making uploaded files as clickable links

niranjani23

hi
i have a page which allows for uploading .doc,.docx or txt or pdf files. After uploading, i display the list of files uploaded by that user.When this is done, i want these files as clickable links so that they are available for downloading.How can this be done?
I have already tried this. But it is not working.Here is the code:
<?php
ob_start();

//connect to database
$con = mysql_connect("localhost","niru23_root","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("my_db", $con);
session_start();
echo "username = ". $_SESSION['username'];
echo"The files uploaded by $username are:";

$result = mysql_query("SELECT file_id,file_name,file_size,date FROM niru23_users.file_storage where username='$username'");

if($result){
if(mysqli_num_rows($result==0)){
echo"There are no files in the database";
}
else{
echo "<table border='1'>
<tr>
<th>fileid</th>
<th>filename</th>
<th>filesize</th>
<th>date</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>". $row['file_id'] . "</td>";
echo "<td>" . $row['file_name'] . "</td>";
echo "<td>" . $row['file_size'] . "</td>";
//echo "<td>" . $row['file_data'] . "</td>";
echo "<td>" . $row['date'] . "</td>";
echo "</tr>";
}
echo "</table>";

//download link
echo "<a href='download_file.php?id=". $row['file_id'] ."'>Download</a>";

mysql_close($con);
session_destroy();
ob_end_flush();
}
}
?>
<html>
<body>
<p>
<br><br>
<align="center"><a href="mypage.php">Back</a>
<a href="logout.php">Logout</a>
</p>
</body>
</html>

Lemme know where i hav gone wrong plz.

devinemke

are these file public? if so then simply link directly to them:

echo '<td><a href="http://www.example.com/files/' . $row['file_name'] . '">' . $row['file_name'] . '</a></td>';

if not then link to a separate script that uses the [man]header[/man] function to force a download.

niranjani23

What do u mean by public? Am pretty new to php so could you be more specific and clear plz?

and how can i make a header so that it is downloadable? cud u explain plz?

Regards,
niranjani

devinemke

niranjani23;10923962 wrote:
What do u mean by public?

i mean are these files sitting somewhere in your server's public doc root accessible to the outside world? if they are you can simply link to them just as you would to any public element. for example, i can create a link to Google by doing this:

<a href="http://www.google.com">click here to go to Google</a>

if your uploaded file are public then just link to them to the same way (as in the example in my initial post)

niranjani23

these files are stored in mysql db after they are uploaded by any user.So, while listing the available files, i retrieve them from the database.While retrieving from the database, how to make them clickable?

devinemke

then link to a script and pass the file ID as a GET variable. in your download script pull the file data from the database (based on the passed file ID) and then use [man]header[/man] to serve up the file contents. the [man]header[/man] manual page has specific examples of how to force a download.

Bjom

you store the actual "files" in the DB? Or do you simply store the paths to the files, while the files reside in a folder of the filesystem? The latter approach would make the linking easier and keep your DB's size down...

niranjani23

I store jus the location of the files. how do i make the retrieved file location as a clickable link available for download?

Bjom

actually everything you need to know is already there. Use what devinemke posted....or if you have the full paths stored then include the field with the path in your query and use it in the <a href...

User PHP tags next time please and replace "die" with "trigger_error" 🙂

while($row = mysql_fetch_array($result))
{

echo "<tr>";
echo '<td><a href="http://www.example.com/files/' . $row['file_name'] . '">' . $row['file_name'] . '</a></td>'; 
echo "<td>". $row['file_id'] . "</td>";
echo "<td>" . $row['file_name'] . "</td>";
echo "<td>" . $row['file_size'] . "</td>";
//echo "<td>" . $row['file_data'] . "</td>";
echo "<td>" . $row['date'] . "</td>";
echo "</tr>";
}
echo "</table>";

niranjani23

the first set of codes should come under list_files.php
cud u tell me where shud i place the trigger code?

Bjom

I don't understand what you mean. Could you elaborate please?

niranjani23

This is my code and am getting a syntax error on $path.baseline()
why is this happening? how can i resolve this error?

