immagini, area privata e database

**ateicos** · 12-10-2004, 09:57

SQL

codice:

CREATE TABLE files (
  _file_id int(11) NOT NULL auto_increment,
  _file_name varchar(255) default NULL,
  _file_size tinyint(11) unsigned default NULL,
  _file_type varchar(255) default NULL,
  _file_blob blob,
  PRIMARY KEY  (_file_id),
  UNIQUE KEY _id (_file_id)
) TYPE=MyISAM;

pagina php

codice:

<?php

	@mysql_connect( "server", "user", "pass" ) or die("connessione al server fallita");
	@mysql_select_db( "nome_database" ) or die("selezione del database fallita");

	function sql( $SQL ) {
		$Q = mysql_query( $SQL ) or die( " si sono verificati degli errori.<hr />". $SQL );
		return $Q;
	}

if ( isset( $HTTP_POST_FILES['upload_file'] ) ) {

	$file_name 		= $HTTP_POST_FILES['upload_file']['name'] ;
	$file_size 		= $HTTP_POST_FILES['upload_file']['size'] ;
	$file_type 		= $HTTP_POST_FILES['upload_file']['type'] ;
	$file_tmp_name 		= $HTTP_POST_FILES['upload_file']['tmp_name'] ;
	$file_blob 		= addslashes( fread( fopen( $file_tmp_name , "r") , filesize( $file_tmp_name )));

	if ( substr( $file_type , 0 , strlen( "image/" ) ) == "image/" ) {
		$file_dim	 	= getimagesize( $file_tmp_name );
		$file_width = $file_dim[0];
		$file_height = $file_dim[1];
	}

	sql( " INSERT INTO files ( 
	`_file_id`, 
	`_file_name`, 
	`_file_type`, 
	`_file_size`, 
	`_file_blob` 
	) VALUES ( NULL, 
	'". $file_name ."', 
	'". $file_type ."', 
	 ". $file_size .", 
	'". $file_blob ."'
	) " );
	
	$Q = sql( " SELECT * FROM files WHERE _file_name = '". $file_name ."' AND _file_size = ". $file_size ." LIMIT 0,1 " );
	if ( mysql_num_rows( $Q ) == 1 ) {
		$file = mysql_fetch_array( $Q );
		page_item_add( 'File Caricato', 'il file è stato caricato correttamente sul portale', '' , '
		<div class="fcenter" >[img]'. $_SERVER['PHP_SELF'] .'?file='. $file['_file_id'] .'[/img]</div>
		<br class="clear" />
		' , '#FFFFCC' , '' );
		unset( $file );
	}
	unset( $Q );

	unset( $file_width );
	unset( $file_height );
	unset( $file_name );
	unset( $file_size );
	unset( $file_type );
	unset( $file_tmp_name );
	unset( $file_blob );

	if ( isset( $file_type ) ) { unset( $file_dim ); }	

} else {

	if ( isset( $_GET['file'] ) ) {

		if (!get_magic_quotes_gpc()) {
			$file = addslashes( $GET['file'] );
		} else {
			$file = $GET['file'] ;
		}

		$Q = sql( " SELECT * FROM files WHERE _file_id = '". $file ."' LIMIT 0,1 " );
		if ( mysql_num_rows( $Q ) == 1 ) {
			$file = mysql_fetch_array( $Q );

header("Content-type: ". $file['_file_type'] );
header("Content-Disposition: attachment; filename=". $file['_file_name'] );
echo $file['_file_blob'] ;
unset( $file );
@mysql_close();
exit;
		}
		unset( $Q );

	} else {

	echo '
<form enctype="multipart/form-data" action="'. $_SERVER['PHP_SELF'] .'" method="post" >
<div >Inserisci il file da archiviare </div>
<label for="upload_file" ><tt class="fleft" >File </tt><input id="upload_file" name="upload_file" type="file" title=" seleziona il file da caricare " value="" class="fright" /><br class="clear" /></label>
<label for="upload_submit" ><input type="submit" id="upload_submit" value=" Carica File " /></label>
</fieldset>
</form>';
	}
}

?>

Discussione: immagini, area privata e database

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio