core.php

1. <?php
2. include 'dbcon.php';
3. include 'helpers.php';
4. session_start();
5. //begining displaying uploaded files
6. $userId = $_SESSION['id'];
7. $firstname = $_SESSION['first_name'];
8.  
9. //Download
10. if(isset($_GET['download'])){
11.  
12.     $filename = $_GET['file_name'];
13.     $filedata = "users/$firstname/".$filename;
14.     $disposition = 'attachment';
15.     header('Content-length: ' . filesize($filedata));
16.     header("Content-type: application/octet-stream");
17.     header("Content-disposition: $disposition; filename=$filename");
18.  
19.     exit();
20. }
21.  
22. //log out
23. if(isset($_GET['logout'])){
24.     unset($_SESSION['loggedIn']);
25.     unset($_SESSION['email']);
26.     unset($_SESSION['password']);
27.     unset($_SESSION['id']);
28.     unset($_SESSION['first_name']);
29.     header('Location: index.php');
30.     exit();
31. }
32.  
33. try {
34.     $sql = 'SELECT files.id, file_name, file_type, date_uploaded, user_id From files WHERE user_id = :user_id';
35.     $result = $pdo->prepare($sql);
36.     $result->bindValue(':user_id', $userId);
37.     $result->execute();
38. } catch (Exception $e) {
39.     $error = 'Error reading files.';
40.     echo $error;
41.     exit();
42. }
43.  
44. foreach ($result as $row) {
45.     $files[] = array('file_id' => $row['id'], 'file_name' => $row['file_name'],
46.         'file_type' => $row['file_type'], 'date_uploaded' => $row['date_uploaded'], 'user_id' => $row['user_id']);
47. }
48.  
49. include'home.php';
50. //end of showing uploaded files
51.  
52. //upload
53.  
54. if (isset($_POST['upload'])) {
55.     $filetmp = $_FILES["fileupload"]["tmp_name"];
56.     $filename = $_FILES["fileupload"]["name"];
57.     $filetype = $_FILES["fileupload"]["type"];
58.     $filesize = $_FILES["fileupload"]["size"];
59.     #$dir = "filebox/users/".$filename."/".$_POST['first_name'];
60.     $dir = "users/$firstname/".$filename;
61.  
62.     try{
63.  
64.         if (empty($filename)){
65.             $someThing = "Hiya someThing went wrong";
66.         }else{
67.             move_uploaded_file($filetmp, $dir);
68.  
69.             $sql = 'INSERT INTO files SET
70.             file_name = :file_name,
71.             file_type = :file_type,
72.             date_uploaded = CURDATE(),
73.             user_id = :user_id';
74.             $s = $pdo->prepare($sql);
75.             $s->bindValue(':file_name', $filename);
76.             $s->bindValue(':file_type', $filetype);
77.             $s->bindValue(':user_id', userid($userId));
78.             $s->execute();
79.         }
80.     }catch (Exception $e) {
81.         $error = 'upload error';
82.         echo $error;
83.         exit();
84.     }
85.     header('Location: home.php');
86.     exit();
87. }
88.  
89. //delete file
90. if(isset($_POST['delete'])){
91.     try{
92.         $sql = 'DELETE FROM files WHERE id = :id';
93.         $s = $pdo->prepare($sql);
94.         $s->bindValue(':id', $_POST['file_id']);
95.         $s->execute();
96.  
97.         unlink("users/$firstname/".$_POST['file_name']);
98.     }catch (Exception $e) {
99.         $error = 'delete error';
100.         echo $error;
101.         exit();
102.     }
103.     header('Location: home.php');
104.     exit();
105. }
106. ?>