PHP仅下载ID号最小的文件

我尝试了大约30个如何从folder/mysql下载文件的教程，但没有一个能满足我的需要。然后我遇到了，它在某种程度上帮助了我

本教程从DB中获取名称，然后单击名称下载开始。我根据自己的需要调整了代码，所以现在folder/mysql中的每个文件都打印有名称、下载按钮和删除按钮，名称和删除号码工作正常，但下载按钮只下载ID号最小的第一个文件

请不要告诉我，这是不安全的，因为我需要准备声明或类似的东西，因为这是现在的学习，在我理解这一点后，我会变得更安全

这是我的代码：

files.php

<div class="row" style="display:flex; flex-wrap: wrap;">

<?php

    $query = "SELECT * FROM uploads ORDER BY filename ASC";
    $select_uploads = mysqli_query($connection, $query);

    while($row = mysqli_fetch_assoc($select_uploads)) {

    $id = $row['id'];
    $filename = $row['filename'];
    $filetype = $row['filetype'];
    $filesize = $row['filesize'];

?>

<div class="col-lg-2 col-sm-4 col-md-4 col-xs-12">
    <div class="thumbnail text-center">
        <div class="caption">
            <p class="filename"><small><?php echo $filename; ?></small></p>


<?php

    $fetc = "SELECT * FROM uploads LIMIT 1";
    $result = mysqli_query($connection, $fetc);
    if(!$result) {
        die("QueryFailed" . mysqli_error($connection));
    }

while($row1=mysqli_fetch_array($result))
{
    $name=$row1['filename'];
    $type=$row1['filetype'];

?>

<p><a name="download" href="download.php?filename=<?php echo $name ;?>" class="btn btn-primary btn-xs" role="button"><i class="fa fa-download"></i> Preuzmi</a></p>

<?php 
} 
?>

<form action="" method="post">
    <input type="hidden" name="delete_file" value="<?php echo $id; ?>">
    <?php
    echo '<button class="btn btn-danger btn-xs" type="submit" name="delete" onClick=\'javascript: return confirm("Da li ste sigurni da želite da obrišete?"); \'><i class="fa fa-trash-o"></i> Obriši</button>';
    ?>
</form>

</div>
</div>
</div>

<?php

}

?>

</div>


<?php

if(isset($_POST['delete'])) {

    $id = $_POST['delete_file'];

    if(isset($_SESSION['user_role'])) {

        if($_SESSION['user_role'] == 'admin' || $_SESSION['user_role'] == 'superadmin') {

            unlink("uploads/".$filename);
            $query = "DELETE FROM uploads WHERE id = {$id} ";
            $delete_filename = mysqli_query($connection, $query);
            header("Location: fajlovi.php");

        }

    }

}

?>

<?php
function output_file($file, $name, $mime_type='')
{
 if(!is_readable($file)) die('File not found or inaccessible!');
 $size = filesize($file);
 $name = rawurldecode($name);
 $known_mime_types=array(
    "htm" => "text/html",
    "exe" => "application/octet-stream",
    "zip" => "application/x-zip-compressed",
    "7z"  => "application/octet-stream",
    "doc" => "application/msword",
    "docx"=> "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
    "jpg" => "image/jpg",
    "php" => "text/plain",
    "xls" => "application/vnd.ms-excel",
    "xlsx"=> "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
    "ppt" => "application/vnd.ms-powerpoint",
    "pptx"=> "application/vnd.openxmlformats-officedocument.presentationml.presentation",
    "gif" => "image/gif",
    "pdf" => "application/pdf",
    "txt" => "text/plain",
    "html"=> "text/html",
    "png" => "image/png",
    "jpeg"=> "image/jpg"
 );

 if($mime_type==''){
     $file_extension = strtolower(substr(strrchr($file,"."),1));
     if(array_key_exists($file_extension, $known_mime_types)){
        $mime_type=$known_mime_types[$file_extension];
     } else {
        $mime_type="application/force-download";
     };
 };

 //turn off output buffering to decrease cpu usage
 @ob_end_clean(); 

 // required for IE, otherwise Content-Disposition may be ignored
 if(ini_get('zlib.output_compression'))
 ini_set('zlib.output_compression', 'Off');
 header('Content-Type: ' . $mime_type);
 header('Content-Disposition: attachment; filename="'.$name.'"');
 header("Content-Transfer-Encoding: binary");
 header('Accept-Ranges: bytes');

 // multipart-download and download resuming support
 if(isset($_SERVER['HTTP_RANGE']))
 {
    list($a, $range) = explode("=",$_SERVER['HTTP_RANGE'],2);
    list($range) = explode(",",$range,2);
    list($range, $range_end) = explode("-", $range);
    $range=intval($range);
    if(!$range_end) {
        $range_end=$size-1;
    } else {
        $range_end=intval($range_end);
    }

    $new_length = $range_end-$range+1;
    header("HTTP/1.1 206 Partial Content");
    header("Content-Length: $new_length");
    header("Content-Range: bytes $range-$range_end/$size");
 } else {
    $new_length=$size;
    header("Content-Length: ".$size);
 }

 /* Will output the file itself */
 $chunksize = 1*(1024*1024); //you may want to change this
 $bytes_send = 0;
 if ($file = fopen($file, 'r'))
 {
    if(isset($_SERVER['HTTP_RANGE']))
    fseek($file, $range);

    while(!feof($file) && 
        (!connection_aborted()) && 
        ($bytes_send<$new_length)
          )
    {
        $buffer = fread($file, $chunksize);
        echo($buffer); 
        flush();
        $bytes_send += strlen($buffer);
    }
 fclose($file);
 } else
 //If no permissiion
 die('Error - can not open file.');
 //die
die();
}
//Set the time out
set_time_limit(0);

//path to the file
$file_path='uploads/'.$_REQUEST['filename'];


//Call the download function with file path,file name and file type
output_file($file_path, ''.$_REQUEST['filename'].'', 'text/plain');
?>

下载.php

<div class="row" style="display:flex; flex-wrap: wrap;">

<?php

    $query = "SELECT * FROM uploads ORDER BY filename ASC";
    $select_uploads = mysqli_query($connection, $query);

    while($row = mysqli_fetch_assoc($select_uploads)) {

    $id = $row['id'];
    $filename = $row['filename'];
    $filetype = $row['filetype'];
    $filesize = $row['filesize'];

?>

<div class="col-lg-2 col-sm-4 col-md-4 col-xs-12">
    <div class="thumbnail text-center">
        <div class="caption">
            <p class="filename"><small><?php echo $filename; ?></small></p>


<?php

    $fetc = "SELECT * FROM uploads LIMIT 1";
    $result = mysqli_query($connection, $fetc);
    if(!$result) {
        die("QueryFailed" . mysqli_error($connection));
    }

while($row1=mysqli_fetch_array($result))
{
    $name=$row1['filename'];
    $type=$row1['filetype'];

?>

<p><a name="download" href="download.php?filename=<?php echo $name ;?>" class="btn btn-primary btn-xs" role="button"><i class="fa fa-download"></i> Preuzmi</a></p>

<?php 
} 
?>

<form action="" method="post">
    <input type="hidden" name="delete_file" value="<?php echo $id; ?>">
    <?php
    echo '<button class="btn btn-danger btn-xs" type="submit" name="delete" onClick=\'javascript: return confirm("Da li ste sigurni da želite da obrišete?"); \'><i class="fa fa-trash-o"></i> Obriši</button>';
    ?>
</form>

</div>
</div>
</div>

<?php

}

?>

</div>


<?php

if(isset($_POST['delete'])) {

    $id = $_POST['delete_file'];

    if(isset($_SESSION['user_role'])) {

        if($_SESSION['user_role'] == 'admin' || $_SESSION['user_role'] == 'superadmin') {

            unlink("uploads/".$filename);
            $query = "DELETE FROM uploads WHERE id = {$id} ";
            $delete_filename = mysqli_query($connection, $query);
            header("Location: fajlovi.php");

        }

    }

}

?>

<?php
function output_file($file, $name, $mime_type='')
{
 if(!is_readable($file)) die('File not found or inaccessible!');
 $size = filesize($file);
 $name = rawurldecode($name);
 $known_mime_types=array(
    "htm" => "text/html",
    "exe" => "application/octet-stream",
    "zip" => "application/x-zip-compressed",
    "7z"  => "application/octet-stream",
    "doc" => "application/msword",
    "docx"=> "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
    "jpg" => "image/jpg",
    "php" => "text/plain",
    "xls" => "application/vnd.ms-excel",
    "xlsx"=> "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
    "ppt" => "application/vnd.ms-powerpoint",
    "pptx"=> "application/vnd.openxmlformats-officedocument.presentationml.presentation",
    "gif" => "image/gif",
    "pdf" => "application/pdf",
    "txt" => "text/plain",
    "html"=> "text/html",
    "png" => "image/png",
    "jpeg"=> "image/jpg"
 );

 if($mime_type==''){
     $file_extension = strtolower(substr(strrchr($file,"."),1));
     if(array_key_exists($file_extension, $known_mime_types)){
        $mime_type=$known_mime_types[$file_extension];
     } else {
        $mime_type="application/force-download";
     };
 };

 //turn off output buffering to decrease cpu usage
 @ob_end_clean(); 

 // required for IE, otherwise Content-Disposition may be ignored
 if(ini_get('zlib.output_compression'))
 ini_set('zlib.output_compression', 'Off');
 header('Content-Type: ' . $mime_type);
 header('Content-Disposition: attachment; filename="'.$name.'"');
 header("Content-Transfer-Encoding: binary");
 header('Accept-Ranges: bytes');

 // multipart-download and download resuming support
 if(isset($_SERVER['HTTP_RANGE']))
 {
    list($a, $range) = explode("=",$_SERVER['HTTP_RANGE'],2);
    list($range) = explode(",",$range,2);
    list($range, $range_end) = explode("-", $range);
    $range=intval($range);
    if(!$range_end) {
        $range_end=$size-1;
    } else {
        $range_end=intval($range_end);
    }

    $new_length = $range_end-$range+1;
    header("HTTP/1.1 206 Partial Content");
    header("Content-Length: $new_length");
    header("Content-Range: bytes $range-$range_end/$size");
 } else {
    $new_length=$size;
    header("Content-Length: ".$size);
 }

 /* Will output the file itself */
 $chunksize = 1*(1024*1024); //you may want to change this
 $bytes_send = 0;
 if ($file = fopen($file, 'r'))
 {
    if(isset($_SERVER['HTTP_RANGE']))
    fseek($file, $range);

    while(!feof($file) && 
        (!connection_aborted()) && 
        ($bytes_send<$new_length)
          )
    {
        $buffer = fread($file, $chunksize);
        echo($buffer); 
        flush();
        $bytes_send += strlen($buffer);
    }
 fclose($file);
 } else
 //If no permissiion
 die('Error - can not open file.');
 //die
die();
}
//Set the time out
set_time_limit(0);

//path to the file
$file_path='uploads/'.$_REQUEST['filename'];


//Call the download function with file path,file name and file type
output_file($file_path, ''.$_REQUEST['filename'].'', 'text/plain');
?>

“图像/jpg”，
“php”=>“文本/普通”，
“xls”=>“应用程序/vnd.ms excel”，
“xlsx”=>“application/vnd.openxmlformats officedocument.spreadsheetml.sheet”，
“ppt”=>“应用程序/vnd.ms powerpoint”，
“pptx”=>“application/vnd.openxmlformats of icedocument.presentationml.presentation”，
“gif”=>“图像/gif”，
“pdf”=>“应用程序/pdf”，
“txt”=>“文本/普通”，
“html”=>“文本/html”，
“png”=>“图像/png”，
“jpeg”=>“图像/jpg”
);
如果（$mime_type==''）{
$file_extension=strtolower（substr（strrchr（$file，“.”），1））；
如果（数组\密钥\存在（$file\扩展名，$known\ mime\类型））{
$mime_type=$known_mime_type[$file_extension]；
}否则{
$mime_type=“应用程序/强制下载”；
};
};
//关闭输出缓冲以减少cpu使用
@ob_end_clean（）；
//IE需要，否则可能忽略内容处理
if（ini_get（'zlib.output_compression'））
ini_集（'zlib.output_compression'，'Off'）；
标题（“内容类型：”.$mime\U类型）；
标题（'Content-Disposition:attachment；filename=“.”.$name.'”）；
标题（“内容传输编码：二进制”）；
标题（'Accept-Ranges:bytes'）；
//多部分下载和下载恢复支持
如果（isset（$\u服务器['HTTP\u范围]]））
{
列表（$a，$range）=分解（“=”，$\u服务器['HTTP\u range'，2）；
列表（$range）=分解（“，”，$range，2）；
列表（$range，$range_end）=分解（“-”，$range）；
$range=intval（$range）；
如果（！$range\u end）{
$range_end=$size-1；
}否则{
$range\u end=intval（$range\u end）；
}
$new\u length=$range\u end-$range+1；
标题（“HTTP/1.1 206部分内容”）；
标题（“内容长度：$new_长度”）；
标题（“内容范围：字节$Range-$Range_end/$size”）；
}否则{
$new_length=$size；
标题（“内容长度：.$size”）；
}
/*将输出文件本身*/
$chunksize=1*（1024*1024）//你可能想改变这个
$bytes\u send=0；
如果（$file=fopen（$file，'r'））
{
如果（isset（$\u服务器['HTTP\u范围]]））
fseek（$file，$range）；
而（！feof（$file）和
（！connection_aborted（））&&
（$bytes\u发送

---

我剪切了很多代码以便让您更清楚地看到。很抱歉我的英语不好，我希望我正确地解释了这个问题。

您的

文件。php

模块包含两个嵌套查询。第一个查询按文件名的顺序从

上载

表中获取所有行。确定

第二个查询嵌套在第一个查询中，只从表中获取一行（

LIMIT 1

），每次运行时可能都获取同一行

您应该消除嵌套的——第二个查询——并使用第一个查询的结果集

一些建议

尝试缩进代码，以便一眼就能看到嵌套结构

在实现删除部分之前，先让项目的下载部分正常工作

---

这就成功了，我从第一个查询中删除了第二个查询和用户$filename，除了第二个查询中的$file变量外，还可以很好地工作。看来我太复杂了。谢谢O.Jones。