Ok, I had a more barebones version of this script working, but when I
tried to put it in with my larger script, it broke. I think the problem
lies somewhere in the uploading, but I'm not sure of this. Anyway,
here's what I have:
index.php
---------------------------------
<?
include("header .inc");
if (!isset($_SESSI ON['username']) or ($_SESSION['username'] == "Guest")) {
header ("Location: http://www.thisisfake. com/index.php");
}
dbconnect();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Upload </title>
</head>
<body>
<center>
<?
if($id) {
switch ($action) {
case "delete":
$data = mysql_query("SE LECT id,uploader FROM files WHERE id = '$id'");
$id = mysql_result($d ata,0,"id");
$uploader = mysql_result($d ata,0,"uploader ");
if ($_SESSION["username"] == $uploader || $_SESSION["level"] ==
"admin") {
mysql_query("DE LETE FROM files WHERE id = '$id'");
echo "File deleted";
echo '<META HTTP-EQUIV="refresh"
content="2;URL= http://www.thisisfake. com/upload/">';
} else {echo "Invalid permissions";}
break;
default: //Echo contents if image, else send as file download
$query = "select mimetype, data from files where id = $id";
$result = mysql_query($qu ery);
$data = mysql_result($r esult,0,"data") ;
$type = mysql_result($r esult,0,"mimety pe");
if ($type == "image/pjeg" || $type == "image/jpeg" || $type ==
"image/x-png" || $type == "image/png" || $type == "image/gif"|| $type ==
"image/bmp") {
echo base64_decode($ data);
} else {
get($id); //This send the file as a download, instead of echoing the
contents
}
break;
}
} else {
// Listing of files and the form
echo"
<form method=POST action=upload.p hp enctype=multipa rt/form-data>
<p>File to upload:<br>
<input type=file name=file>
<input type='submit' name='submit' value='Upload'>
</form>
";
//All this stuff works
echo "<p></p>";
if ($data = getInfo()) {
echo '<table border="0" align="center">
<tr bgcolor="#bad1d 1">
<td>File Name</td>
<td><center>Fil e Size</center></td>
<td><center>Mim e Type</center></td>
<td><center>Che cksum</center></td>
<td><center>Ext ension</center></td>
<td><center>Upl oader</center></td>
<td><center>Dat e</center></td>
<td><center>Opt ion</center></td>
</tr>
';
for ($i=0; $i<count($data) ; $i++) {
echo '
<tr bgcolor=#CCCCCC >
<td><a
href="view.php? id='.$data[$i]["id"].'">'.$data[$i]["file_name"].'</a></td>
<td>'.$data[$i]["file_size"].'</td>
<td>'.$data[$i]["mimetype"].'</td>
<td>'.$data[$i]["checksum"].'</td>
<td>'.$data[$i]["extension"].'</td>
<td>'.$data[$i]["uploader"].'</td>
<td>'.$data[$i]["date"].'</td>';
if ($_SESSION["username"] == $data[$i]["uploader"] ||
$_SESSION["level"] == "admin") {
echo '<td><a
href="index.php ?action=delete& id='.$data[$i]["id"].'">Delete</a></td>';}
echo '</tr>
';
}
echo '</table>';
echo '<br>';
echo 'Number of files: ';
echo blobcount();
echo '<br>';
}
}
?>
</center>
</body>
</html>
upload.php
----------------------------------------------
<?
include('header .inc');
dbconnect();
$type = $file_type;
if ($type == "image/pjeg" || $type == "image/jpeg" || $type ==
"image/x-png" || $type == "image/png" || $type == "image/gif") {
$handle = fopen($file,'rb ');
$file_content = fread($handle,f ilesize($file)) ;
fclose($handle) ;
$encoded = chunk_split(bas e64_encode($fil e_content));
$uploader = $_SESSION['username'];
$sql = "INSERT INTO files (id, file_name, data, file_size, mimetype,
extension, checksum, uploader, date) VALUES ('', '".$file_name." ',
'".$encoded. "', '".filesize($fi le)."', '".$file_type." ',
'".getExtension ($blob_name)."' , '".generate_sfv _checksum($file )."',
'".$uploader."' , NOW())";
mysql_query($sq l);
} else {
$handle = fopen($file,'rb ');
$file_content = fread($handle,f ilesize($file)) ;
fclose($handle) ;
$encoded = chunk_split(bas e64_encode($fil e_content));
$uploader = $_SESSION['username'];
$sql = "INSERT INTO files (id, file_name, data, file_size, mimetype,
extension, checksum, uploader, date) VALUES ('', '".$file_name." ',
'".$encoded. "', '".filesize($fi le)."', '".$file_type." ',
'".getExtension ($blob_name)."' , '".generate_sfv _checksum($file )."',
'".$uploader."' , NOW())";
mysql_query($sq l);
}
//}
header ("Location: http://www.thisisfake. com/upload");
?>
view.php
---------------------------------------------------------
<?
echo '<img src="http://www.thisisfake. com/upload/index.php?id='. $id.'">';
?>
I may have broken it further after the initial breaking, so if something
seems doubly broken that might be it. If you need more information just ask.
tried to put it in with my larger script, it broke. I think the problem
lies somewhere in the uploading, but I'm not sure of this. Anyway,
here's what I have:
index.php
---------------------------------
<?
include("header .inc");
if (!isset($_SESSI ON['username']) or ($_SESSION['username'] == "Guest")) {
header ("Location: http://www.thisisfake. com/index.php");
}
dbconnect();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Upload </title>
</head>
<body>
<center>
<?
if($id) {
switch ($action) {
case "delete":
$data = mysql_query("SE LECT id,uploader FROM files WHERE id = '$id'");
$id = mysql_result($d ata,0,"id");
$uploader = mysql_result($d ata,0,"uploader ");
if ($_SESSION["username"] == $uploader || $_SESSION["level"] ==
"admin") {
mysql_query("DE LETE FROM files WHERE id = '$id'");
echo "File deleted";
echo '<META HTTP-EQUIV="refresh"
content="2;URL= http://www.thisisfake. com/upload/">';
} else {echo "Invalid permissions";}
break;
default: //Echo contents if image, else send as file download
$query = "select mimetype, data from files where id = $id";
$result = mysql_query($qu ery);
$data = mysql_result($r esult,0,"data") ;
$type = mysql_result($r esult,0,"mimety pe");
if ($type == "image/pjeg" || $type == "image/jpeg" || $type ==
"image/x-png" || $type == "image/png" || $type == "image/gif"|| $type ==
"image/bmp") {
echo base64_decode($ data);
} else {
get($id); //This send the file as a download, instead of echoing the
contents
}
break;
}
} else {
// Listing of files and the form
echo"
<form method=POST action=upload.p hp enctype=multipa rt/form-data>
<p>File to upload:<br>
<input type=file name=file>
<input type='submit' name='submit' value='Upload'>
</form>
";
//All this stuff works
echo "<p></p>";
if ($data = getInfo()) {
echo '<table border="0" align="center">
<tr bgcolor="#bad1d 1">
<td>File Name</td>
<td><center>Fil e Size</center></td>
<td><center>Mim e Type</center></td>
<td><center>Che cksum</center></td>
<td><center>Ext ension</center></td>
<td><center>Upl oader</center></td>
<td><center>Dat e</center></td>
<td><center>Opt ion</center></td>
</tr>
';
for ($i=0; $i<count($data) ; $i++) {
echo '
<tr bgcolor=#CCCCCC >
<td><a
href="view.php? id='.$data[$i]["id"].'">'.$data[$i]["file_name"].'</a></td>
<td>'.$data[$i]["file_size"].'</td>
<td>'.$data[$i]["mimetype"].'</td>
<td>'.$data[$i]["checksum"].'</td>
<td>'.$data[$i]["extension"].'</td>
<td>'.$data[$i]["uploader"].'</td>
<td>'.$data[$i]["date"].'</td>';
if ($_SESSION["username"] == $data[$i]["uploader"] ||
$_SESSION["level"] == "admin") {
echo '<td><a
href="index.php ?action=delete& id='.$data[$i]["id"].'">Delete</a></td>';}
echo '</tr>
';
}
echo '</table>';
echo '<br>';
echo 'Number of files: ';
echo blobcount();
echo '<br>';
}
}
?>
</center>
</body>
</html>
upload.php
----------------------------------------------
<?
include('header .inc');
dbconnect();
$type = $file_type;
if ($type == "image/pjeg" || $type == "image/jpeg" || $type ==
"image/x-png" || $type == "image/png" || $type == "image/gif") {
$handle = fopen($file,'rb ');
$file_content = fread($handle,f ilesize($file)) ;
fclose($handle) ;
$encoded = chunk_split(bas e64_encode($fil e_content));
$uploader = $_SESSION['username'];
$sql = "INSERT INTO files (id, file_name, data, file_size, mimetype,
extension, checksum, uploader, date) VALUES ('', '".$file_name." ',
'".$encoded. "', '".filesize($fi le)."', '".$file_type." ',
'".getExtension ($blob_name)."' , '".generate_sfv _checksum($file )."',
'".$uploader."' , NOW())";
mysql_query($sq l);
} else {
$handle = fopen($file,'rb ');
$file_content = fread($handle,f ilesize($file)) ;
fclose($handle) ;
$encoded = chunk_split(bas e64_encode($fil e_content));
$uploader = $_SESSION['username'];
$sql = "INSERT INTO files (id, file_name, data, file_size, mimetype,
extension, checksum, uploader, date) VALUES ('', '".$file_name." ',
'".$encoded. "', '".filesize($fi le)."', '".$file_type." ',
'".getExtension ($blob_name)."' , '".generate_sfv _checksum($file )."',
'".$uploader."' , NOW())";
mysql_query($sq l);
}
//}
header ("Location: http://www.thisisfake. com/upload");
?>
view.php
---------------------------------------------------------
<?
echo '<img src="http://www.thisisfake. com/upload/index.php?id='. $id.'">';
?>
I may have broken it further after the initial breaking, so if something
seems doubly broken that might be it. If you need more information just ask.
Comment