The below code is in the main page with two types selection. It has a user session login check with an else clause:
<FORM METHOD="POST" ACTION="<?php echo $_SERVER['PHP_SELF'];?>">
<select name="type">
<option value="Technical">Technical Records</option>
<option value="Spares">Spares Records</option>
</select>
<input type="submit" value="Download Record"></input>
</FORM>
<?php
include(ABS_PATH . "/hidden/access.inc");
if (isset($_SESSION["user_id"])) {
if (isset($_POST["type"])) {
switch ($_POST['type']) {
case "Technical":
include(ABS_PATH . "/hidden/export.php");
break;
case "Spares":
include(ABS_PATH . "/hidden/export.php");
break;
}
} else {
echo "please select download option";
}
} else {
echo "Please Login First";
function redirect($url)
{
ob_clean();
header('Location: '.$url);
ob_end_flush();
die();
}
redirect('login.php');
}
?>
The sub download page has PHP code to download from a specific table, where its name is included in with the Database connection username, db name, pass Table name etc.
One of the two sub-pages for download are as below code:
<?php
//session_start();
//define("ABS_PATH", $_SERVER['DOCUMENT_ROOT']);
if (isset($_SESSION["user_id"])) {
/*******EDIT LINES 3-8*******/
//include '/hidden/access.inc';
include(ABS_PATH . "/hidden/access.inc");
//create MySQL connection
$sql = "Select * from $DB_TBLName";
$Connect = @mysql_connect($DB_Server, $DB_Username, $DB_Password) or die("Couldn't connect to MySQL:<br>" . mysql_error() . "<br>" . mysql_errno());
//select database
$Db = @mysql_select_db($DB_DBName, $Connect) or die("Couldn't select database:<br>" . mysql_error(). "<br>" . mysql_errno());
//execute query
$result = @mysql_query($sql,$Connect) or die("Couldn't execute query:<br>" . mysql_error(). "<br>" . mysql_errno());
$file_ending = "xls";
//header info for browser
header("Content-Type: application/xls");
header('Content-Disposition: attachment; filename='.basename($file));
header("Pragma: no-cache");
header("Expires: 0");
/*******Start of Formatting for Excel*******/
//define separator (defines columns in excel & tabs in word)
$sep = "\t"; //tabbed character
//start of printing column names as names of MySQL fields
for ($i = 0; $i < mysql_num_fields($result); $i++) {
echo mysql_field_name($result,$i) . "\t";
}
print("\n");
//end of printing column names
//start while loop to get data
while($row = mysql_fetch_row($result))
{
$schema_insert = "";
for($j=0; $j<mysql_num_fields($result);$j++)
{
if(!isset($row[$j]))
$schema_insert .= "NULL".$sep;
elseif ($row[$j] != "")
$schema_insert .= "$row[$j]".$sep;
else
$schema_insert .= "".$sep;
}
$schema_insert = str_replace($sep."$", "", $schema_insert);
$schema_insert = preg_replace("/\r\n|\n\r|\n|\r/", " ", $schema_insert);
$schema_insert .= "\t";
print(trim($schema_insert));
print "\n";
}
} else {
function redirect($url)
{
ob_clean();
header('Location: '.$url);
ob_end_flush();
die();
}
redirect('login.php');
}
?>
For some reason the included sub-directory page, when calling the download, will include the main page HTML code when downloading in the dostorted export.XLS file.
Note:
- I am in the 1st week of learning PHP. I have searched but couldn't find what could have possibly gone wrong.
- .htaccess makes local access only on /hidden to avoid direct access to the folder without having session set, so include option seems the only secured method to download from the /hidden folder.
