Having trouble opening blob image from mysql with php - php

I'm kind of a noob so I don't know if I'm missing something small. The images are uploaded to the database just fine, but using this just gets me a blank square. I don't know if I'm missing something obvious?
$name = $_SESSION['username'];
$sql="SELECT pic FROM userinfo WHERE username = '$name'";
$result = mysqli_query($link,$sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$pic = base64_encode($row['pic']);
echo "<img height='300' width='300' style='padding-left:10px;' src='data:image/jpeg;base64,".$pic."'>";
}
}
The upload code, I'm 95% sure that the issue is somewhere in the upload process. I commented out what I was previously using to send the query.
$name = $_SESSION['username'];
$bio = $_POST['bio'];
$sql="UPDATE userinfo SET pic='$pic' WHERE username='$name'";
$stmt = $link->prepare($sql);
$stmt->bind_param("b", $pic);
$pic = base64_encode($_FILES['fileToUpload']['tmp_name']);
//$query = mysqli_query($link,$sql);
$stmt->execute();

Related

How to handle special characters in mysql

I have a form that users enter data in and it gets entered into a mysql database. The issue is when they have entered a "%" sign or other special characters it causes problems when my website is trying to display the record. It actually causes nothing to be shown for that record when displaying results. How do I fix this?
$query = "SELECT * FROM makerperk WHERE pid='$pid' LIMIT 1";
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
while($row = mysqli_fetch_assoc($result)) {
$makerid = $row['makerid'];
$name = $row['name'];
$title = $row['title'];
$perkdescription = $row['perkdescription'];
$image = $row['image'];
$perktype = $row['perktype'];
$restrictions = $row['restrictions'];
}

I think you should use PHP mysqli_real_escape_string
/*Escape input variable:*/
$pid = mysqli_real_escape_string($connection, $pid);
/*Run query with escaped string:*/
$query = "SELECT * FROM makerperk WHERE pid='$pid' LIMIT 1";
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
while($row = mysqli_fetch_assoc($result)) {
$makerid = $row['makerid'];
$name = $row['name'];
$title = $row['title'];
$perkdescription = $row['perkdescription'];
$image = $row['image'];
$perktype = $row['perktype'];
$restrictions = $row['restrictions'];
}

Displaying a date specific image from a databse

The aim is for a customer to upload their advert to the database, that triggers and email for approval. Once approved ad will display in location between the set dates.
I have written the code correctly to display by date and approval from an admin area. I just cannot get the image to display.
The code below details the process so far.
<?php
include('mysql_connect.php');{
$location='1';
}
$resultSet = $mysqli->query("SELECT * FROM adverts WHERE adloc = '$location' AND approval ='Y' ");
if($resultSet->num_rows > 0){
while($rows = $resultSet->fetch_assoc())
{
$id = $rows ['id'];
$start = $rows ['start'];
$end = $rows ['enddate'];
$business = $rows ['business'];
$email = $rows ['email'];
$tel = $rows ['tel'];
$web = $rows ['web'];
$advert = $rows ['image'];
$Date = date('Y-m-d');
$Date=date('Y-m-d', strtotime($Date));;
$DateBegin = date('Y-m-d', strtotime("$start"));
$DateEnd = date('Y-m-d', strtotime("$end"));
}
if (($Date > $DateBegin) && ($Date < $DateEnd))
{
echo "ADVERT";
echo '<img src="getad.php?id=$id">';
}
else
{
echo "FILLER IMAGE";
}
}
?>
The code for the getad.php file is as follows
if(isset($_GET['id']))
{
$id = mysqli_real_escape_string($_GET['id']);
$query = mysqli_query("SELECT * FROM adverts WHERE id= '$id'");
while ($row = mysqli_fetch_assoc($query))
{
$image = $row['image'];
}
header("content-type: image/jpeg");
echo $image;
}
else
{
echo "Error!";
}
?>
I am sure I can't be far off. The image is a JPEG LONGBLOB in the database.
Thank you.

Firstly, this is failing you:
$id = mysqli_real_escape_string($_GET['id']);
$query = mysqli_query("SELECT * FROM adverts WHERE id= '$id'");
Both of those functions require a database connection be passed and as the first parameter:
$id = mysqli_real_escape_string($mysqli, $_GET['id']);
$query = mysqli_query($mysqli, "SELECT * FROM adverts WHERE id= '$id'");
References:
http://php.net/manual/en/mysqli.real-escape-string.php
http://php.net/manual/en/mysqli.query.php
However, may need to use base64_decode:
header("content-type: image/jpeg");
echo base64_decode($image);
or
echo '<img src="data:image/gif;base64,' . $image . '" />';
Here is an example borrowed from https://stackoverflow.com/a/20564797/
$db = mysqli_connect("localhost","root","","DbName"); //keep your db name
$sql = "SELECT * FROM products WHERE id = $id";
$sth = $db->query($sql);
$result=mysqli_fetch_array($sth);
echo '<img src="data:image/jpeg;base64,'.base64_encode( $result['image'] ).'"/>';
For debugging purposes:
Add error reporting to the top of your file(s) which will help find errors.
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// rest of your code
Sidenote: Displaying errors should only be done in staging, and never production.
As well as or die(mysqli_error($mysqli)) to mysqli_query().

