How to insert an image into mysql table?

Question

I have created a form for the admin of my website through which he can enter new stock into the mysql table laptops, the form has 6 fields 1. Modelno 2. CPU 3. RAM 4. HDD 5. Display 6. Upload

When the file is being uploaded its going to the assigned directory which is like half the battle one, the table laptop has a field pic of type BLOB, how do I insert data into that field?

the html code for form is as follows:

<html>
<head>
</head>
<body>
<form action="stockm.php" method="post">
<table cellspacing="10">
<tr>
<td>
Model No:
</td>
<td>
<input type="text" name="fname">
</td>
</tr>
<tr>
<td>
C.P.U:
</td>
<td>
<input type="text" name="fcpu">
</td>
</tr>
<tr>
<td>
RAM:
</td>
<td>
<input type="text" name="fram">
</td>
</tr>
<td>
HDD:
</td>
<td>
<input type="text" name="fhdd">
</td>
</tr>
<td>
Display:
</td>
<td>
<input type="text" name="fdisplay">
</td>
</tr>
<tr>
<td>
Upload: 
</td>
<td>
<input type="file" name="file" id="file"><br>
</td>
</tr>
<tr>
<td>
</td>
<td>
<input type="submit" name="fsubmit" value="Deposit"> 
</table>
</form>
</body>
</html>

and the code for data entry is this, please tell me what I need to add?

<html>
<head>
</head>
<body>
<?php
$con=mysqli_connect("localhost","****","******","stock");
// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

$sql="INSERT INTO Laptops (Modelno, Cpu, RAM, HDD, Display)
VALUES
('$_POST[fname]','$_POST[fcpu]','$_POST[fram]','$_POST[fhdd]','$_POST[fdisplay]')";

if (!mysqli_query($con,$sql))
  {
  die('Error: ' . mysqli_error($con));
  }
echo "1 record added";

mysqli_close($con);
?>
</body>
</html>

Thank You in advance

Do what sensible people do: store the image itself in the server filesystem, and store the filename in the database — Mark Baker, Aug 02 '13 at 09:46
You are **vulnerable to** [**SQL injection attacks**](http://bobby-tables.com/) and need to [learn how to prevent them](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php). — DCoder, Aug 02 '13 at 09:51

score 2 · Answer 1 · edited May 23 '17 at 12:28

2

Its usually recommended that you do not store the image directly into the database. Instead store the image location on your server, name & other attributes.

But if you would like to store it in table directly anyway, there is a LOAD_FILE function in mysql you can use.

Refer to this question. the answers might be helpful.

edited May 23 '17 at 12:28

Community

1
1

answered Aug 02 '13 at 09:50

dewdrops

277
2
8

score 0 · Answer 2 · answered Aug 02 '13 at 09:46

0

configure your table to blob, and base64 encode your image before to put them into table

answered Aug 02 '13 at 09:46

Someoneinthe

372
1
9

score 0 · Answer 3 · answered Aug 02 '13 at 09:48

0

In general practice, we upload the image file to web server, then save the file path information in database server.

With this approach, database size can be kept small

answered Aug 02 '13 at 09:48

Raptor

53,206
45
230
366

chirag ode · Answer 4 · 2013-08-16T10:46:30.803

-1

<?php
$con=mysqli_connect("localhost","cao","sTvs3bRmfvmWRGBc","stock");// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$ImageName = $_FILES['fdisplay']['name'];
$fileElementName = 'pimg';
$path = 'upload/';   // path where you want to save images
$location = $path . $_FILES['fdisplay']['name']; 
move_uploaded_file($_FILES['fdisplay']['tmp_name'], $location); 
$sql="INSERT INTO Laptops (Modelno, Cpu, RAM, HDD, Display)
VALUES
('$_POST[fname]','$_POST[fcpu]','$_POST[fram]','$_POST[fhdd]','$ImageName')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "1 record added";
mysqli_close($con);
?>

edited Aug 16 '13 at 10:46

answered Aug 02 '13 at 09:48

chirag ode

950
7
15

take form like this
– chirag ode Aug 02 '13 at 09:50
i am just trying to help with his own code..so that he can understand easily.come on he is a beginner. – chirag ode Aug 02 '13 at 09:58
I'm not insulting, I don't dislike person in question. I just hate the code I'm seeing, and there are thousands of examples of cleaner, shorter, easier to understand code. Helping but helping badly is the same as if you fix a car tire and it's still deflated. It makes no sense. If you can't produce good code, then at least don't "help" with bad code. – N.B. Aug 02 '13 at 10:04
@N.B. you need to use the at symbol to ping me. In terms of your approach, at least one neutral third party found your message insulting - please reflect on that, even if you disagree. It is perfectly possible for you to point out the flat tyre without being offensive to the mechanic. (For the record, the comment in question has been removed now). – halfer Aug 02 '13 at 11:57
@N.B. - one of the things us programmers aren't very good at - and I include myself in this generalisation `:-)` - is taking criticism. Stack Overflow is a fascinating view of us as a species, including the many conversations over on _Meta_ about how welcoming we are to low rep users. Perhaps you will permit me to critique your approach if I assure you I am well-intentioned? Indeed, if there is a way I may politely raise the subject of your tone without it coming across as a lecture, then I will listen to that criticism. Is there a way I could have phrased it better? – halfer Aug 02 '13 at 21:02

How to insert an image into mysql table?

4 Answers4