<?php
ob_start();
echo"Upload files section";
?>
<br><br>
<?

session_start();
echo "Hi ".$_SESSION['username'];
function display_upload_form()
{
echo <<<DISPLAY_UPLOAD_FORM
?>

<td colspan="3"><strong>File Upload</strong></td>

    <tr>
	<td width="150">Select file</td>
	<td><input type="file" name="uploadNeed" id="ufile" size="50"></td>
	<td><input type="hidden" name="execute" value="1"></td>
	</tr>


	<tr>
	<td align="center"><input type="Submit" name="Submit" value="Upload"/></td>
	</tr>

	<tr>
	<td align="center"><a href="one.php">Back</a>
	</tr>
	</table>
	</form>
	</td>
	</table>

<?
DISPLAY_UPLOAD_FORM;}
function execute_upload()
{
phpinfo();

// root path

$path = "uploads/";

$path = $path.basename( $_FILES['uploadNeed']['name']);

// upload directory. path will originate from root. 
$dirname = '/uploads'; 

// permission settings for newly created folders 
$chmod = 0755;

//creating file variables
$filename = $FILES['uploadNeed']['name'];
$filesize = $FILES['uploadNeed']['size'];
$filetype = $FILES['uploadNeed']['type'];
$file_tmp = $FILES['uploadNeed']['tmp_name'];
$file_err = $_FILES['uploadNeed']['error'];
$file_ext = strrchr($filename, '.');

// check to prevent file attacks.
if (is_uploaded_file($file_tmp))
{
/
check if the directory exists
if it doesnt exist, make the directory
/
$dir = $path . $dirname;

        if (!is_dir($dir)) 
        { 
            $dir = explode('/', $dirname); 

            foreach ($dir as $sub_dir) 
            { 
                $path .= '/' . $sub_dir; 
                if (!is_dir($path)) 
                { 
                    if (!mkdir($path, $chmod)) 
                    { 
                        unlink($file_tmp); 
                        die('<strong>Error:</strong> Directory does not exist and was unable to be created.'); 
                    } 
                } 
            } 
        } 
/* 
        * copy the file from the temporary upload directory 
        * to its final detination. 
        */ 
        if (@move_uploaded_file($file_tmp, $dir . '/' . $filename)) 
        { 
            // success! 
            echo " 
            <p>Success!</p> 
            <p><strong>View File:</strong> <a href=\"$dirname/$filename\">$filename</a></p> 
            "; 
        } 
        else 
        { 
            // error moving file. check file permissions. 
            unlink($file_tmp); 
            echo '<strong>Error:</strong> Unable to move file to designated directory.'; 
        } 
    } 
    else 
    { 
        // file seems suspicious... delete file and error out. 
        unlink($file_tmp); 
        echo '<strong>Error:</strong> File does not appear to be a valid upload. Could be a file attack.'; 
    } 
} 



    // Kill temp file, if any, and display error. 
    if ($file_tmp != '') 
    { 
        unlink($file_tmp); 
    } 

    switch ($file_err) 
    { 
        case '0': 
            echo 'That is not a valid file. 0 byte length.'; 
            break; 

        case '1': 
            echo 'This file, at ' . $filesize . ' bytes, exceeds the maximum allowed file size as set in <em>php.ini</em>. '. 
            'Please contact your system admin.'; 
            break; 

        case '2': 
            echo 'This file exceeds the maximum file size specified in your HTML form.'; 
            break; 

        case '3': 
            echo 'File was only partially uploaded. This could be the result of your connection '. 
            'being dropped in the middle of the upload.'; 

        case '4': 
            echo 'You did not upload anything... Please go back and select a file to upload.'; 
            break; 
    }

// Logic Code

if (isset($_POST['execute']))
{
execute_upload();
}
else
{
display_upload_form();
}

ob_end_flush();
?>

niranjani23

am getting a unexpected $end error too

niranjani23

Am getting syntax errors on 2 lines which doesnt seem to have any problem at all:
<?php
ob_start();
echo"Upload files section";
?>
<br><br>
<?

session_start();
echo "Hi ".$_SESSION['username'];
function display_upload_form()
{
echo <<<DISPLAY_UPLOAD_FORM
?>

<td colspan="3"><strong>File Upload</strong></td>

    <tr>
	<td width="150">Select file</td>
	<td><input type="file" name="uploadNeed" id="ufile" size="50"></td>
	<td><input type="hidden" name="execute" value="1"></td>
	</tr>


	<tr>
	<td align="center"><input type="Submit" name="Submit" value="Upload"/></td>
	</tr>

	<tr>
	<td align="center"><a href="one.php">Back</a>
	</tr>
	</table>
	</form>
	</td>
	</table>

