Simple download counter with admin panel

[Jaan]

Okay here i'm going to show you how to create a simple download counter for your site.

Let's start with admin panel.. it goes like this:

Create this table to your database:

SQL Code:

CREATE TABLE `download` (
`id` INT( 15 ) NOT NULL AUTO_INCREMENT ,
`linkname` VARCHAR( 50 ) NOT NULL ,
`linkurl` VARCHAR( 100 ) NOT NULL ,
`downloads` INT( 15 ) NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = InnoDB 

connect.php

PHP Code:

<?php
// Let's specify your database's info
$dbhost = "localhost";
$dbuname = "username";
$dbpass = "password";
$database = "database";

//Now let's connect to database
$con = mysql_connect($dbhost, $dbuname, $dbpass);
if(!$con){
die("Can not connect to database: ".mysql_error());
}

//Select your database
$selectdb = mysql_select_db($database, $con);
if(!$selectdb){
die("Can not select a database: ".mysql_error());
} 
?>

Later we will incude it in our files.. now let's create your admin panel.

admin.php

PHP Code:

<?php
include("connect.php");
?>
<html>
<head>
<title>Downloader's Admin Panel</title>
</head>
<body>
<table width="50%" align="center" border="1">
<tr>
<td align="center"><b><u>Admin panel</u></b></td>
</tr>
</table>
<table width="50%" align="center" border="1">
<tr>
<td align="center"><a href="?act=new">New link</a></td>
<td align="center"><a href="?act=update">Update link</a></td>
<td align="center"><a href="?act=delete">Delete link</a></td>
<td align="center"><a href="?act=view">View link</a></td>
</tr>
</table>
<table width="50%" align="center" border="1">
<tr>
<td valign="top" align="center">
<?php

// Now let's create our forms and actions
$act = $_GET['act'];
$do = $_GET['do'];
if((!isset($act) || empty($act)) && (!isset($do) || empty($do))){
echo "<br>Choose from menu what you would like to do.<br><br>";

//Create 'add new link' form
}elseif($act == "new"){
echo "<form action='?do=addnew' method='post'>"
    ."<center><b><u>Create a new link</u></b></center><br>"
    ."Link name: <br>"
    ."<input type='text' name='linkname' size='30'><br>"
    ."Link's address: <br>"
    ."<input type='text' name='linksaddress' size='30'><br>"
    ."<input type='submit' value='Add'>"
    ."</form>";
    
//Create 'update link' form
}elseif($act == "update"){
echo "<b><u>Update your link</u></b><br><br>";
echo "Select your link:<br><br>";
echo "<form action='?do=update' method='post'>"
    ."<select name='updatelink'>";
$query = mysql_query("SELECT * FROM download");
while($row = mysql_fetch_array($query)){
echo "<option value='".$row['linkname']."'>".$row['linkname']."</option";
}
echo "</select>"
    ."&nbsp;<input type='submit' value='Update'>"
    ."</form>";

//Create 'delete link' form
}elseif($act == "delete"){
echo "<b><u>Delete your link</u></b><br><br>";
echo "Select your link:<br><br>";
echo "<form action='?do=delete' method='post'>"
    ."<select name='delete'>";
$query = mysql_query("SELECT * FROM download");
while($row = mysql_fetch_array($query)){
echo "<option value='".$row['linkname']."'>".$row['linkname']."</option";
}
echo "</select>"
    ."&nbsp;<input type='submit' value='Delete'>"
    ."</form>";
    
//Create 'view link' form
}elseif($act == "view"){
echo "<b><u>View your link</u></b><br><br>";
echo "Select your link:<br><br>";
echo "<form action='?do=view' method='post'>"
    ."<select name='view'>";
$query = mysql_query("SELECT * FROM download");
while($row = mysql_fetch_array($query)){
echo "<option value='".$row['linkname']."'>".$row['linkname']."</option";
}
echo "</select>"
    ."&nbsp;<input type='submit' value='View'>"
    ."</form>";
}

//Create a new link
if($do == "addnew"){
$linkname = $_REQUEST['linkname'];
$linkurl = $_REQUEST['linksaddress'];
if(empty($linkname)){
die("<br>Please enter your link's name!<br><br>");
}
if(empty($linkurl)){
die("<br>Please enter your link's address!<br><br>");
}

if(isset($linkname) && isset($linkurl)){
$query = mysql_query("INSERT INTO download (linkname, linkurl, downloads) VALUES ('".$linkname."', '".$linkurl."', '0')");
if(!$query){
die("<br>Can not insert your link into database: ".mysql_error()."<br><br>");
}else{
echo "<br>".$linkname." has been inserted to database!<br><br>";
}
}

