I am trying to save images in my database from HTML form. I have written PHP code to accomplish this task. The program is not generating any error message, but also not inserting image data in MySQL database. Kindly check it.
Here i am sharing a excerpt from my code.
/*-------------------
IMAGE QUERY
---------------*/
$file =$_FILES[\'image\'][\'tmp_name\'];
if(!isset($file))
{
echo \'Please select an Image\';
}
else
{
$image_check = getimagesize($_FILES[\'image\'][\'tmp_name\']);
if($image_check==false)
{
echo \'Not a Valid Image\';
}
else
{
$image = file_get_contents ($_FILES[\'image\'][\'tmp_name\']);
$image_name = $_FILES[\'image\'][\'name\'];
if ($image_query = mysql_query (\"insert into product_images values (1,\'$image_name\',$image )\"))
{
echo $current_id;
//echo \'Successfull\';
}
else
{
echo mysql_error();
}
}
}
/*-----------------
IMAGE QUERY END
---------------------*/
<form action=\'insert_product.php\' method=\'POST\' enctype=\'multipart/form-data\' ></br>
File : <input type=\'file\' name= \'image\' >
</form>
Error Message
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near \'\' at line 1
Firstly, you should check if your image column is BLOB type!
I don\'t know anything about your SQL table, but if I\'ll try to make my own as an example.
We got fields id (int), image (blob) and image_name (varchar(64)).
So the code should look like this (assume ID is always \'1\' and let\'s use this mysql_query):
$image = addslashes(file_get_contents($_FILES[\'image\'][\'tmp_name\'])); //SQL Injection defence!
$image_name = addslashes($_FILES[\'image\'][\'name\']);
$sql = \"INSERT INTO `product_images` (`id`, `image`, `image_name`) VALUES (\'1\', \'{$image}\', \'{$image_name}\')\";
if (!mysql_query($sql)) { // Error handling
echo \"Something went wrong! :(\";
}
You are doing it wrong in many ways. Don\'t use mysql functions - they are deprecated! Use PDO or MySQLi. You should also think about storing files locations on disk. Using MySQL for storing images is thought to be Bad Idea™. Handling SQL table with big data like images can be problematic.
Also your HTML form is out of standards. It should look like this:
<form action=\"insert_product.php\" method=\"POST\" enctype=\"multipart/form-data\">
<label>File: </label><input type=\"file\" name=\"image\" />
<input type=\"submit\" />
</form>
Sidenote:
When dealing with files and storing them as a BLOB, the data must be escaped using mysql_real_escape_string(), otherwise it will result in a syntax error.
Just few more details:
`image` blob
$image = addslashes(file_get_contents($_FILES[\'image\'][\'tmp_name\']));
- Insert image data into db
$sql = \"INSERT INTO `product_images` (`id`, `image`) VALUES (\'1\', \'{$image}\')\";
<img src=\"data:image/png;base64,\'.base64_encode($row[\'image\']).\'\">
This is the perfect code for uploading and displaying image through MySQL database.
<html>
<body>
<form method=\"post\" enctype=\"multipart/form-data\">
<input type=\"file\" name=\"image\"/>
<input type=\"submit\" name=\"submit\" value=\"Upload\"/>
</form>
<?php
if(isset($_POST[\'submit\']))
{
if(getimagesize($_FILES[\'image\'][\'tmp_name\'])==FALSE)
{
echo \" error \";
}
else
{
$image = $_FILES[\'image\'][\'tmp_name\'];
$image = addslashes(file_get_contents($image));
saveimage($image);
}
}
function saveimage($image)
{
$dbcon=mysqli_connect(\'localhost\',\'root\',\'\',\'dbname\');
$qry=\"insert into tablename (name) values (\'$image\')\";
$result=mysqli_query($dbcon,$qry);
if($result)
{
echo \" <br/>Image uploaded.\";
header(\'location:urlofpage.php\');
}
else
{
echo \" error \";
}
}
?>
</body>
</html>
How to INSERT INTO DB?
<html>
<head>
<title>Uploads</title>
</head>
<body>
<input type=\"file\" name=\"file_array[]\"/>
<input type=\"file\" name=\"file_array[]\"/>
<input type=\"file\" name=\"file_array[]\"/>
<input type=\"submit\" name=\"submit\"/>
</body>
</html>
<?php
if(isset($_FILES[\'file_array\']))
{
$name_array = $_FILES[\'file_array\'][\'name\'];
$tmp_name_array = $_FILES[\'file_array\'][\'tmp_name\'];
$type_array = $_FILES[\'file_array\'][\'type\'];
$size_array = $_FILES[\'file_array\'][\'size\'];
$error_array = $_FILES[\'file_array\'][\'error\'];
$dir = \"slideshow\";
for($i = 0; $i<count($tmp_name_array); $i++)
{
if(move_uploaded_file($tmp_name_array,\"slideshow/\".$name_array))
{
echo $name_array[$i].\"Upload is complete<br>\";
} else {
echo\"Move_uploaded_file function failed for\".$name_array[$i].\"<br>\";
}
}
}
?>
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 与风俱净 的文章《How to upload images into MySQL database using PHP》','https://www.manongdao.com/article-1614.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}