<?php
// 设定系统参数变量,根据需要修改
$DB_SERVER = "127.0.0.1"; # 数据库连接字
$DB_USER = "root"; # 用户名
$DB_PASS = ""; # 密码
$DB_NAME = "article"; # 数据库名
$TABLE_NAME = "files"; # 数据表名
$link = mysql_connect($DB_SERVER, $DB_USER, $DB_PASS) // 连接数据库
or die("连接数据库失败!");
mysql_select_db($DB_NAME, $link);
{
$action = $_GET['action'];
$id = $_GET['id'];
}
if (!$action)echo "<script>window.location='向mysql插入任何数据.php'</script>";
if ($action == "del")
{
$del_sql = mysql_query("delete from $TABLE_NAME where `id`='$id' ");
if($del_sql) {
echo "<script>\nalert(\"成功删除该记录!\");\nwindow.close();\n</script>";
exit;
}
else
echo "<script>\nalert(\"删除记录出错!\");\nwindow.close();\n</script>";
}
if ($action == "show")
{
$show_sql = mysql_query("select * from $TABLE_NAME where `id`='$id' ") or die("无法显示文件");
$show_result = mysql_fetch_object($show_sql);
$mine = $show_result->filetype;
Header("Content-type: $mine");
// echo "$mine ";
if (eregi("image", $mine))
{
echo $show_result->filecontent;
}
else
{
$text = htmlspecialchars($show_result->filecontent);
$text = nl2br($text);
$text = strtr($text, array('<' => '<', """ => "\"", "<br />" => "", "&" => "&", ">" => ">"));
echo "$text";
}
}
?>