1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 9:59 am Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Uploading and displaying pictures with PHP and MySQL

         

Sub_Seven

10:54 pm on Dec 20, 2010 (gmt 0)

10+ Year Member



Hello people,

I am trying to learn how to upload and display pictures using PHP and MySQL, as always I tried to learn by reading but now some issues have come across and I need to ask for guidance, it looks like I can upload the image as there is one row in the database with the image's name and other attributes, here is my code for uploading the image:
<?php
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];

$fp = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);

if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
}
include 'connect.php';

$query = "INSERT INTO upload (name, size, type, content ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$content')";

mysql_query($query) or die('Error, query failed');
//include 'library/closedb.php';

echo "<br>File $fileName uploaded<br>";
}
?>

<html>
<head>
</head>
<body>
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="2000000">
<input name="userfile" type="file" id="userfile">
<input name="upload" type="submit" class="box" id="upload" value=" Upload ">
</form>
</body>
</html>


This kinda seems to work fine as (then again) the image appears on the database as seen from phpmyadmin.

This is my first question: Where was the image uploaded to? Because I can't seem to find it when I browse my server for that file name.

These are the codes for displaying the image (this is not working at all):
<html>
<head>
</head>
<body>
Picture:<br>
<img src=picscript.php?imname=moss.jpg />
</body>
</html>


picscript.php:
<?php
mysql_connect("localhost","user","pass");
mysql_select_db("people");
$image = stripslashes($_REQUEST[imname]);
$rs = mysql_query("select * from upload where filename=\"".
addslashes($image).".jpg\"");
$row = mysql_fetch_assoc($rs);
$imagebytes = $row[imgdata];
header("Content-type: image/jpeg");
print $imagebytes;
?>


Could anybody help me out a little please? Thanks

Readie

12:03 am on Dec 21, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I would hazard a guess that it's because you are not running stripslashes() on the actual data you are retrieving from the database when outputting the image. Give that a try and see if it works.

Furthermore, to find where the image is uploaded, you can print_r($_FILES); when uploading the image in the first place. However that will simply tell you the temporary files directory - you are actually saving the image data in your MySQL database.

Sub_Seven

4:45 pm on Dec 21, 2010 (gmt 0)

10+ Year Member



Readie

Am I not running stripslashes() on my picscript.php in this line:

$image = stripslashes($_REQUEST[imname]);

Or are you referring to something else?

rocknbil

6:38 pm on Dec 22, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Right, you are storing the uploaded data in "$content" then storing that in a database field, which is never a great idea (though some do it.) You'd have to request that database field, output the appropriate content type header prior to outputting the image, then output the field content - which is bereft with challenges (example: what header to output? .gif? jpg? png?)

You missed only a small part here: move_uploaded_file [php.net] to keep it on the file system instead. Then you just store the file name and keep your DB lean and mean. You can then skip reading the uploaded file at all.

Readie

10:32 pm on Dec 22, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member 



print $imagebytes;


I was referring to this line, and I meant to say try changing it to this: 

print stripslashes($imagebytes);


:)
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 9:59 am Apr 28, 2026