Upload and Download Php MySQL Script
17,957
download.php is displaying all the HTML at the top even when the user has selected a file to download. You need to put that entire section in an if so it doesn't get put at the beginning of the download:
if (!isset($_GET['id']) { ?>
<html>
...
</html>
<?php } else {
$con = mysql_connect('localhost', 'root', 'root') or die(mysql_error());
... // rest of script
}
Author by
Admin
Updated on June 04, 2022Comments
-
Admin almost 2 years
I've made use of a script which is available online. The File upload.php allows the user to upload a file and then store the selected file in the MySQL database. Later the download.php script displays the links for all the files stored in the database. When the user clicks the link, the file should be downloaded. I've enclosed the script below. But the problem is, when I click the link the content of the file gets displayed instead of getting downloaded.
upload.php
<!-- CREATE TABLE IF NOT EXISTS `upload` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(30) NOT NULL, `type` varchar(30) NOT NULL, `size` int(11) NOT NULL, `content` longblob NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=5 ; --> <html> <head></head> <body> <form method="post" enctype="multipart/form-data"> <table width="350" border="0" cellpadding="1" cellspacing="1" class="box"> <tr> <td>please select a file</td></tr> <tr> <td> <input type="hidden" name="MAX_FILE_SIZE" value="16000000"> <input name="userfile" type="file" id="userfile"> </td> <td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td> </tr> </table> </form> </body> </html> <?php if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) { $fileName = $_FILES['userfile']['name']; $tmpName = $_FILES['userfile']['tmp_name']; $fileSize = $_FILES['userfile']['size']; $fileType = $_FILES['userfile']['type']; $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string( $_FILES['userfile']['type']) : mysql_real_escape_string( stripslashes($_FILES['userfile']))); $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); $content = addslashes($content); fclose($fp); if (!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); } $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error()); $db = mysql_select_db('test', $con); if ($db) { $query = "INSERT INTO upload (name, size, type, content ) " . "VALUES ('$fileName', '$fileSize', '$fileType', '$content')"; mysql_query($query) or die('Error, query failed'); mysql_close(); echo "<br>File $fileName uploaded<br>"; } else { echo "file upload failed"; } } ?>Download.php
<html> <head> <title>Download File From MySQL Database</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <?php $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error()); $db = mysql_select_db('test', $con); $query = "SELECT id, name FROM upload"; $result = mysql_query($query) or die('Error, query failed'); if (mysql_num_rows($result) == 0) { echo "Database is empty <br>"; } else { while (list($id, $name) = mysql_fetch_array($result)) { ?> <a href="download.php?id=<?php echo urlencode($id); ?>" ><?php echo urlencode($name); ?></a> <br> <?php } } mysql_close(); ?> </body> </html> <?php if (isset($_GET['id'])) { $con = mysql_connect('localhost', 'root', 'root') or die(mysql_error()); $db = mysql_select_db('test', $con); $id = $_GET['id']; $query = "SELECT name, type, size, content " . "FROM upload WHERE id = '$id'"; $result = mysql_query($query) or die('Error, query failed'); list($name, $type, $size, $content) = mysql_fetch_array($result); header("Content-length: $size"); header("Content-type: $type"); header("Content-Disposition: attachment; filename=$name"); ob_clean(); flush(); echo $content; mysql_close(); exit; } ?> -
Funk Forty Niner about 10 yearsI'm definitely going to +1 this. I guess I did misunderstand the question after all. Good show Barmar.