Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    New Coder
    Join Date
    Aug 2011
    Posts
    24
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Exclamation Upload/Download file to sql server using php (help!)

    Hi can you guys help me out please? After I've finished uploading and downloading my file I get a corrupted file with a constant 87 bytes for file size even though this is not the case. Here is the upload and download code.

    Upload Code:

    PHP Code:
    <?php

    //if (isset($_POST['submitb'])) {

    $TheGrade $_POST['grade'];
                
    $Server="xxxx";
    $User="xxxx";
    $Password="xxxx";
    $Database="xxxx";

    $name $_FILES['file']['name'];
    $type $_FILES['file']['type'];
    $size $_FILES['file']['size'];
    $file $_FILES['file']['tmp_name'];

    if (((
    $_FILES["file"]["type"] == "image/gif")
    || (
    $_FILES["file"]["type"] == "image/jpeg")
    || (
    $_FILES["file"]["type"] == "image/png")
    || (
    $_FILES["file"]["type"] == "application/msword")
    || (
    $_FILES["file"]["type"] == "application/pdf")
    || (
    $_FILES["file"]["type"] == "text/plain")
    || (
    $_FILES["file"]["type"] == "image/pjpeg")))

      {
          
        if(
    $_FILES["file"]["size"] < 5242880){

    if(
    $TheGrade==IB2){

    $gradetable="IB2FILES";
        
    } elseif(
    $TheGrade==IB1){

    $gradetable="IB1FILES";
        
    } elseif(
    $TheGrade==FY){

    $gradetable="FYFILES";
        
    } elseif(
    $TheGrade==Y2){

    $gradetable="Y2FILES";
        
    } elseif(
    $TheGrade==Y1){

    $gradetable="Y1FILES";
        
    } else {
        
        echo 
    "Connection error: No grade submission";
        
    $gradetable=null;
        echo 
    $gradetable;
        
    }

    $connection mysql_connect($Server$User$Password);
    if(!
    $connection){
        die(
    "Couldn't Connect" mysql_error());
    }

    $size "'" $size "'";
    $type "'" $type "'";    
    $name "'" $name "'";    
    $file "'" $file "'";    

    mysql_select_db($Database$connection);

    $query "INSERT INTO " $gradetable " (name,type,size,file) VALUES (" $name "," $type "," $size "," $file ")";

    $table mysql_query($query,$connection);
    if (!
    $table)
    {
        die(
    "SQL Error! Query is $query<br />Error is ".mysql_error());
    }   


        } else {
            
            echo 
    "File size is too large.";
            
        }

    } else {
                       
               
    $fte "'" "filelist.html" "'" "," "'" "File type not accepted. Please review the page below." "'";    
            
          echo 
    "<script type=text/javascript>
                window.open(" 
    $fte ")
                </script>"
    ;    
           
      }

    echo 
    "File Uploaded!";
        
    ?>
    Here is the download code:

    PHP Code:
    <?php

    $Server
    ="xxxx";
    $User="xxxx";
    $Password="xxxx";
    $Database="xxxx";

    $con mysql_connect($Server,$User,$Password);

    if(!
    $con){
        
        die(
    "Couldn't Connect " mysql_error());
        
    }

    mysql_select_db($Database,$con);

    $query "SELECT * FROM IB2FILES WHERE id = 6";
    $result mysql_query($query) or die(mysql_error());


    $name=mysql_result($result,0,"name"); 
    $size=mysql_result($result,0,"size"); 
    $type=mysql_result($result,0,"type"); 
    $content=mysql_result($result,0,"file"); 

    // give our picture the proper headers...otherwise our page will be confused 
    header("Content-Disposition: attachment; filename=$name"); 
    header("Content-length: $size"); 
    header("Content-type: $type"); 
    echo 
    $content

    mysql_close();


    ?>
    Here is the link to the site and if you click on "Click" you will download the 87 byte corrupted file (not a virus I swear it won't even open).

    Thanks in advance!

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    What column type is your "file" column? You are apparently inserting the temporary name into that column in the upload step, but then on the download step you are trying to use the "file" column as raw content...? Doesn't make any sense.

    It kind of seems like you are trying to save the file to the database as a blob type, but you have no code to save the contents of the uploaded file as a blob in the database. I'd start there.

  • #3
    New Coder
    Join Date
    Aug 2011
    Posts
    24
    Thanks
    6
    Thanked 0 Times in 0 Posts

    Exclamation

    Yeah I noticed that directly after I posted but a problem still remains. Whenever I try to download the file now I get:

    Warning: fopen('/usr/local/pem/vhosts/113282/tmp/phpmz6Yyk'): failed to open stream: No such file or directory in /usr/local/pem/vhosts/113282/webspace/httpdocs/show.php on line 74 Warning: fread(): supplied argument is not a valid stream resource in /usr/local/pem/vhosts/113282/webspace/httpdocs/show.php on line 75 Warning: fclose(): supplied argument is not a valid stream resource in /usr/local/pem/vhosts/113282/webspace/httpdocs/show.php on line 77 SQL Error! Query is INSERT INTO IB2FILES (name,type,size,file) VALUES (\'BrainHarmonics Insrtuctions.pdf\','application/pdf','232043',)
    Error is You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'BrainHarmonics Insrtuctions.pdf\','application/pdf','232043',)' at line 1

    I think this means I don't have permissions to the tmp folder myhosting.com has given me or the file doesn't exist. I use CuteFTP to upload files to Server and it says that the tmp/ directory exists but I can't enter it because it's not there... but when I clicked GetInfo the permissions is set to owner instead of group... I am so confused. Here is my code for the upload now:

    PHP Code:
    <?php

    //if (isset($_POST['submitb'])) {

    $TheGrade $_POST['grade'];
                
    $Server="xxxx";
    $User="xxxx";
    $Password="xxxx";
    $Database="xxxx";

    $name $_FILES['file']['name'];
    $type $_FILES['file']['type'];
    $size $_FILES['file']['size'];
    $file $_FILES['file']['tmp_name'];

    if (((
    $_FILES["file"]["type"] == "image/gif")
    || (
    $_FILES["file"]["type"] == "image/jpeg")
    || (
    $_FILES["file"]["type"] == "image/png")
    || (
    $_FILES["file"]["type"] == "application/msword")
    || (
    $_FILES["file"]["type"] == "application/pdf")
    || (
    $_FILES["file"]["type"] == "text/plain")
    || (
    $_FILES["file"]["type"] == "image/pjpeg")))

      {
          
        if(
    $_FILES["file"]["size"] < 66000000){

    if(
    $TheGrade==IB2){

    $gradetable="IB2FILES";
        
    } elseif(
    $TheGrade==IB1){

    $gradetable="IB1FILES";
        
    } elseif(
    $TheGrade==FY){

    $gradetable="FYFILES";
        
    } elseif(
    $TheGrade==Y2){

    $gradetable="Y2FILES";
        
    } elseif(
    $TheGrade==Y1){

    $gradetable="Y1FILES";
        
    } else {
        
        echo 
    "Connection error: No grade submission";
        
    $gradetable=null;
        echo 
    $gradetable;
        
    }

    $connection mysql_connect($Server$User$Password);
    if(!
    $connection){
        die(
    "Couldn't Connect" mysql_error());
    }

    $size "'" $size "'";
    $type "'" $type "'";    
    $name "'" $name "'";    
    $file "'" $file "'";    

    mysql_select_db($Database$connection);

    if(!
    get_magic_quotes_gpc()){ 
    $name addslashes($name); 


    // open up the file and extract the data/content from it 
    $extract fopen($file'r'); 
    $content fread($extract$size); 
    $content addslashes($content); 
    fclose($extract);  

    $query "INSERT INTO " $gradetable " (name,type,size,file) VALUES (" $name "," $type "," $size "," $content ")";

    $table mysql_query($query,$connection);
    if (!
    $table)
    {
        die(
    "SQL Error! Query is $query<br />Error is ".mysql_error());
    }   


        } else {
            
            echo 
    "File size is too large.";
            
        }

    } else {
                       
               
    $fte "'" "filelist.html" "'" "," "'" "File type not accepted. Please review the page below." "'";    
            
          echo 
    "<script type=text/javascript>
                window.open(" 
    $fte ")
                </script>"
    ;    
           
      }

    echo 
    "File Uploaded!";
        
    ?>

  • #4
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    Have you read these topics in the PHP manual?

    http://us.php.net/manual/en/features.file-upload.php

  • #5
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,352
    Thanks
    61
    Thanked 528 Times in 515 Posts
    Quote Originally Posted by loopsnhoops View Post
    Warning: fopen('/usr/local/pem/vhosts/113282/tmp/phpmz6Yyk'): failed to open stream: No such file or directory in /usr/local/pem/vhosts/113282/webspace/httpdocs/show.php on line 74

    I think this means I don't have permissions to the tmp folder myhosting.com has given me or the file doesn't exist.
    I don't think you understand how php handles file uploads.

    When you upload a file PHP temporarily stores it in the temp directory with a random file name. It is stored there for the lifetime of the script execution. In other words, when the script finishes running, PHP DELETES the file from the temp directory.

    In order to save the file permanently, you have to use a function called move_uploaded_file() to move it via its temp name to your directory where you can give it whatever name you want. You can even read the file into a string using file_get_contents() and write it into a blob field in your table (remember to escape it first in case it contains any sql sensitive characters.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • #6
    New Coder
    Join Date
    Aug 2011
    Posts
    24
    Thanks
    6
    Thanked 0 Times in 0 Posts
    Hey thanks for the suggestions i'll try that if this next idea doesn't work. I emailed the hosting site for my web page and they sent me back an email saying I didn't have permissions so I should just create my own temporary folder and set that to the default directory. How would I go about this?

    Thanks

  • #7
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,352
    Thanks
    61
    Thanked 528 Times in 515 Posts
    Sounds to me like your host is just giving you the brush off because they don't want to spend their time teaching you to write PHP.

    As I've said, use move_uploaded_file(). This is the only way you're going to handle file uploads. You don't have to listen to this advice if you don't want to but I won't continue to advise you if you continue to ignore.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • Users who have thanked tangoforce for this post:

    loopsnhoops (04-30-2012)

  • #8
    New Coder
    Join Date
    Aug 2011
    Posts
    24
    Thanks
    6
    Thanked 0 Times in 0 Posts
    Haha thanks i'm not that arrogant so I will definitely use your advice and I think i'll give my web host a talking too. Thanks again!


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •