysqli_connect_error());

}

 

// Fetch the file information

$query = "

SELECT `mime`, `name`, `size`, `data`

FROM `file`

WHERE `id` = {$id}";

$result = $dbLink->query($query);

 

if($result) {

// Make sure the result is valid

if($result->num_rows == 1) {

// Get the row

$row = mysqli_fetch_assoc($result);

 

// Print headers

header("Content-Type: ". $row['mime']);

header("Content-Length: ". $row['size']);

header("Content-Disposition: attachment; filename=". $row['name']);

 

// Print data

echo $row['data'];

}

else {

echo 'Error! No image exists with that ID.';

}

 

// Free the mysqli resources

@mysqli_free_result($result);

}

else {

echo "Error! Query failed: <pre>{$dbLink->error}</pre>";

}

@mysqli_close($dbLink);

}

}

else {

echo 'Error! No ID was passed.';

}

?>

 

I am not too sure where the error could be but I suspect that it could be somewhere at the add_file or get_file. Seriously hope someone could help me with this bug and thanks for the trouble.

 

Regards

Jasmine

Link to comment
https://forums.phpfreaks.com/topic/210305-help-on-upload-and-download-and-mysql/
Share on other sites

whats the field type of "data",

 

if its text then change

$data = $dbLink->real_escape_string(file_get_contents($_FILES ['uploaded_file']['tmp_name']));

to

$data = base64_encode(file_get_contents($_FILES ['uploaded_file']['tmp_name']));

 

and

 

echo $row['data'];

to

echo base64_decode($row['data']);

 

However you should use a blob type

 

if you still have a problem, then can you give some more details

Hi MadTechie,

 

an example of what happen when I upload and download the files are:

 

original np1.php

 

<form action="np2.php" method="post">

Name of New Page: <input type="text" name="newpage_name" />

<input type="submit" />

</form>

 

 

downloaded np1.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xml

 

 

Original np2.php

 

<?php

$newpage_name = $_POST[ 'newpage_name' ];

$newpage_initial = "Input Contents Here.";

$newpage_file = "test_np/" . $newpage_name . ".php";

$newpage_save = fopen($newpage_file, 'w');

fwrite($newpage_save, $newpage_initial);

fclose($newpage_save);

?>

 

 

downloaded np2.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

</head>

<body>

<?php

$newpage_name = $_POST[ 'newpage_name' ];

$n

 

 

Original links.html

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

</head>

<body>

<ul>

<li><a href="#home">Workspace</a></li>

<li>  |  </li>

<li><a href="#news">Manage</a></li>

<li>  |  </li>

<li><a href="#contact">Logout</a></li>

</ul>

</body>

</html>

 

 

downloaded links.html

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

</head>

<body>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type"

 

 

Original phpinfo.php

 

<? phpinfo(); ?>

 

 

Downloaded phpinfo.php

 

<!DOCTYPE html P

 

 

The errors appeared quite random. Hope this helps you understand the errors I am encountering.

 

Regards

Jasmine

Sorry the delayed reply,

The problem isn't as random as you think,

 

Here is the problem:

your download page has extra content, being

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

</head>

<body>

 

change this to ONLY the PHP code you posted and it should be fine..  ;)

 

okay now the why

Lets look at the last example,

you uploaded "test" and it downloaded "<!DO" this is because it tried to download

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Untitled Document</title>

</head>

<body>test</body></html>

BUT you stated the size is 4 characters so you get

<!DO

 

if you review the other example your probably see the same pattern

 

Hope this helps

 

Your get_file.php file contains more than you posted (or you're host is adding stuff!), it had some html at the start of it this is cause the file to be truncated, by the size restriction

header("Content-Length: ". $row['size']);

if you remove the above line you should get the full content BUT if you view source your notice some extra html

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.