Re: problems with donwload

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hulf wrote:
Under the results there are 3 files to download. Some users are getting an uable to read or corrupt message. 

http://vps.aztechost.co.uk/~trisco/index.php


and 3 here

http://vps.aztechost.co.uk/~trisco/rankings.php


The upload script is similar


if(isset($_POST['_upload'])  && $_FILES['userfile']['size'] > 0)
{


$fileName = $_FILES['userfile']['name'];
$tmpName  = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];

$fp      = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);

if(!get_magic_quotes_gpc())
{
    $fileName = addslashes($fileName);
}


$id= $_POST['id'];
/*$query = "UPDATE results SET title='$title', file_name='$fileName', size='$fileSize', type='$fileType', content='$content', last_updated=CURDATE() WHERE id=$id";*/
$query ="INSERT INTO results (title, content, file_name, size, type, last_updated) VALUES ('$title', '$content', '$fileName', '$fileSize', '$fileType', CURDATE())"; 

mysql_query($query);
echo mysql_error();

}


and the download....

<?php
if(isset($_GET['id']))
{
// if id is set then get the file with the id from database
include("/home/trisco/public_html/secure/scripts/connect.php");

$id    = $_GET['id'];
$query = "SELECT file_name, type, size, content FROM results WHERE id = '$id'"; 

$result = mysql_query($query) or die(mysql_error());;
list($file_name, $type, $size, $content) = 

here you set a variable called $file_name


mysql_fetch_array($result);

/*echo $file_name;
echo $type;
echo $size;*/


header("Content-Type: $type");
header("Content-Disposition: attachment; filename=$file_name");


here you are using $file_name


header("Content-Length: ".filesize($file));


here you are using $file

Isn't this something that someone pointed out earlier in the week?

from the input script, it looks like you should be using $size instead of filename($file)


header("Accept-Ranges: bytes");
header("Pragma: no-cache");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-transfer-encoding: binary");

echo $content;
exit;

}

?>
Thanks,



--
Jim Lucas

   "Some men are born to greatness, some achieve greatness,
       and some have greatness thrust upon them."

Twelfth Night, Act II, Scene V
    by William Shakespeare

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux