Tip: Click here to scan for System Errors and Optimize PC performance

July 3rd, 2009, 1:54 am

I am trying to upload images to a MySQL database, along with some other data.

The HTML page, containing the upload from looks like this:

Code: [ Download ] [ Select ]

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
 
<body>
<form method="post" action="insert.php" enctype="multipart/form-data">
    <p>Your name:<br>
    <input type="text" name="form_visitor"  size="40">
    <br>Loved ones name:<br>
    <input type="text" name="form_lovedone"  size="40">
    <input type="hidden" name="MAX_FILE_SIZE" value="1000000">
    <br>File to upload/store in database:<br>
    <input type="file" name="form_data"  size="40">
    <br>Comments:<br>
    <input type="text" name="form_comment" size="50">
    </p>
    <input type="submit" name="submit" value="submit">
</form>
</body>
</html>
 

1. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2. <html xmlns="http://www.w3.org/1999/xhtml">
3. <head>
4. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5. <title>Untitled Document</title>
6. </head>
7.  
8. <body>
9. <form method="post" action="insert.php" enctype="multipart/form-data">
10.     <p>Your name:<br>
11.     <input type="text" name="form_visitor"  size="40">
12.     <br>Loved ones name:<br>
13.     <input type="text" name="form_lovedone"  size="40">
14.     <input type="hidden" name="MAX_FILE_SIZE" value="1000000">
15.     <br>File to upload/store in database:<br>
16.     <input type="file" name="form_data"  size="40">
17.     <br>Comments:<br>
18.     <input type="text" name="form_comment" size="50">
19.     </p>
20.     <input type="submit" name="submit" value="submit">
21. </form>
22. </body>
23. </html>
24.  

And the PHP file for adding the data is like it:

Code: [ Download ] [ Select ]

<?php
$con = mysql_connect("localhost","user","pass");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
 
mysql_select_db("database_name", $con);
 
if(!$data = addslashes(@fread(@fopen($dir.'/'.$file, "r"), @filesize($dir.'/'.$file)))){
   die('Cannot create $data');
}
 
@fclose($dir.'/'.$file);
 
$sql="INSERT INTO commentbook (visitor , lovedone, bin_data, filename, filesize, filetype, comment, id)
VALUES
('$_POST[form_visitor]','$_POST[form_lovedone]','$_POST[data]','$_POST[form_data_name]','$_POST[form_data_size]','$_POST[form_data_type]','$_POST[form_comment]','')";
 
if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";
 
mysql_close($con)
?>

1. <?php
2. $con = mysql_connect("localhost","user","pass");
3. if (!$con)
4.   {
5.   die('Could not connect: ' . mysql_error());
6.   }
7.  
8. mysql_select_db("database_name", $con);
9.  
10. if(!$data = addslashes(@fread(@fopen($dir.'/'.$file, "r"), @filesize($dir.'/'.$file)))){
11.    die('Cannot create $data');
12. }
13.  
14. @fclose($dir.'/'.$file);
15.  
16. $sql="INSERT INTO commentbook (visitor , lovedone, bin_data, filename, filesize, filetype, comment, id)
17. VALUES
18. ('$_POST[form_visitor]','$_POST[form_lovedone]','$_POST[data]','$_POST[form_data_name]','$_POST[form_data_size]','$_POST[form_data_type]','$_POST[form_comment]','')";
19.  
20. if (!mysql_query($sql,$con))
21.   {
22.   die('Error: ' . mysql_error());
23.   }
24. echo "1 record added";
25.  
26. mysql_close($con)
27. ?>

I have had the form uploading all data except the image, but currently it is not uploading anything

Any ideas?

[Rabid Dog]

July 3rd, 2009, 11:53 am

I wrote a tutorial on this

Check out http://www.rabiddog.co.za/tutorial.php? ... usingMySQL

Gimme a shout if you need any help

July 6th, 2009, 1:19 am

I seem to be getting an unexpected " on the following line;

VALUES("" . addslashes($dataRead) "",

Any ideas?

[Rabid Dog]

July 6th, 2009, 2:34 am

have you done any work with PHP?

Code: [ Download ] [ Select ]

 
$query = "INSERT INTO ImageTable(imageData,imageType)
          VALUES(\"" . addslashes($dataRead) . "\",
                 \"" . mysql_escape_string($fType) . "\");";
 

1.  
2. $query = "INSERT INTO ImageTable(imageData,imageType)
3.           VALUES(\"" . addslashes($dataRead) . "\",
4.                  \"" . mysql_escape_string($fType) . "\");";
5.  

I had the slashes and dots in there, just seems that the manager I wrote initially took them out. So I have fixed the tutorial. Thanks for pointing it out

July 6th, 2009, 3:07 am

Hmm still not working, not even getting any errors now, just not uploading to the database.

This is the PHP that I am using:

Code: [ Download ] [ Select ]

 
<?php
$server = "localhost";
$username = "username";
$password = "password";
 
$dbHandle = mysql_connect($server,$username,$password)
            or die("unable to conect to database server");
 
mysql_select_db("database_name")
                or die ("Couldn't use Database");
 
 
$upload= (empty($_FILES['image'])) ? 0 : $_FILES['image'];
$fileName = $upload['tmp_name'];
$fType = $upload['type'];
$size = $upload['size'];
$timer = $size * 1024;
set_time_limit($timer);
 
$open = fopen($fileName,"r");
$data_read = fread($open, $size);
fclose($open);
$query = "INSERT INTO ImageTable(imageData,imageType)
          VALUES(\"" . addslashes($dataRead) . "\",
                 \"" . mysql_escape_string($fType) . "\");";
?>
 

1.  
2. <?php
3. $server = "localhost";
4. $username = "username";
5. $password = "password";
6.  
7. $dbHandle = mysql_connect($server,$username,$password)
8.             or die("unable to conect to database server");
9.  
10. mysql_select_db("database_name")
11.                 or die ("Couldn't use Database");
12.  
13.  
14. $upload= (empty($_FILES['image'])) ? 0 : $_FILES['image'];
15. $fileName = $upload['tmp_name'];
16. $fType = $upload['type'];
17. $size = $upload['size'];
18. $timer = $size * 1024;
19. set_time_limit($timer);
20.  
21. $open = fopen($fileName,"r");
22. $data_read = fread($open, $size);
23. fclose($open);
24. $query = "INSERT INTO ImageTable(imageData,imageType)
25.           VALUES(\"" . addslashes($dataRead) . "\",
26.                  \"" . mysql_escape_string($fType) . "\");";
27. ?>
28.  

[Rabid Dog]

July 6th, 2009, 3:38 am

Can you echo out some data so we can debug this thing? Prehaps echo things like file size etc.

Also please make sure the they $POST index keys match the names you have given them in the form. I can see you have retained $POST['image'] where it should be $POST['form_data'].

You are going to have to adjust the script you found in the tutorial page to fit your requirements.

If you read the entire tutorial you would notice that the table structure is

Code: [ Download ] [ Select ]

[ImageTable]
id (bigint, primary key)
imageData (blob)
imageType (varchar(50))

1. [ImageTable]
2. id (bigint, primary key)
3. imageData (blob)
4. imageType (varchar(50))

and the form structure is

Code: [ Download ] [ Select ]

< form method="post" action="uploadImage.php"
enctype="multipart/form-data">
< input type="file" name="image" />
< input type="submit" value=" Upload " />
< /form>

1. < form method="post" action="uploadImage.php"
2. enctype="multipart/form-data">
3. < input type="file" name="image" />
4. < input type="submit" value=" Upload " />
5. < /form>

July 6th, 2009, 4:45 am

Hmm, I tried echoing the data and I am getting results with that, something like this;
size - 4388
temp name - /tmp/phpLl1740
type - image/gif

I have also changed something in the php file, as I noticed a couple of problems, so now using:

Code: [ Download ] [ Select ]

<?php
$server = "localhost";
$username = "username";
$password = "pass";

$dbHandle = mysql_connect($server,$username,$password)
            or die("Unable to conect to database server");

mysql_select_db("datbase-name")
                or die ("Couldn't use Database");

$upload= (empty($_FILES['image'])) ? 0 : $_FILES['image'];
$fileName = $upload['tmp_name'];
$fType = $upload['type'];
$size = $upload['size'];
$timer = $size * 1024;
set_time_limit($timer);

$open = fopen($fileName,"r");
$data_read = fread($open, $size);
fclose($open);
$query = "INSERT INTO commentbook(imageData,imageType)
         VALUES(\"" . addslashes($data_read) . "\",
                \"" . mysql_escape_string($fType) . "\");";
        
echo "size - $size";
echo "</br>";
echo "temp name - $fileName";
echo "</br>";
echo "type - $fType";

?>

1. <?php
2. $server = "localhost";
3. $username = "username";
4. $password = "pass";
6. $dbHandle = mysql_connect($server,$username,$password)
7.             or die("Unable to conect to database server");
9. mysql_select_db("datbase-name")
10.                 or die ("Couldn't use Database");
12. $upload= (empty($_FILES['image'])) ? 0 : $_FILES['image'];
13. $fileName = $upload['tmp_name'];
14. $fType = $upload['type'];
15. $size = $upload['size'];
16. $timer = $size * 1024;
17. set_time_limit($timer);
19. $open = fopen($fileName,"r");
20. $data_read = fread($open, $size);
21. fclose($open);
22. $query = "INSERT INTO commentbook(imageData,imageType)
23.          VALUES(\"" . addslashes($data_read) . "\",
24.                 \"" . mysql_escape_string($fType) . "\");";
25.         
26. echo "size - $size";
27. echo "</br>";
28. echo "temp name - $fileName";
29. echo "</br>";
30. echo "type - $fType";
32. ?>

The databse is set out the same as yours, apart from the table name, which I have changed. So there seems to be a problem with the inserting into the table???

[Rabid Dog]

July 6th, 2009, 4:58 am

HAHAHHAHAHA I just noticed now you not executing the query! You have to execute the query against the database to put it into the db the $query variable is just a formatted sql statement.

if you check the tutorial page it links to a page that tells you how to execute queries against the mysql database

Code: [ Download ] [ Select ]

// execute your query against the database here.
// Connecting to a MySql Database

1. // execute your query against the database here.
2. // Connecting to a MySql Database

http://www.rabiddog.co.za/tutorial.php? ... qlDatabase

July 6th, 2009, 5:39 am

Can you tell I am a little new to this

Thanks that seems to of worked fine.

I have now added a few other fields to the database and added these to the form. I have tried adding these to the INSERT query, the dtabase entries and the form entries, like this:

Code: [ Download ] [ Select ]

$query = "INSERT INTO commentbook(imageData,imageType,visitor,lovedone,comment)
         VALUES(\"" . addslashes($data_read) . "\",
                \"" . mysql_escape_string($fType) . "\",
                visitor,
                lovedone,
                comment);";

1. $query = "INSERT INTO commentbook(imageData,imageType,visitor,lovedone,comment)
2.          VALUES(\"" . addslashes($data_read) . "\",
3.                 \"" . mysql_escape_string($fType) . "\",
4.                 visitor,
5.                 lovedone,
6.                 comment);";

But no luck, the images are still getting added, but the other information is not.

