Re: MySQL Insert

ma <grillen@xxxxxxxxxxxxxx> · Thu, 08 Jan 2004 03:16:07 +0100

hi!

no problem... people should help each other ;)

so: no there is no difference. if you want people to have the possibility to
download the file there are certain things to remember of. just a short
example:

<?php

$con = mysql_connect(...);
mysql_select_db(....);

$file = $_GET['file'];

$qry = 'SELECT `data` FROM `files` WHERE `file`="'.addslashes($file).'"'; //
prevent from sql-injection-attacks
$res = mysql_query($qry);
// errorhandling missing
$data = mysql_fetch_assoc($res);
$data = $data['data'];

$fileInfo = pathinfo($file);

switch($fileInfo['extension']) {
   case "pdf": $ctype="application/pdf";              break;
   case "exe": $ctype="application/octet-stream";      break;
   case "zip": $ctype="application/zip";              break;
   case "doc": $ctype="application/msword";            break;
   case "xls": $ctype="application/vnd.ms-excel";      break;
   case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
   case "gif": $ctype="image/gif";                    break;
   case "png": $ctype="image/png";                    break;
   case "jpg": $ctype="image/jpg";                    break;
   default:    $ctype="application/force-download"; break;
}

header('Content-Type: '.$ctype);
header('Content-Disposition: attachment; filename='.$file
header('Content-Transfer-Encoding: binary');
header('Content-Length: '.strlen($data)); // not sure if it works

echo $data;
?>

greets -ma

# life would be easier if i knew the source code...

> Von: "Will W" <will.w@xxxxxxxxxxxxxx>
> Antworten an: will.w@xxxxxxxxxxxxxx
> Datum: Wed, 7 Jan 2004 21:03:40 -0500
> An: <grillen@xxxxxxxxxxxxxx>
> Betreff: Re:  MySQL Insert
> 
> Thanks!!! :)
> 
> For getting the info from the database is it like all the rest or is there a
> certain way to get those types of files from the database?
> 
> Thanks,
> ~~Will~~
> 
> ----- Original Message -----
> From: "ma" <grillen@xxxxxxxxxxxxxx>
> To: "PHP-DB" <php-db@xxxxxxxxxxxxx>
> Sent: Wednesday, January 07, 2004 8:42 PM
> Subject: Re2:  MySQL Insert
> 
> 
>> hi!
>> 
>> just to add:
>> 
>> use file() only if you run php 4.3.0 or higher.
>> 
>> if this is not the case use this syntax (its binary safe):
>> 
>> $fp = fopen($_FILES['myFile']['tmp_name'], 'r'); # on windows use 'rb'
>> instead of 'r'
>> $data = fread($fp, file_size($_FILES['myFile']['tmp_name']));
>> fclose($fp);
>> 
>> instead of $data = join(etc);
>> 
>> greets - ma
>> 
>> # life would be easier if i knew the source code...
>> 
>> --
>> PHP Database Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>> 
>> 
>> 
>> 
> 

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php