[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PHP Upload Script - Files uploaded Corrupt





On 8/19/06, Lauri <lauri ruja ee> wrote:
> On 8/17/06, *Ed K.* <ed hp uab edu <mailto:ed hp uab edu>> wrote:
>
>     On Wed, 16 Aug 2006, Matthew Benjamin wrote:
>      >
>      > Can anyone help I have a php script that uploads files to a mysql
>     database.
>      > When it uploads the files all of the content in the file gets
>     corrupted. Has
>      > anyone expirienced this. I know I can't be the first person with the
>      > problem. -- Help!!!  Please.
>      >
>
>     Are you escaping the data from the file?
>
>     here would be a working php script:
>
>            $fp=fopen($addfile,"r");
>            $bvar=fread($fp,filesize($addfile));
>            fclose($fp);
>            $bvar=addslashes($bvar);
>            $q="insert into table (file) values ('$bvar')";
>
>     ed
>
>     --
>     fedora-list mailing list
>     fedora-list redhat com <mailto:fedora-list redhat com>
>     To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>     <https://www.redhat.com/mailman/listinfo/fedora-list>

...

-----

<form enctype="multipart/form-data" action="" method="POST">
     <!-- MAX_FILE_SIZE must precede the file input field -->
     <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
     <!-- Name of input element determines name in $_FILES array -->
     Send this file: <input name="userfile" type="file" />
     <input type="submit" value="Send File" />
</form>


<?php
if(!empty($_FILES['userfile']))
{
   // make dir for the file and move it there
   @mkdir('./temp', 0777);
   move_uploaded_file($_FILES['userfile']['tmp_name'],
'./temp/'.basename($_FILES['userfile']['name']));

   // read the file and put it to the DB; use base64,
<http://php.net/base64_encode>
   mysql_query("INSERT INTO table VALUES(0, 'a', 'b', 'c', '" .
base64_encode(file_get_contents('./temp/'.basename($_FILES['userfile']['name'])))
. "')");

   // delete the source file and temp directory
   unlink('./temp/'.basename($_FILES['userfile']['name']));
   rmdir('./temp');

   echo 'The file was successfully uploaded!<br />';
}
?>

-----

But why do you want to use a database for the files? To prevent
unauthorized downloading, you can disallow the access to the files and
send them to user also via PHP, see the comments of < http://php.net/header>.

Lauri

--
fedora-list mailing list
fedora-list redhat com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

I want to use a database, because I haven't found a way to store files on the and download them via the web. (only because I didn't look I guess). I was thinking storing them in a db was best. Not so?

--
mB.
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]