[Rabid Dog]

July 6th, 2009, 6:00 am

Code: [ Download ] [ Select ]

$query = "INSERT INTO commentbook(imageData,imageType,visitor,lovedone,comment)
         VALUES(\"" . addslashes($data_read) . "\",
                \"" . mysql_escape_string($fType) . "\",
                visitor,
                lovedone,
                comment);";

1. $query = "INSERT INTO commentbook(imageData,imageType,visitor,lovedone,comment)
2.          VALUES(\"" . addslashes($data_read) . "\",
3.                 \"" . mysql_escape_string($fType) . "\",
4.                 visitor,
5.                 lovedone,
6.                 comment);";

where are you assigning values to the visitor, lovedone and comment you want to insert? Prehaps I can help by explaining the structure of the query

Code: [ Download ] [ Select ]

$query = "INSERT INTO commentbook(imageData,imageType,visitor,lovedone,comment)
         VALUES(\"" . addslashes($data_read) . "\",
                \"" . mysql_escape_string($fType) . "\",
                visitor,
                lovedone,
                comment);";
//commentbook(imageData,imageType,visitor,lovedone,comment)
//commentbook is the name of the table
//imageData, imageType, visitor, lovedone, comment are the names of
//the columns that data is going to be inserted into

//Anything between the VALUES brackets needs to be assigned a value
//so $data_read contains the byte array, $fType contains the file type value
// visitor should be declared something to the effect of $visitor etc

1. $query = "INSERT INTO commentbook(imageData,imageType,visitor,lovedone,comment)
2.          VALUES(\"" . addslashes($data_read) . "\",
3.                 \"" . mysql_escape_string($fType) . "\",
4.                 visitor,
5.                 lovedone,
6.                 comment);";
7. //commentbook(imageData,imageType,visitor,lovedone,comment)
8. //commentbook is the name of the table
9. //imageData, imageType, visitor, lovedone, comment are the names of
10. //the columns that data is going to be inserted into
12. //Anything between the VALUES brackets needs to be assigned a value
13. //so $data_read contains the byte array, $fType contains the file type value
14. // visitor should be declared something to the effect of $visitor etc

I can only help you if you post the form you are using so I can see the name values of your input

Just in closing on this post your query might be better off like this

Code: [ Download ] [ Select ]

$query = "INSERT INTO commentbook(imageData,imageType,visitor,lovedone,comment)
         VALUES(\"" . addslashes($data_read) . "\",
                \"" . mysql_escape_string($fType) . "\",
                \"" . mysql_escape_string($visitor) . "\",
                \"" . mysql_escape_string($lovedone) . "\",
                \"" . mysql_escape_string($comment) . "\");";

1. $query = "INSERT INTO commentbook(imageData,imageType,visitor,lovedone,comment)
2.          VALUES(\"" . addslashes($data_read) . "\",
3.                 \"" . mysql_escape_string($fType) . "\",
4.                 \"" . mysql_escape_string($visitor) . "\",
5.                 \"" . mysql_escape_string($lovedone) . "\",
6.                 \"" . mysql_escape_string($comment) . "\");";

I could go into detail about creating a formatted string template then returning a formatted string as opposed to dynamically concating the entire string but I figured I would keep it simple or now Try the above and see what happenes

[George L.]

July 6th, 2009, 6:05 am

gromituk2k wrote:

I am trying to upload images to a MySQL database, along with some other data.

The HTML page, containing the upload from looks like this:

Code: [ Download ] [ Select ]

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
 
<body>
<form method="post" action="insert.php" enctype="multipart/form-data">
    <p>Your name:<br>
    <input type="text" name="form_visitor"  size="40">
    <br>Loved ones name:<br>
    <input type="text" name="form_lovedone"  size="40">
    <input type="hidden" name="MAX_FILE_SIZE" value="1000000">
    <br>File to upload/store in database:<br>
    <input type="file" name="form_data"  size="40">
    <br>Comments:<br>
    <input type="text" name="form_comment" size="50">
    </p>
    <input type="submit" name="submit" value="submit">
</form>
</body>
</html>
 

1. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2. <html xmlns="http://www.w3.org/1999/xhtml">
3. <head>
4. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5. <title>Untitled Document</title>
6. </head>
7.  
8. <body>
9. <form method="post" action="insert.php" enctype="multipart/form-data">
10.     <p>Your name:<br>
11.     <input type="text" name="form_visitor"  size="40">
12.     <br>Loved ones name:<br>
13.     <input type="text" name="form_lovedone"  size="40">
14.     <input type="hidden" name="MAX_FILE_SIZE" value="1000000">
15.     <br>File to upload/store in database:<br>
16.     <input type="file" name="form_data"  size="40">
17.     <br>Comments:<br>
18.     <input type="text" name="form_comment" size="50">
19.     </p>
20.     <input type="submit" name="submit" value="submit">
21. </form>
22. </body>
23. </html>
24.  

And the PHP file for adding the data is like it:

Code: [ Download ] [ Select ]

<?php
$con = mysql_connect("localhost","user","pass");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
 
mysql_select_db("database_name", $con);
 
if(!$data = addslashes(@fread(@fopen($dir.'/'.$file, "r"), @filesize($dir.'/'.$file)))){
   die('Cannot create $data');
}
 
@fclose($dir.'/'.$file);
 
$sql="INSERT INTO commentbook (visitor , lovedone, bin_data, filename, filesize, filetype, comment, id)
VALUES
('$_POST[form_visitor]','$_POST[form_lovedone]','$_POST[data]','$_POST[form_data_name]','$_POST[form_data_size]','$_POST[form_data_type]','$_POST[form_comment]','')";
 
if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";
 
mysql_close($con)
?>

1. <?php
2. $con = mysql_connect("localhost","user","pass");
3. if (!$con)
4.   {
5.   die('Could not connect: ' . mysql_error());
6.   }
7.  
8. mysql_select_db("database_name", $con);
9.  
10. if(!$data = addslashes(@fread(@fopen($dir.'/'.$file, "r"), @filesize($dir.'/'.$file)))){
11.    die('Cannot create $data');
12. }
13.  
14. @fclose($dir.'/'.$file);
15.  
16. $sql="INSERT INTO commentbook (visitor , lovedone, bin_data, filename, filesize, filetype, comment, id)
17. VALUES
18. ('$_POST[form_visitor]','$_POST[form_lovedone]','$_POST[data]','$_POST[form_data_name]','$_POST[form_data_size]','$_POST[form_data_type]','$_POST[form_comment]','')";
19.  
20. if (!mysql_query($sql,$con))
21.   {
22.   die('Error: ' . mysql_error());
23.   }
24. echo "1 record added";
25.  
26. mysql_close($con)
27. ?>

I have had the form uploading all data except the image, but currently it is not uploading anything

Any ideas?

There is a simple solution to this. I am not sure if I am hearing right or you are doing a totally different thing.

Can you tell me, what exactly do you want to do with the image?

[Rabid Dog]

July 6th, 2009, 6:10 am

He is trying to upload an image to the server and write it to the database along with a few other variables. Writing the data to the database is the key here

[George L.]

July 6th, 2009, 6:15 am

Okay, there is this 'lazy' work here but I do not think you and him would like it.

I am going to just stop here.

/*Is he going to just store the images in the database, Rabid Dog?

July 6th, 2009, 6:19 am

Seem to be getting the strangest of problems now. The extra fields that I have added, onlt the first character is getting added to the database.

The PHP I am using is:

Code: [ Download ] [ Select ]

 
<?php
 
$server = "localhost";
$username = "user";
$password = "pass";
 
$dbHandle = mysql_connect($server,$username,$password)
            or die("Unable to conect to database server");
 
mysql_select_db("databse-name")
                or die ("Couldn't use Database");
 
$upload= (empty($_FILES['image'])) ? 0 : $_FILES['image'];
$fileName = $upload['tmp_name'];
$fType = $upload['type'];
$size = $upload['size'];
$timer = $size * 1024;
set_time_limit($timer);
$visitor = $visitor['visitor'];
$lovedone = $lovedone['lovedone'];
$comment = $comment['comment'];
 