<?
DISPLAY_UPLOAD_FORM;}
function execute_upload()
{
phpinfo();

// root path

$path = "uploads/";

$path = $path.basename( $_FILES[uploadNeed][name]);

// upload directory. path will originate from root. 
$dirname = '/uploads'; 

// permission settings for newly created folders 
$chmod = 0755;

//open connection to mysql server
$con = mysql_connect("localhost","root","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("my_db", $con);
//creating file variables
$fp = fopen($tmp_name, 'r');
$content = fread($fp, filesize($tmp_name));
fclose($fp);

$filename = $_FILES['uploadNeed']['name']; ---> [COLOR="red"]it shows syntax errors in all these statements. I dont understand y this is happening[/COLOR]    $filesize = $_FILES['uploadNeed']['size']; 
$filetype = $_FILES['uploadNeed']['type']; 
$file_tmp = $_FILES['uploadNeed']['tmp_name']; 
$file_err = $_FILES['uploadNeed']['error']; 
$file_ext = strrchr($filename, '.');

// check to prevent file attacks.
if (is_uploaded_file($file_tmp))
{
/
check if the directory exists
if it doesnt exist, make the directory
/
$dir = $path . $dirname;

        if (!is_dir($dir)) 
        { 
            $dir = explode('/', $dirname); 

            foreach ($dir as $sub_dir) 
            { 
                $path .= '/' . $sub_dir; 
                if (!is_dir($path)) 
                { 
                    if (!mkdir($path, $chmod)) 
                    { 
                        unlink($file_tmp); 
                        die('<strong>Error:</strong> Directory does not exist and was unable to be created.'); 
                    } 
                } 
            } 
        } 
/* 
        * copy the file from the temporary upload directory 
        * to its final detination. 
        */ 
        if (move_uploaded_file($file_tmp, $dir . '/' . $filename)) 
        { 
            // success! 
            echo " 
            <p>Success!</p> 
            <p><strong>View File:</strong> <a href=\"$dirname/$filename\">$filename</a></p> 
            "; 
        } 
        else 
        { 
            // error moving file. check file permissions. 
            unlink($file_tmp); 
            echo '<strong>Error:</strong> Unable to move file to designated directory.'; 
        } 
    }
    else 
    { 
        // file seems suspicious... delete file and error out. 
        unlink($file_tmp); 
        echo '<strong>Error:</strong> File does not appear to be a valid upload. Could be a file attack.'; 
    } 
} 



    // Kill temp file, if any, and display error. 
    if ($file_tmp != '') 
    { 
        unlink($file_tmp); 
    } 

    switch ($file_err) 
    { 
        case '0': 
            echo 'That is not a valid file. 0 byte length.'; 
            break; 

        case '1': 
            echo 'This file, at ' . $filesize . ' bytes, exceeds the maximum allowed file size as set in <em>php.ini</em>. '. 
            'Please contact your system admin.'; 
            break; 

        case '2': 
            echo 'This file exceeds the maximum file size specified in your HTML form.'; 
            break; 

        case '3': 
            echo 'File was only partially uploaded. This could be the result of your connection '. 
            'being dropped in the middle of the upload.'; 

        case '4': 
            echo 'You did not upload anything... Please go back and select a file to upload.'; 
            break; 
    }

// Logic Code

if (isset($_POST['execute'])) ---> it shows syntax error here
{
execute_upload();
}
else
{
display_upload_form();
}

ob_end_flush();

?>
}

Bjom

use php tags and indent your code properly. this is unreadable.

have a look at this and carefully read pls.

Errors like the "unexpected end" happen when you get lost in your own code (hence the coding standards and making code look "pretty", it helps).

Bjom

niranjani23

I resolved tht $end error but now am getting this error:
Warning: move_uploaded_file(Array/niru.txt) [function.move-uploaded-file]: failed to open stream: No such file or directory in /home/niru23/public_html/mypage.php on line 119

Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/php1VleB3' to 'Array/niru.txt' in /home/niru23/public_html/mypage.php on line 119
Error: Unable to move file to designated directory.}

y is this happening?

johanafm

Since it's unlikely that you have a directory named "Array", those error messages ought to give you a very good idea what's going wrong. Check the variable holding the desintation for the mentioned function (which is move_uploaded_file), and once you find out what variable that is, look for the line where you assign the result of explode() to this variable (which ought to be close to line 119), and then click the link to see what explode returns according to the php documentation.