This uploads the file:
Code: Select all
$fileName = $_FILES['userfile']['name'];
$fileType = $_FILES['userfile']['type'];
$tempName = $_FILES['userfile']['tmp_name'];
$fileErro = $_FILES['userfile']['error'];
$fileSize = $_FILES['userfile']['size'];
$fp = fopen($tempName, 'r');
$content = fread($fp, fileSize($tempName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc()) {
$fileName = addslashes($fileName);
}
include_once("x");
$query = "INSERT INTO upload (name, type, size, content)
VALUES ('$fileName', '$fileType', '$fileSize', '$content')";
mysql_query($query, $conn) or die (mysql_error());Code: Select all
$id = $_GET["id"];
$query = mysql_query("SELECT name, type, size, content
FROM upload
WHERE id = '$id'");
while ($res = mysql_fetch_array($query)) {
header("Content-length: ". $res['size']);
header("Content-type: ". $res['type']);
header("Content-Disposition: attachment; filename = ". $res['name']);
echo $res['content'];