Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include 'dbcon.php';
- include 'helpers.php';
- session_start();
- //begining displaying uploaded files
- $userId = $_SESSION['id'];
- $firstname = $_SESSION['first_name'];
- //Download
- if(isset($_GET['download'])){
- $filename = $_GET['file_name'];
- $filedata = "users/$firstname/".$filename;
- $disposition = 'attachment';
- header('Content-length: ' . filesize($filedata));
- header("Content-type: application/octet-stream");
- header("Content-disposition: $disposition; filename=$filename");
- exit();
- }
- //log out
- if(isset($_GET['logout'])){
- unset($_SESSION['loggedIn']);
- unset($_SESSION['email']);
- unset($_SESSION['password']);
- unset($_SESSION['id']);
- unset($_SESSION['first_name']);
- header('Location: index.php');
- exit();
- }
- try {
- $sql = 'SELECT files.id, file_name, file_type, date_uploaded, user_id From files WHERE user_id = :user_id';
- $result = $pdo->prepare($sql);
- $result->bindValue(':user_id', $userId);
- $result->execute();
- } catch (Exception $e) {
- $error = 'Error reading files.';
- echo $error;
- exit();
- }
- foreach ($result as $row) {
- $files[] = array('file_id' => $row['id'], 'file_name' => $row['file_name'],
- 'file_type' => $row['file_type'], 'date_uploaded' => $row['date_uploaded'], 'user_id' => $row['user_id']);
- }
- include'home.php';
- //end of showing uploaded files
- //upload
- if (isset($_POST['upload'])) {
- $filetmp = $_FILES["fileupload"]["tmp_name"];
- $filename = $_FILES["fileupload"]["name"];
- $filetype = $_FILES["fileupload"]["type"];
- $filesize = $_FILES["fileupload"]["size"];
- #$dir = "filebox/users/".$filename."/".$_POST['first_name'];
- $dir = "users/$firstname/".$filename;
- try{
- if (empty($filename)){
- $someThing = "Hiya someThing went wrong";
- }else{
- move_uploaded_file($filetmp, $dir);
- $sql = 'INSERT INTO files SET
- file_name = :file_name,
- file_type = :file_type,
- date_uploaded = CURDATE(),
- user_id = :user_id';
- $s = $pdo->prepare($sql);
- $s->bindValue(':file_name', $filename);
- $s->bindValue(':file_type', $filetype);
- $s->bindValue(':user_id', userid($userId));
- $s->execute();
- }
- }catch (Exception $e) {
- $error = 'upload error';
- echo $error;
- exit();
- }
- header('Location: home.php');
- exit();
- }
- //delete file
- if(isset($_POST['delete'])){
- try{
- $sql = 'DELETE FROM files WHERE id = :id';
- $s = $pdo->prepare($sql);
- $s->bindValue(':id', $_POST['file_id']);
- $s->execute();
- unlink("users/$firstname/".$_POST['file_name']);
- }catch (Exception $e) {
- $error = 'delete error';
- echo $error;
- exit();
- }
- header('Location: home.php');
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement