PHP PDO file upload and save to MySQL database results in obscure file breakage -

after lot of testing have realised going wrong file upload process, , resulting file(s) become mangled despite displaying correct file details - size, name, mime type etc. after lot of testing , trying different options i've realised problem not extraction/display error had first thought. breaking somewhere subtly during upload/db insertion process. file saved medium blob mysql field has binary attribute. can tell me i'm going wrong in code handling upload/storage process? no errors @ all.

 <form action="./app.fileupload.php?lnk=<?=$lnk?>" method="post" enctype="multipart/form-data">  <input type="hidden" name="max_file_size" value="5632000">  <label for='file'>filename:</label> <input type="file" name="file" id="file" style="cursor: pointer;">  <input class="button" style="margin-top: 12px;" type="submit" name="submit" value="upload" title="upload">  </form> <?php     if (isset($_post['submit'])) {         $temp = explode('.', $_files['file']['name']);         $extn = strtolower(end($temp));         if(($extn == "doc") || ($extn == "docx") || ($extn == "pdf")) {             // filetype correct. check size             if($_files['file']['size'] < 5632000) {                 // filesize below maximum permitted. add db.                 $mime = $_files['file']['type'];                 $size = $_files['file']['size'];                 $name = $_files['file']['name'];                 $tmpf = $_files['file']['tmp_name'];                 $file = fopen($_files['file']['tmp_name'], "rb");                  try {                     $stmt = $conn->prepare("insert $database.appfiles (`appid`, `uaid`, `uid`, `dateuploaded`, `applicationkey`, `filename`, `filemime`, `filesize`, `file`)                     values                     (?,?,?,?,?,?,?,?,?)");                      // bind values                     $stmt->bindparam(1, $appid, pdo::param_int, 11);                     $stmt->bindparam(2, $uaid, pdo::param_int, 11);                     $stmt->bindparam(3, $uid, pdo::param_int, 11);                     $stmt->bindparam(4, time(), pdo::param_int, 11);                     $stmt->bindparam(5, $applicationkey, pdo::param_str, 8);                     $stmt->bindparam(6, $name, pdo::param_str, 256);                     $stmt->bindparam(7, $mime, pdo::param_str, 128);                     $stmt->bindparam(8, $size, pdo::param_int, 20);                     $stmt->bindparam(9, $file, pdo::param_lob);                      // execute query                     $stmt->execute();                 } catch(pdoexception $e) { catchmysqlerror($e->getmessage()); }              } else {                 // filesize on our limit. send error message                 $error = "your file large. please read instructions file type , size, above.";             }         } else {             $error = "your file incorrect type. please read instructions file type , size, above.";         }     } ?> 

edit database info called including file @ top of page. file looks this:

<?php // database settings $hostname = "127.0.0.1"; $username = "nameinhere"; $password = "passwordinhere"; $database = "dbnamehere";  try {     $conn = new pdo("mysql:host=$hostname; dbname=$database", $username, $password);     $conn->setattribute(pdo::attr_errmode, pdo::errmode_exception);     $conn->exec("set character set utf8");      // sets encoding utf-8      // close database connection     //$conn = null;  } catch(pdoexception $e) {     echo $e->getmessage(); } ?> 

as things eventuated, there no problem @ php. prevented working setting on dev server, , worked without code change on production server when tested under hidden subdomain.

thanks attempted on this.

c