php - Something weird about the download script -

-

good day,

just having trouble [again] download script. right now, issue whenever tried download file, download.php has been fetching , not ms excel file itself. though in process of downloading, shows icon , application file trying download in excel format. not understand downloaded it, become empty download.php

downloading process

here codes calling download:

<?php       $up = mysql_query("select * upload");              $countrow=0;             while($cr = mysql_fetch_array($up))                 {                        echo "<div style='float:left; '>";                   echo "<p style='padding:5px; margin:5px; border:1px solid #ccc; '>";                  echo "<a href='rental/download.php?id=".$cr['upload_id']."'><img src='images/icon.png'> </a>"." "."<a href='download.php?id=".$cr['upload_id']."'>".$cr['file_name']."  "."</a>";                 echo "</p>";                 echo "</div>";                           }              $countrow++;  ?>

and download.php

<?php  if(isset($_get['id']))  {   $id    = $_get['id'];  $query = "select file_name, file_type, file_size, content   upload upload_id = '$id'";  $result = mysql_query($query) or die('error, query failed');  list($name, $type, $size, $content) = mysql_fetch_array($result);  header("content-length: $size");  header("content-type: $type");  header("content-disposition: attachment; filename=$name");  ob_clean();  flush();  echo $content;  mysql_close();  exit;  }   ?>

what gonna do? wonder went wrong...

use header('content-disposition: attachment; filename=' . $name);

additionally, try use single quotes , concatenate strings, rather double quotes. double quotes eval(), , not recommended if don't need it.

also, use pdo database access or @ least mysqli, , sanitize input before including sql query. or 'download.php?id=1'; drop table user;-- you. http://xkcd.com/327/


Comments

Post a Comment

Popular posts from this blog

google api - Incomplete response from Gmail API threads.list -

-
i plot number of emails in inbox on time using gmail api , i'm seeing lot of drop-outs, whatever reason i'm getting incomplete count of messages @ single time points. my plots here: https://plot.ly/~tdsmith/2 -- "drop-outs" i'm complaining trace shoots downwards , recovers previous level @ next timepoint. the code i'm using count emails here: https://github.com/tdsmith/gmail-plotly/blob/master/gmail-plotly.py#l47-l64 what can diagnose these faults?
Read more

Installing Android SQLite Asset Helper -

-
i need use ready made database. search solution on internet did not work until decided use mentioned library found here . however, found hard use library in installation procedures shallow beginners. i appreciate step step procedure on how use android studio. in struggle tried copying sources main/libs , adding line gradle did not work. use api 19 if helps. update here build.gradle // top-level build file can add configuration options common sub-projects/modules. buildscript { repositories { mavencentral() } dependencies { classpath 'com.android.tools.build:gradle:0.11.+' compile 'com.readystatesoftware.sqliteasset:sqliteassethelper:+' // note: not place application dependencies here; belong // in individual module build.gradle files } } allprojects { repositories { mavencentral() } } trying compile project error error:(9, 0) no signature of method: org.gradle.api.internal.artifacts
Read more

Qt Creator - Searching files with Locator including folder -

-
one quick question qtcreator : know possible use locator open files using "ctrl-k" shortcut. however, possible search files including locations? for example, let's want locate file named "main.cpp" in folder named "myfolder" , have lots of other main.cpp files. what should type locator in order open ? just type myfolder/main.cpp in locator
Read more