How can I unlink multiple images at once?

I have this code which will delete images with the category name from my database and but it only unlink one image from my images folder but I need it to unlink multiple images at once can anyone help here is an example of my code.
if(isset($_GET['delete'])) {
$delete_id = $_GET['delete'];
$sql = "SELECT image FROM images WHERE category = '$delete_id'";
$query = mysqli_query($connection,$sql) or die (mysqli_error());
while ($row = mysqli_fetch_array($query)){
$image = $row['image'];
$location_full_image = "../images/$image";
$location_thumb_image = "../images/thumbnails/$image";
#unlink($location_full_image);
#unlink($location_thumb_image);
$sql = "DELETE FROM images WHERE category = '$delete_id'";
$query = mysqli_query($connection,$sql) or die (mysqli_error());
}
}

try below code and make sure you are fetching right column from database which contains image name.
if(isset($_GET['delete'])) {
$delete_id = $_GET['delete'];
$sql = "SELECT image FROM images WHERE category = '$delete_id'";
$query = mysqli_query($connection,$sql) or die (mysqli_error());
while ($row = mysqli_fetch_array($query)){
$image = $row['image'];
#unlink('../images/'.$image);
#unlink('../images/thumbnails/'.$image);
$sql = "DELETE FROM images WHERE category = '$delete_id'";
$query = mysqli_query($connection,$sql) or die (mysqli_error());
}
}

Try this,
while ($row = mysqli_fetch_array($query)){
$image = $row['img'];
#unlink("images/".$image);
}

Troubles with updating BLOB on Mysql for thumbnail

I am trying to update and insert a created thumbnail into a MYSQL BLOB.
I have tried almost anything but can not get it to insert the created picture to the Database.
function update($email)
{
if(file_exists("$email.jpg"))
{
$image = "$email.jpg";
$tbl = 'tpctmembers';
$query1 = "SELECT image FROM $tbl WHERE email = '$email'";
$result = queryMysql($query1);
$rows = mysql_num_rows($result);
if($rows > 0)
{
$query2 = "UPDATE $tbl SET image ='$image' WHERE email ='$email'";
queryMysql($query2);
}
else
{
$query3 = "INSERT into $tbl(image) VALUES('$image') where email = '$email'";
queryMysql($query3);
}
}
}
Thank You !

You need to read the image file, and insert that data, not the string naming the file. See this tutorial.

Need Help With Implementing Simple Stuff with PHP and MYSQL

Here is my code -
<?php
$u = $_SESSION['username'];
while($fetchy = mysqli_fetch_array($allusers))
{
mysqli_select_db($connect,"button");
$select = "select * from button where sessionusername='$u' AND response = 'approve'";
$query = mysqli_query($connect,$select) or die('Oops, Could not connect');
$result= mysqli_fetch_array($query);
$email = mysqli_real_escape_string($connect,trim($result['onuser']));
echo $email;
if($email){
mysqli_select_db($connect,"users");
$select_name = "select name, icon from profile where email = '$email'";
$query_2 = mysqli_query($connect,$select_name) or die('Oops, Could not connect. Sorry.');
$results= mysqli_fetch_array($query_2);
$name = mysqli_real_escape_string($connect,trim($results['name']));
$icon = mysqli_real_escape_string($connect,trim($results['icon']));
echo $name;
}
}
NOw, there are two reponses in db. So, two names are getting echoed, but they both are SAME. Why so? Eg
DB - NAMEs - Apple and Orange.
Displayed - Apple Apple.
Database example -
SESSIONUSERNAME OnUSer
s#s.com apple
s#s.com orange
EDITED
Using #endophage's method -
AppleOrange and AppleOrange.

As your loop stands now, $u will always be the same, so $select will always have the same value, and so will $email, and so will $select_name, so it is no surprise that the same record keeps coming back.
Edit
If the $select_name query returns multiple results, then you need to loop through the results with a while loop like the other queries.

Try this, you had your while loop in the wrong place:
<?php
$u = $_SESSION['username'];
mysqli_select_db($connect,"button");
$select = "select * from button where sessionusername='$u' AND response = 'approve'";
$query = mysqli_query($connect,$select) or die('Oops, Could not connect');
while($result = mysqli_fetch_array($query))
{
$email = mysqli_real_escape_string($connect,trim($result['onuser']));
echo $email;
if($email){
mysqli_select_db($connect,"users");
$select_name = "select name, icon from profile where email = '$email'";
$query_2 = mysqli_query($connect,$select_name) or die('Oops, Could not connect. Sorry.');
$results= mysqli_fetch_array($query_2);
$name = mysqli_real_escape_string($connect,trim($results['name']));
$icon = mysqli_real_escape_string($connect,trim($results['icon']));
echo $name;
}
}

Categories