PHP Upload Script - Files uploaded Corrupt

Matthew Benjamin msbenjamin12 at gmail.com
Mon Aug 21 02:55:59 UTC 2006 

On 8/19/06, Lauri <lauri at ruja.ee> wrote:
>
> > On 8/17/06, *Ed K.* <ed at hp.uab.edu <mailto:ed at hp.uab.edu>> wrote:
> >
> >     On Wed, 16 Aug 2006, Matthew Benjamin wrote:
> >      >
> >      > Can anyone help I have a php script that uploads files to a mysql
> >     database.
> >      > When it uploads the files all of the content in the file gets
> >     corrupted. Has
> >      > anyone expirienced this. I know I can't be the first person with
> the
> >      > problem. -- Help!!!  Please.
> >      >
> >
> >     Are you escaping the data from the file?
> >
> >     here would be a working php script:
> >
> >            $fp=fopen($addfile,"r");
> >            $bvar=fread($fp,filesize($addfile));
> >            fclose($fp);
> >            $bvar=addslashes($bvar);
> >            $q="insert into table (file) values ('$bvar')";
> >
> >     ed
> >
> >     --
> >     fedora-list mailing list
> >     fedora-list at redhat.com <mailto:fedora-list at redhat.com>
> >     To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> >     <https://www.redhat.com/mailman/listinfo/fedora-list>
>
> ...
>
> -----
>
> <form enctype="multipart/form-data" action="" method="POST">
>      <!-- MAX_FILE_SIZE must precede the file input field -->
>      <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
>      <!-- Name of input element determines name in $_FILES array -->
>      Send this file: <input name="userfile" type="file" />
>      <input type="submit" value="Send File" />
> </form>
>
>
> <?php
> if(!empty($_FILES['userfile']))
> {
>    // make dir for the file and move it there
>    @mkdir('./temp', 0777);
>    move_uploaded_file($_FILES['userfile']['tmp_name'],
> './temp/'.basename($_FILES['userfile']['name']));
>
>    // read the file and put it to the DB; use base64,
> <http://php.net/base64_encode>
>    mysql_query("INSERT INTO table VALUES(0, 'a', 'b', 'c', '" .
>
> base64_encode(file_get_contents('./temp/'.basename($_FILES['userfile']['name'])))
> . "')");
>
>    // delete the source file and temp directory
>    unlink('./temp/'.basename($_FILES['userfile']['name']));
>    rmdir('./temp');
>
>    echo 'The file was successfully uploaded!<br />';
> }
> ?>
>
> -----
>
> But why do you want to use a database for the files? To prevent
> unauthorized downloading, you can disallow the access to the files and
> send them to user also via PHP, see the comments of <http://php.net/header
> >.
>
> Lauri
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>

I want to use a database, because I haven't found a way to store files on
the and download them via the web. (only because I didn't look I guess). I
was thinking storing them in a db was best. Not so?

-- 
mB.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060820/da6222a4/attachment-0001.htm>

More information about the fedora-list mailing list