SQL
codice:
CREATE TABLE files (
_file_id int(11) NOT NULL auto_increment,
_file_name varchar(255) default NULL,
_file_size tinyint(11) unsigned default NULL,
_file_type varchar(255) default NULL,
_file_blob blob,
PRIMARY KEY (_file_id),
UNIQUE KEY _id (_file_id)
) TYPE=MyISAM;
pagina php
codice:
<?php
@mysql_connect( "server", "user", "pass" ) or die("connessione al server fallita");
@mysql_select_db( "nome_database" ) or die("selezione del database fallita");
function sql( $SQL ) {
$Q = mysql_query( $SQL ) or die( " si sono verificati degli errori.<hr />". $SQL );
return $Q;
}
if ( isset( $HTTP_POST_FILES['upload_file'] ) ) {
$file_name = $HTTP_POST_FILES['upload_file']['name'] ;
$file_size = $HTTP_POST_FILES['upload_file']['size'] ;
$file_type = $HTTP_POST_FILES['upload_file']['type'] ;
$file_tmp_name = $HTTP_POST_FILES['upload_file']['tmp_name'] ;
$file_blob = addslashes( fread( fopen( $file_tmp_name , "r") , filesize( $file_tmp_name )));
if ( substr( $file_type , 0 , strlen( "image/" ) ) == "image/" ) {
$file_dim = getimagesize( $file_tmp_name );
$file_width = $file_dim[0];
$file_height = $file_dim[1];
}
sql( " INSERT INTO files (
`_file_id`,
`_file_name`,
`_file_type`,
`_file_size`,
`_file_blob`
) VALUES ( NULL,
'". $file_name ."',
'". $file_type ."',
". $file_size .",
'". $file_blob ."'
) " );
$Q = sql( " SELECT * FROM files WHERE _file_name = '". $file_name ."' AND _file_size = ". $file_size ." LIMIT 0,1 " );
if ( mysql_num_rows( $Q ) == 1 ) {
$file = mysql_fetch_array( $Q );
page_item_add( 'File Caricato', 'il file è stato caricato correttamente sul portale', '' , '
<div class="fcenter" >[img]'. $_SERVER['PHP_SELF'] .'?file='. $file['_file_id'] .'[/img]</div>
<br class="clear" />
' , '#FFFFCC' , '' );
unset( $file );
}
unset( $Q );
unset( $file_width );
unset( $file_height );
unset( $file_name );
unset( $file_size );
unset( $file_type );
unset( $file_tmp_name );
unset( $file_blob );
if ( isset( $file_type ) ) { unset( $file_dim ); }
} else {
if ( isset( $_GET['file'] ) ) {
if (!get_magic_quotes_gpc()) {
$file = addslashes( $GET['file'] );
} else {
$file = $GET['file'] ;
}
$Q = sql( " SELECT * FROM files WHERE _file_id = '". $file ."' LIMIT 0,1 " );
if ( mysql_num_rows( $Q ) == 1 ) {
$file = mysql_fetch_array( $Q );
header("Content-type: ". $file['_file_type'] );
header("Content-Disposition: attachment; filename=". $file['_file_name'] );
echo $file['_file_blob'] ;
unset( $file );
@mysql_close();
exit;
}
unset( $Q );
} else {
echo '
<form enctype="multipart/form-data" action="'. $_SERVER['PHP_SELF'] .'" method="post" >
<div >Inserisci il file da archiviare </div>
<label for="upload_file" ><tt class="fleft" >File </tt><input id="upload_file" name="upload_file" type="file" title=" seleziona il file da caricare " value="" class="fright" /><br class="clear" /></label>
<label for="upload_submit" ><input type="submit" id="upload_submit" value=" Carica File " /></label>
</fieldset>
</form>';
}
}
?>