create zip from mysql to all files using php

Question

hi guys i want to create a zip from the hole files names into my database in my code i can just download just one file but i want to get the hole files from my database into a zip

<html>
<title>Files | github</title>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="description" content="">
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css">
<link href="globe.png" rel="shortcut icon">
<?php
date_default_timezone_set("Asia/Calcutta");
//echo date_default_timezone_get();
?>


<?php
$conn=new PDO('mysql:host=localhost; dbname=github', 'root', '') or die(mysqli_error($conn));
if(isset($_POST['submit'])!=""){
  $name=$_FILES['photo']['name'];
  $size=$_FILES['photo']['size'];
  $type=$_FILES['photo']['type'];
  $temp=$_FILES['photo']['tmp_name'];
  $date = date('Y-m-d H:i:s');
  $caption1=$_POST['caption'];
  $link=$_POST['link'];
  
  move_uploaded_file($temp,"files/".$name);

$query=$conn->query("INSERT INTO upload (name,date) VALUES ('$name','$date')");
if($query){
header("location:index.php");
}
else{
die(mysqli_error($conn));
}
}
?>


<html>
<body>
<link href="css/bootstrap.css" rel="stylesheet" type="text/css" media="screen">
<link rel="stylesheet" type="text/css" href="css/DT_bootstrap.css">
<link rel="stylesheet" type="text/css" href="css/font-awesome.css">
<link rel="stylesheet" href="css/bootstrap.min.css">
<link rel="stylesheet" href="font-awesome/css/font-awesome.min.css"/>
<style>
    body{
        background-color:#24292f;
    }
</style>
</head>
<script src="js/jquery.js" type="text/javascript"></script>
<script src="js/bootstrap.js" type="text/javascript"></script>

<script type="text/javascript" charset="utf-8" language="javascript" src="js/jquery.dataTables.js"></script>
<script type="text/javascript" charset="utf-8" language="javascript" src="js/DT_bootstrap.js"></script>
<?php include('dbcon.php'); ?>
<style>
.table tr th{
    
    border:#eee 1px solid;
    
    position:relative;
    #font-family:"Times New Roman", Times, serif;
    font-size:12px;
    text-transform:uppercase;
    }
    table tr td{
    
    border:#eee 1px solid;
    color:#000;
    position:relative;
    #font-family:"Times New Roman", Times, serif;
    font-size:12px;
    
    text-transform:uppercase;
    }
    
#wb_Form1
{
   background-color: #00BFFF;
   border: 0px #000 solid;
  
}
#photo
{
   border: 1px #A9A9A9 solid;
   background-color: #00BFFF;
   color: #fff;
   font-family:Arial;
   font-size: 20px;
}
    </style>
    
    <div class="alert alert-info">
                              
                               
                            
                            </div>
                            <!--<table cellpadding="0" cellspacing="0" border="0" class="table table-bordered">
        
            <tr><td><form enctype="multipart/form-data"  action="" id="wb_Form1" name="form" method="post">
                
                    <input type="file" name="photo" id="photo"  required="required"></td>
                    <td><input type="submit" class="btn btn-danger" value="SUBMIT" name="submit">
            </form> <strong>SUBMIT HERE</strong></tr></td></table>
                             <div class="col-md-18">-->
    <div class="container-fluid" style="margin-top:0px;">
   <div class = "row">
        <div class="panel panel-default">
            <div class="panel-body">
                <div class="table-responsive">


                            <form method="post" action="delete.php" >
                        <table cellpadding="0" cellspacing="0" border="0" class="table table-condensed" id="example">
                            
                            <thead>
                        
                                <tr>
                                    
                                    <th>ID</th>
                                    <th>FILE NAME</th>
                                   <th>Date</th>
                <th>Download</th>
                <th>code editor</th>
                                </tr>
                            </thead>
                            <tbody>
                            <?php 
                            session_start();
                            $user = $_SESSION["username"];
                            $project= $_GET['project'];
                            echo $project;
                            $query=mysqli_query($conn,"SELECT * FROM project S WHERE date=( SELECT MAX(date) FROM project WHERE pointedname = S.pointedname) and  (user='$user' and directoryName ='$project')")or die(mysqli_error($conn));
                            while($row=mysqli_fetch_array($query)){
                            $id=$row['user'];
                            $name=$row['pointedname'];
                            $date=$row['date'];
                            $filpath=$row["path"];
                            ?>
                              
                                        <tr>
                                        
                                         <td><?php echo $row['user'] ?></td>
                                         <td><?php echo $row['pointedname']; ?></td>
                                         <td><?php echo $row['date'] ?></td>
                                         
                                        
                                        <td>
                <a href="download.php?filename=<?php echo "/../../php/".$filpath;?>" title="click to download"><span class="glyphicon glyphicon-paperclip" style="font-size:20px; color:blue"></span></a>
                </td>
                <td>
                <?php 
            
                echo "<a href='../repositories/codeEditorGit/index.php?project=".$row["path"]."'><i class='bi bi-code-slash'></i> ".$row["pointedname"]."</a>"; 
                echo "<a href='zip.php?project=".$row["path"]."'><i class='bi bi-code-slash'></i> ".$row["pointedname"]."</a>"; ?>
                </td>
                                </tr>
                         
                                  <?php } ?>
                            </tbody>
                        </table>
                        
                              
                               
                                
                            </div>
          
</form>

        </div>
        </div>
        </div>
    </div>



</body>
</html>

i tried this code but it didnt work for me

<?php
$conn=new PDO('mysql:host=localhost; dbname=github', 'root', '') or die(mysqli_error($conn));
function zipFilesAndDownload($file_names,$archive_file_name,$file_path)
{
    $zip = new ZipArchive();
    if ($zip->open($archive_file_name, ZIPARCHIVE::CREATE )!==TRUE) {
        exit("cannot open <$archive_file_name>\n");
    }

    foreach($file_names as $files)
    {
        $zip->addFile($file_path.$files,$files);
        //echo $file_path.$files,$files."<br />";
    }
    $zip->close();
    header("Content-type: application/zip"); 
    header("Content-Disposition: attachment; filename=$archive_file_name"); 
    header("Pragma: no-cache"); 
    header("Expires: 0"); 
    readfile("$archive_file_name");
    exit;
}
session_start();
$user=$_SESSION["username"];
$project = $_GET["project"];
$cqurfetch=mysql_query("SELECT * FROM project where user='$user' and accept='1'");
while($row = mysql_fetch_array($cqurfetch))
{
   $file_names[] = $row['user_album_images'];
}
   $archive_file_name=time().'.gallery.zip';
   $file_path="/uploads/";
   zipFilesAndDownload($file_names,$archive_file_name,$file_path);
   echo '^^^^^^Zip ended^^^^^^';
  
?>

also i want to check if the user exist by email but i got an error that when i execute the code he escape the if statment and he go throw executing the insert even the email exist

if(mysqli_num_rows($check_email) > 0){
echo('Email Already exists');

}

code :

$textarea = $_POST["textarea"];
$email = $_POST["email"];
$name = $_POST["name"];
$pswd = $_POST["password"];



$check_email = mysqli_query($conn, "SELECT * FROM sign where email = '$email' ");
if(mysqli_num_rows($check_email) > 0){
    echo('Email Already exists');
    
}
else{
    if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $result = $sql = "INSERT INTO sign
    VALUES ('$email', '$name', '$password','$textarea');
    INSERT INTO connected
    VALUES ('$email', '')
    
    ";
    $conn->exec($result);
    header("Location: ../image-upload-php-and-mysql-main/index.php");
}
    echo('Record Entered Successfully');
}

**Warning!** You're open to [SQL injection attacks](https://owasp.org/www-community/attacks/SQL_Injection)! Read [how to prevent SQL injection in PHP](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) by using prepared statements with bound parameters instead of injecting variables directly into your queries. It's not just about security. If your data contains, for example, a single quote `'`, your query will break. This is _extra_ important when you're trying to call multiple queries in one request like you're doing. — M. Eriksson, Jun 04 '22 at 15:49
**Warning!** Never store passwords in plain text! You should only store password hashes generated using [password_hash()](https://www.php.net/manual/en/function.password-hash.php) and to verify a password againts a hash, use [password_verify()](https://www.php.net/manual/en/function.password-verify.php). This is very important, specially since people unfortunately tends to reuse credentials. You don't want to be the cause for your users being hacked. — M. Eriksson, Jun 04 '22 at 15:49
I have to ask though, what does your register code have to do with the question about creating a zip? Please edit your question and make it more focused. Do some debugging to narrow the issue down and remove everything that's not relevant to the issue at hand. Please read [How to create a Minimal, Reproducible Example](https://stackoverflow.com/help/minimal-reproducible-example) and [how to ask](https://stackoverflow.com/help/how-to-ask). — M. Eriksson, Jun 04 '22 at 15:56
im gonna fix the sql injection after i found a solution for this im hopples i tried many time :( — Miral Kh, Jun 04 '22 at 17:09
Please read the links I posted in my last comment and edit your question. If not, the question is more likely to get closed for being unfocused than answered (you only need one more close vote for that to happen.) — M. Eriksson, Jun 04 '22 at 17:51

create zip from mysql to all files using php

0 Answers0