PHP: upload

1. PHP: upload Speaker: Yan-Shiang Wang Date:2006.4.21

2. connect_db.php <? define('HOST', 'localhost'); define('USER', '94321517'); define('PASS', '12345'); define('DB', '94321517'); mysql_connect(HOST, USER, PASS); mysql_select_db(DB); ?>

3. authentication(1/2) - auth1.php <? include("connect_db.php"); $result = mysql_query(“ SELECT COUNT(*) AS numfound FROM login WHERE id='{$HTTP_POST_VARS['user']}' AND pwd='{$HTTP_POST_VARS['pass']}'"); $result_ar = mysql_fetch_array($result); if ($result_ar['numfound'] < 1){ header('Location: login.php?error=1'); } else{ echo "success!"; } ?>

4. authentication(2/2) - login.php <html> <head><title>authentication</title> <body> <h2>Sign In</h2> <form action="auth1.php" method="POST"> username:<input type="text" name="user"><br> password:<input type="password" name="pass"><br> <input type="submit"> </form> </body> </html> http://stu.csie.ncnu.edu.tw/~94321517/db_hw3/login.php

5. session(1/2) - auth2.php <? session_start(); if (empty($HTTP_SESSION_VARS['user'])){ include("connect_db.php"); $result = mysql_query("SELECT COUNT(*) AS numfound FROM login WHERE id='$user' AND pwd='$pass'"); $result_ar = mysql_fetch_array($result); if ($result_ar['numfound'] < 1){ header('Location: login2.php?error=1'); exit; } $user = $HTTP_POST_VARS['user']; session_register('user'); echo 'success!'; } ?> http://stu.csie.ncnu.edu.tw/~94321517/db_hw3/login2.php

6. session(2/2) - protected.php <?php include('auth2.php'); ?> success! <form action="login2.php" method="POST"> <input type="submit" value="logout" onclick="<? session_unregister('user'); ?>"> </form> http://stu.csie.ncnu.edu.tw/~94321517/db_hw3/protected.php

7. upload(1/4) - index.htm <html> <head> <title>upload demo</title> </head> <form action="upload.php" method="POST" enctype="multipart/form-data"> <input type="file" name=“userfile"> <input type="submit"> </form> </body> </html>

8. upload(2/4) - save into database $_FILES['userfile']['name'] $_FILES['userfile']['size'] $_FILES['userfile']['type'] $file = fopen($_FILES['userfile']['tmp_name'], "r"); $file_content = fread($file, $_FILES['MyFile']['size']); fclose($file); $sql = "insert into upload (file_id, subname, content) values ( "; $sql .= " '" . $file_Mname . "', '" . $file_Sname . "', '" . $file_content . "') "; mysql_db_query(DB, $sql);

9. upload(3/4) - save into database • create table • CREATE TABLE `upload` (`file_id` TEXT NOT NULL ,`subname` TEXT NOT NULL ,`content` TEXT NOT NULL); • Hint: if you want upload huge file, you may define `content` as MEDIUMTEXT or LONGTEXT • upload source • http://stu.csie.ncnu.edu.tw/~94321517/db_hw3/upload.phps • showfile source • http://stu.csie.ncnu.edu.tw/~94321517/db_hw3/showfile.phps

10. upload(4/4) - save into file • upload source • http://stu.csie.ncnu.edu.tw/~94321517/db_hw3/upload2.phps • Hint: chmod 777 to your $UploadPath

11. cookie(1/2) • setcookie ( string name [, string value [, int expire [, string path [, string domain [, bool secure]]]]] ) • setcookie('stu_id', '94321517'); • $HTTP_COOKIE_VARS['cookie'] • echo $HTTP_COOKIE_VARS['stu_id'];

12. cookie(2/2) <?php setcookie('tCookie', $name, time()+60*60*24); echo "cookie = " . $HTTP_COOKIE_VARS['tCookie']; ?> <html> <head><title>cookie</title></head> <body> <form action="<?= $PHP_SELF; ?>" method="POST"> <input type="text" name="name"><input type="submit"> </form> </body> </html> http://stu.csie.ncnu.edu.tw/~94321517/db_hw3/cookie.php

13. cookie path <?php setcookie('path_test', $test, time()+60*60*24, '/~94321517/db_hw3'); echo "cookie = " . $HTTP_COOKIE_VARS['path_test']; ?> http://stu.csie.ncnu.edu.tw/~94321517/db_hw3/cookie2.php http://stu.csie.ncnu.edu.tw/~94321517/path_test.php

14. cookie clear • setcookie('path_test', '', time()+60*60*24); • setcookie('path_test', '', time()+60*60*24, '/~94321517/db_hw3');

15. Reference • http://chensh.loxa.edu.tw/php/