-1

Does not download correctly: can't open the link. Help appreciated. I am new to PHP and MySQL. I have MySQL set to BLOB for the content and I am not sure how to be clearer, I can see the link(s) for the file with the respective id to the file content $id in the url, but when I click on the link nothing opens up, I want to be able to open the file inthe brownser. I intend on being able to open .zip files and extract in later development. A sfar as security please also explain in good details so I can learn. I see my code was mod, but still not working in the array link.

UPLOAD.PHP:

<?php 
$dbname="upload";
$host="localhost";
$user="SELF";
$pass="PICME";
$link = mysql_connect($hostname, $user, $pass);
mysql_select_db($dbname, $link);
?>
<form method="post" enctype="multipart/form-data">
   <table width="350" border="0" cellpadding="1" cellspacing="1" class="box">
      <tr> 
         <td width="246">
            <input type="hidden" name="MAX_FILE_SIZE" value="2000000">
            <input name="userfile" type="file" id="userfile"> 
         </td>
         <td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td>
      </tr>
   </table>
</form>
<?php
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$fileName = $_FILES['userfile']['name'];
$tmpName  = $_FILES['userfile']['tmp_name'];
$fileType = $_FILES['userfile']['type'];
$fileSize = $_FILES['userfile']['size'];
$fp      = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
}
$query = "INSERT INTO upload (name, type, size, content) ".
"VALUES ('$fileName', '$fileType', '$fileSize', '$content')";
mysql_query($query) or die('Error, query failed'); 
echo "<br>File $fileName uploaded<br>";
} 
?>'
(DOWNLOAD.PHP)FILE
'<?php
$dbname="upload";
$host="localhost";
$user="SELF";
$pass="PICME";
$link = mysql_connect($hostname, $user, $pass);
mysql_select_db($dbname, $link);
$query = "SELECT id, name FROM upload";
$result = mysql_query($query) or die('Error, query failed');
if(mysql_num_rows($result) == 0)
{
echo "Database is empty <br>";
} 
else
{
while(list($id, $name) = mysql_fetch_array($result))
{
?>
<a href="download.php?id=<?php echo urlencode($id);?>"><?php echo urlencode($name);?></a> <br>
<?php 
}
}
exit;
?>
<?php
$dbname="upload";
$host="localhost";
$user="SELF";
$pass="PICME";
$link = mysql_connect($hostname, $user, $pass);
mysql_select_db($dbname, $link);
$query = "SELECT id, name FROM upload";
if(isset($_GET['id'])) 
{
// if id is set then get the file with the id from database
$id    = $_GET['id'];
$query = "SELECT name, type, size, content " .
"FROM upload WHERE id = '$id'";
$result = mysql_query($query) or die('Error, query failed');
list($name, $type, $size, $content) =                     mysql_fetch_array($result);
$content = $row['content']; 
header("Content-Disposition: attachment; filename=$name");
header('Content-type: image/jpeg' . $type); // 'image/jpeg' for JPEG images
header('Content-Length:' . $size);
exit;
print $content;
ob_clean();
flush();
echo $content;
}
?>
Barnee
  • 3,212
  • 8
  • 41
  • 53
user1594629
  • 25
  • 1
  • 1
  • 8
  • please update your question to become more clear. Thanks. – Get Off My Lawn Dec 28 '12 at 21:46
  • Please narrow this down. What exactly causes the error? What symptoms do you encounter, etc etc. Also first error I can think of: Ensure that the content field is a blob. – Andreas Hagen Dec 28 '12 at 21:48
  • **WARNING!** Your code contains an [SQL injection vulnerability](http://en.wikipedia.org/wiki/SQL_injection) -- you are passing raw, incorrectly filtered (`addslashes` is *never right to use*), unvalidated user input directly into an SQL string. SQL injection is [very easy to fix](http://stackoverflow.com/q/60174/168868). Consider [switching to PDO](http://php.net/book.pdo) or [mysqli](http://php.net/book.mysqli) so you can use [prepared statements with parameterized queries](http://en.wikipedia.org/wiki/Prepared_statement). – Charles Dec 28 '12 at 22:22
  • I have updated above the code on the comments above except for the last. Which I assume I should be using mysql_real_escape_string() for the $content variable. However, this will be only for file uploads, so is the security issue here in the file name someone would upload and cause injection? Else, please explain how more in detail mysql_real_escape_string() will be better than strip or add slashes in detail please. Also, yes, did in another code bit put mysqli and lef tthat out, but does mysqli really have that much difference over mysql_connect? – user1594629 Dec 30 '12 at 00:12

1 Answers1

-1

It seems you are not validating the Mime type of the file while uploading and setting Mimetype for JPEG while downloading. Please make sure you are uploading the correct file format. Also, the id is urlencoded but not decoded while retrieving from DB.

Sree
  • 921
  • 2
  • 12
  • 31
  • I have referenced this and made sure as with my understanding php and IE must be jpeg for .jpg reading content exception...so made mod on this to check and also the mime_content_type is not set in the upload script yet b/c just want to get it working to display first, themn will move onto that and security. I read mime_content_type was deprecated but no idea how fileinfo() is to work or if makes difference b/c can still use it right? Anyway, can someone fully parse this script out and post up...think it will hlp many folks too. I hav beaten rookie code up and down the wall on this one THANKS!! – user1594629 Dec 30 '12 at 05:54