Uploading and Downloading from MySQL (CORRUPTION)

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
buckit
Forum Contributor
Posts: 169
Joined: Fri Jan 01, 2010 10:21 am

Uploading and Downloading from MySQL (CORRUPTION)

Post by buckit »

Ok... I am at a loss here... no idea what I am doing wrong... hopefully someone can point me in the right direction.

Background:
I built a multi tenant app to store and organize basic data. sort of like an inventory. one of the features is being able to "attach" file(s) to each entry. Office docs, pdf's, or images.

I have chosen to store the data in the database because it keeps 100% of the tenants data in a single place. This makes it alot easier when dealing with several hundred tenants, especially when it comes to load balancing between servers. I can easily bounce them to another server without worrying about file path to their attachments. yes, I can get around that but I chose not to :).


so here is my problem... I can upload and download ANY PDF file with no issues at all... but ANY other filetype (have tried, bmp, jpg, jpeg, gif, doc and xls) are corrupted on when you download them and you cant open them.

Here is my code:
Upload form:

Code: Select all

<form action="<?php echo edit_query();?>" method="post" enctype="multipart/form-data">
                <table width="97%" align="center" border="0" cellpadding="1" cellspacing="1" class="box">
                    <tr><td align="right"
                    <tr><td align="left">
                    <input type="hidden" name="i" value="<?php echo $bbid;?>" />
                    <input type="hidden" name="MAX_FILE_SIZE" value="6000000">
                    <input name="userfile" type="file" id="userfile">
                    <input name="upload" type="submit" class="box" id="upload" value=" Upload ">
                    </td></tr>
                </table>
            </form>
Upload processing and insert:

Code: Select all

if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0){
	if(validate_upload($_FILES['userfile'])){
		$bid = sanitize($_POST['i']);
		$fileName = addslashes($_FILES['userfile']['name']);
		$tmpName  = $_FILES['userfile']['tmp_name'];
		$fileSize = $_FILES['userfile']['size'];
		$fileType = $_FILES['userfile']['type'];
		$fp      = fopen($tmpName, 'r');
		$content = fread($fp, filesize($tmpName));
		$content = addslashes($content);
		fclose($fp);
		
		
		$sql = "INSERT INTO files (file_name, file_size, file_type, file_content, bb_id, tenant_id) ".
		"VALUES ('$fileName', '$fileSize', '$fileType', '$content',$bid,".TENANT_ID.")";
		
		$check = $db->Execute("SELECT bb_tenant_id FROM bb WHERE bb_id = ".$bid);
		if($check->fields['bb_tenant_id'] == TENANT_ID){
			if($db->Execute($sql)){
				$success = "File $fileName uploaded<br>";
			}else{
				$error = "Could not process file";
			}
		}else{
			$error = "Error uploading file, Please try again.";
		}
	}else{
		$error .= "Could not upload file, Files may only be .jpg, .gif, .tif, .pdf, .doc, .xls or .csv.";
	}
} 

Download code:

Code: Select all

if(isset($_GET['d']) && $_GET['d'] != ''){
	$fid = sanitize($_GET['d']);
	$files = $db->Execute("SELECT * FROM files WHERE file_id = $fid AND tenant_id = ".TENANT_ID);
		if($files->RecordCount() == 1){
			$size = $files->fields['file_size'];
			$type = $files->fields['file_type'];
			$name = $files->fields['file_name'];
			$content = $files->fields['file_content'];
		  ob_start();
		  header("Pragma: public"); 
	      header("Expires: 0"); 
	      header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); 
	      header("Cache-Control: private",false); 
	      header("Content-Type: $type;"); 
	      header("Content-Disposition: attachment; filename=\"".$name."\";"); 
	      header("Content-Transfer-Encoding:  binary"); 
	      header("Content-Length: ".$size); 
		  echo $content;
	
		}else{
			$error = "File not found";
		}
}
I added ob_start() based on some ideas I found when googling, but that didnt seem to help at all!

Some other ideas I found suggested that whitespace is being added to the file output. I have removed all the whitespace I could find in the file as well as all included files. Still get nothing but corrupted files on download.

MySQL table structure:
Table structure for MySQL file storage
Table structure for MySQL file storage
files_structure1.jpg (114.81 KiB) Viewed 706 times
buckit
Forum Contributor
Posts: 169
Joined: Fri Jan 01, 2010 10:21 am

Re: Uploading and Downloading from MySQL (CORRUPTION)

Post by buckit »

Sure enough... it was white space. Went through all related files 3 times looking for ANYTHING... seems the first 2 times I missed a small space after a ;

oh well... at least its fixed now LOL
Post Reply