下载功能改为下载.php文件

时间:2020-07-17 14:02:24

标签: php mysqli

最近,我开始进行PHP编程,目前正在从事一个项目,用户可以在该项目上进行数字购买。因此,这就是我目前面临的问题,我为用户创建了一个库部分,用户可以在其中查看购买的游戏并通过单击按钮下载它们,但是每当我单击下载按钮时,它将自动下载名为download的文件.php脚本文件,里面是一堆错误消息,而不是我想要的文件。下面是我的项目代码。

Download.php(下载脚本)

<?php
require_once("conn.php");

if(isset($_GET['id'])){
  $id = $_GET['id'];
  $sql="SELECT * FROM games WHERE game_downloadpath=$id";
  $result = mysqli_query($con,$sql);
  $file = mysqli_fetch_assoc($result);
  $filepath = 'gamefiles/' . $file['name'];

  if(file_exists($filepath)){
    header('Content-Type: application/octet-stream');
    header('Content-Description: File Transfer');
    header('Content-Desposition: attachment; filename=' . basename($filepath));
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma:public');
    header('Content-Length:' . filesize('gamefiles/' .$file['name']));
    readfile('gamefiles/' . $file['name']);
  }
}
?>
<script type="text/javascript">
  window.location.replace("library.php");
</script>

Library.php(仅显示重要代码)

<div class="block"></div>
  <section class="library-section">
    <div class="sidebar-div">
      <input type="text" placeholder="Search"> <button type="button" name="button">
        <i class="fas fa-search"></i>
      </button>
    </div>
    <div class="game-div">
      <h1>all games</h1>
      
            <?php
      include("conn.php");
      $CID = $_SESSION['id'];
      $search = isset($_POST['searchbox']) ? $_POST['searchbox'] : '' ;
      
      //for search function
      if ($search == NULL)
      {
        $result = mysqli_query($con,"Select * from games inner join purchase on purchase.purchase_game = games.game_ID inner join users on users.user_id = purchase.purchase_customer where games.game_status = 1 AND purchase.purchase_customer='$CID'");

        while($row = mysqli_fetch_array($result))
        { ?>
       <div class="games">
       <img src="<?php echo $row['game_photopath'] ?>">
       <div class="info-div">
      <h2><?php echo $row['game_name'] ?> </h2>
      <h4></h4>
      <a href="download.php?id=<?php echo $row['game_downloadpath']?>"><button type="submit" name="">
        <i class="fas fa-download"></i>
      </button></a>
    </div>
  </div>
  <?php }               
          } ?>    
  <div class="block">
  </div>
  </div>
</div>                             
  <!--  <div class="individual-game-div">
  </div>-->
  </section>
 <!-- </form> -->
<!-- /Main Content -->

这是我前面提到的文件中的代码。

<br />
<b>Warning</b>:  mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, bool given in <b>C:\xampp\htdocs\SDP-Nexus-master\Foong's part\download.php</b> on line <b>28</b><br />
<br />
<b>Notice</b>:  Trying to access array offset on value of type null in <b>C:\xampp\htdocs\SDP-Nexus-master\Foong's part\download.php</b> on line <b>29</b><br />
<br />
<b>Notice</b>:  Trying to access array offset on value of type null in <b>C:\xampp\htdocs\SDP-Nexus-master\Foong's part\download.php</b> on line <b>39</b><br />
<br />
<b>Notice</b>:  Trying to access array offset on value of type null in <b>C:\xampp\htdocs\SDP-Nexus-master\Foong's part\download.php</b> on line <b>40</b><br />
<br />
<b>Warning</b>:  readfile(gamefiles/): failed to open stream: No such file or directory in <b>C:\xampp\htdocs\SDP-Nexus-master\Foong's part\download.php</b> on line <b>40</b><br />

<script type="text/javascript">
  window.location.replace("library.php");
</script>

Here is my database structure

1 个答案:

答案 0 :(得分:-1)

您获取文件名的sql语句是

 $sql="SELECT * FROM games WHERE game_downloadpath=$id";

但是,不检查$ id是否确实存在于数据库中,或者结果是否返回有效数组。即使mysqli_fetch_assoc()的结果返回false,也会立即调用mysqli_query 

  $result = mysqli_query($con,$sql);
  $file = mysqli_fetch_assoc($result);

错误消息清楚地告诉您:

mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, bool given

假定$id的给定值在数据库中不存在或导致无效的SQL语句。

由于所有其他错误消息是此未提取行为的后续结果,因为您所有以后的代码都尝试访问不存在的数组元素,因此无法提供有效的文件名,因此最终的readfile()找不到任何现有的文件路径。

相关问题
最新问题