// Update your link
}elseif($do == "update"){

if(isset($_REQUEST['submit'])){
$lname = $_REQUEST['linkname'];
$lurl = $_REQUEST['linksaddress'];
$lid = $_REQUEST['id'];
$query1 = mysql_query("UPDATE download SET linkname='".$lname."' WHERE id='".$lid."'");
$query2 = mysql_query("UPDATE download SET downloads='0' WHERE id='".$lid."'");
if(!$query1 || !$query2){
die("<br>Can not update your link: ".mysql_error()."<br><br>");
}
$query3 = mysql_query("UPDATE download SET linkurl='".$lurl."' WHERE id='".$lid."'");
$query4 = mysql_query("UPDATE download SET downloads='0' WHERE id='".$lid."'");
if(!$query3 || !$query4){
die("<br>Can not update your link: ".mysql_error()."<br><br>");
}
echo "<br><br>Your link has been updated!<br><br>";
}

$linkname = $_REQUEST['updatelink'];
$query = mysql_query("SELECT * FROM download WHERE linkname='".$linkname."'");
$row = mysql_fetch_array($query);
$lname = $row['linkname'];
$lurl = $row['linkurl'];
$lid = $row['id'];
echo "<form action='?do=update' method='post'>"
    ."<center><b><u>Update link</u></b></center><br>"
    ."Link name: <br>"
    ."<input type='text' name='linkname' size='30' value='".$lname."'><br>"
    ."Link's address: <br>"
    ."<input type='text' name='linksaddress' size='30' value='".$lurl."'><br><br>"
    ."<input type='hidden' name='id' value='".$lid."'>"
    ."<input type='submit' value='Update' name='submit'>"
    ."</form>";


//Delete your link
}elseif($do == "delete"){
$lname = $_REQUEST['delete'];
$query = mysql_query("SELECT * FROM download WHERE linkname='".$lname."'");
$row = mysql_fetch_array($query);
$lname = $row['linkname'];
$lid = $row['id'];
$query = mysql_query("DELETE FROM download WHERE id='".$lid."'");
if(!$query){
die("Can not delete your link: ".mysql_error());
}else{
echo "<br>Your link has been deleted!<br><br>";
}

//View your link's information
}elseif($do == "view"){
$lname = $_REQUEST['view'];
$query = mysql_query("SELECT * FROM download WHERE linkname='".$lname."'");
$row = mysql_fetch_array($query);
$lname = $row['linkname'];
$lid = $row['id'];
$lurl = $row['linkurl'];
$ldownloads = $row['downloads'];
echo "<table width='100%' border='1'>"
    ."<tr>"
    ."<td><b><u>Link's ID</u></b></td>"
    ."<td><b><u>Link's name</u></b></td>"
    ."<td><b><u>Link's address</u></b></td>"
    ."<td><b><u>Link's downloads</u></b></td>"
    ."</tr>"
    ."<tr>"
    ."<td>".$lid."</td>"
    ."<td>".$lname."</td>"
    ."<td>".$lurl."</td>"
    ."<td>".$ldownloads."</td>"
    ."</tr>";
}
?>
</td>
</tr>
</table>
</body>
</html>

Now let's create a download files file..

download.php

PHP Code:

<?php
include("connect.php");
$id = $_GET['id'];
$query = mysql_query("SELECT * FROM download WHERE id='".$id."'");
$row = mysql_fetch_array($query);
$downloads = $row['downloads'];
$url = $row['linkurl'];
$newcount = $downloads+1;
$update = mysql_query("UPDATE download SET downloads='".$newcount."' WHERE id='".$id."'");
if(!$update){
die("Can not update downloads: ".mysql_error());
}
header("Location: ".$url."");
?>

Now all you have to do is add your download link to database.. then add it's link like this:

www.yoursite.com/download.php?id=1

and then you can view downloads from admin panel
it's so simple..

[John]

Nice tutorial, but users should note that this code is extremely vulnerable to SQL injections.

[Jaan]

yea it is because like i said.. it's simple..
like y'all see that i havent add any security things..

[John]

PHP Code:

$query = mysql_query("SELECT * FROM `download` WHERE id='".mysql_real_escape_string($id)."'"); 


As opposed to

PHP Code:

$query = mysql_query("SELECT * FROM download WHERE id='".$id."'"); 


doesn't make it much more complicated - but does make it a heck of a lot more secure. But nice tutorial none-the-less. What does the "ENGINE = InnoDB " at the end of the SQL table mean?

[Jaan]

i don't know.. i made that sql thingy in phpmyadmin ^^
i also test my scripts always when i write a tutorial.. but okay.. i'm gonna add those things to there..

[Jordan]

Nice tutorial! Rep given.

[Jaan]

Olalaa..
thanks