im在尝试下载文件时,在我的第二个脚本中出现错误,说"错误!不存在具有该ID的图像"。
我的第一个脚本
<?php
$username = $_POST["username"];
$password = $_POST["password"];
// Connect to the database
$dbLink = new mysqli('localhost', 'sqldata', 'sqldata', 'balhaf');
if(mysqli_connect_errno()) {
die("MySQL connection failed: ". mysqli_connect_error());
}
//for mysql injection (security reasons)
$username = mysqli_real_escape_string($dbLink, $username);
$password = mysqli_real_escape_string($dbLink, $password);
mysqli_select_db($dbLink,"balhaf2");
//checking if such data exist in our database and display result
$login = mysqli_query ($dbLink,"select * from users where USERNAME = '$username' and
PASSWORD = '$password'");
if(mysqli_num_rows($login) == 1) {
// Fetch the file information
$query = "select * from users WHERE username = '".$dbLink->escape_string($username)."'";
$result = $dbLink->query($query);
$company = false;
//Now get the result information
$row = $result->fetch_object(); //will store the record in $row
//Access what you need
if($row) {
$company = $row->company; //variable name should match the field name in your database
echo $company; //See if you get the value stored in the database
}
mysqli_select_db($dbLink,"balhaf");
// Query for a list of all existing files
$sql = "SELECT id, name, mime, size, created FROM $company";
$result = $dbLink->query($sql);
// Check if it was successfull
if($result) {
// Make sure there are some files in there
if($result->num_rows == 0) {
echo '<p>There are no files in the database</p>';
}
else {
// Print the top of a table
echo '<table border="1" align="center">
<H2 align="center"> Report Table</H>
<tr>
<td><b>Name</b></td>
<td><b>Mime</b></td>
<td><b>Size (bytes)</b></td>
<td><b>Created</b></td>
<td><b> </b></td>
</tr>';
// Print each file
while($row = $result->fetch_assoc()) {
echo "
<tr>
<td>{$row['name']}</td>
<td>{$row['mime']}</td>
<td>{$row['size']}</td>
<td>{$row['created']}</td>
<td><a style='text-decoration:none;' href='get_file_work.php?id={$row['id']}&company=$company'>Download</a></td>
</tr>";
}
// Close table
echo '</table>';
}
// Free the result
$result->free();
}
else
{
echo 'Error! SQL query failed:';
echo "<pre>{$dbLink->error}</pre>";
}
// Close the mysql connection
$dbLink->close();
}
else {
echo "worng user"."</br>";
}
?>
我的第二个脚本get_file_work.php,它从第一个脚本中获取值
<?php
error_reporting(E_ALL);
$company =$_GET['company']; // get value from the first script
if(isset($_GET['id'])) // get value from first script
{
$id = intval($_GET['id']);
if($id <= 0)
{
die('The ID is invalid!');
}
else
{
$dbLink = new mysqli('localhost', 'sqldata', 'sqldata', 'balhaf');
if(mysqli_connect_errno())
{
die("MySQL connection failed: ". mysqli_connect_error());
}
$query = "SELECT mime, name, size, data FROM $company WHERE id = $id";
$result = $dbLink->query($query);
if($result)
{
if($result->num_rows == 1) {
$row = mysqli_fetch_assoc($result);
header("Content-Type: application/force-download");
header("Content-Disposition: attachment; filename=". $row['name']);
header("Content-Length: ".$row['size']);
header('Expires: 0');
header('Accept-Ranges: bytes');
header("Cache-control: private");
header('Pragma: private');
echo $row['data'];
}
if(!isset($row['data']))
{
echo "error no data";
}
else {
echo 'Error! No image exists with that ID.';
}
@mysqli_free_result($result);
}
else
{
echo "Error! Query failed: <pre>{$dbLink->error}</pre>";
}
@mysqli_close($dbLink);
}
}
else
{
echo 'Error! No ID was passed.';
}
?>
您应该这样修改代码:
if(!isset($row['data'])) { echo "error no data"; }
else { echo 'Error!
$row['data'];