$open = fopen($fileName,"r");
$data_read = fread($open, $size);
fclose($open);
$query = "INSERT INTO commentbook(id,imageData,imageType,visitor,lovedone,comment)
          VALUES(\"" . addslashes($data_read) . "\",
                 \"" . mysql_escape_string($fType) . "\",
                 \"" . mysql_escape_string($fType) . "\",
                 \"" . mysql_escape_string($visitor) . "\",
                 \"" . mysql_escape_string($lovedone) . "\",
                 \"" . mysql_escape_string($comment) . "\");";
 
mysql_query($query, $dbHandle);
if(mysql_affected_rows($dbHandle) > 0){
  echo "Successfully inserted data </br>";
}else{
  echo mysql_error();
}
 
echo "size - $size";
echo "</br>";
echo "temp name - $fileName";
echo "</br>";
echo "type - $fType";
 
?>

1.  
2. <?php
3.  
4. $server = "localhost";
5. $username = "user";
6. $password = "pass";
7.  
8. $dbHandle = mysql_connect($server,$username,$password)
9.             or die("Unable to conect to database server");
10.  
11. mysql_select_db("databse-name")
12.                 or die ("Couldn't use Database");
13.  
14. $upload= (empty($_FILES['image'])) ? 0 : $_FILES['image'];
15. $fileName = $upload['tmp_name'];
16. $fType = $upload['type'];
17. $size = $upload['size'];
18. $timer = $size * 1024;
19. set_time_limit($timer);
20. $visitor = $visitor['visitor'];
21. $lovedone = $lovedone['lovedone'];
22. $comment = $comment['comment'];
23.  
24. $open = fopen($fileName,"r");
25. $data_read = fread($open, $size);
26. fclose($open);
27. $query = "INSERT INTO commentbook(id,imageData,imageType,visitor,lovedone,comment)
28.           VALUES(\"" . addslashes($data_read) . "\",
29.                  \"" . mysql_escape_string($fType) . "\",
30.                  \"" . mysql_escape_string($fType) . "\",
31.                  \"" . mysql_escape_string($visitor) . "\",
32.                  \"" . mysql_escape_string($lovedone) . "\",
33.                  \"" . mysql_escape_string($comment) . "\");";
34.  
35. mysql_query($query, $dbHandle);
36. if(mysql_affected_rows($dbHandle) > 0){
37.   echo "Successfully inserted data </br>";
38. }else{
39.   echo mysql_error();
40. }
41.  
42. echo "size - $size";
43. echo "</br>";
44. echo "temp name - $fileName";
45. echo "</br>";
46. echo "type - $fType";
47.  
48. ?>

And the HTML form is:

Code: [ Download ] [ Select ]

 
<form method="post" action="insert.php"
 enctype="multipart/form-data">
  <p>
  <input type="file" name="image" />
  </p>
  <p>
          Name:
      <input type="text" name="visitor" />
  </p>
  <p>
    Loved one:
    <input type="text" name="lovedone"/>
  </p>
  <p>
      Comment:
      <textarea name="comment" cols="45" rows="5"></textarea>
  </p>
  <p>
    <input type="submit" value=" Upload " />
  </p>
</form>
 

1.  
2. <form method="post" action="insert.php"
3.  enctype="multipart/form-data">
4.   <p>
5.   <input type="file" name="image" />
6.   </p>
7.   <p>
8.           Name:
9.       <input type="text" name="visitor" />
10.   </p>
11.   <p>
12.     Loved one:
13.     <input type="text" name="lovedone"/>
14.   </p>
15.   <p>
16.       Comment:
17.       <textarea name="comment" cols="45" rows="5"></textarea>
18.   </p>
19.   <p>
20.     <input type="submit" value=" Upload " />
21.   </p>
22. </form>
23.  

The extra entries in the table are two varchar(50) and one longtext.

[Rabid Dog]

July 6th, 2009, 6:23 am

George L. wrote:

Okay, there is this 'lazy' work here but I do not think you and him would like it.

I am going to just stop here.

/*Is he going to just store the images in the database, Rabid Dog?

Yes he is