image insertion to database and showing using php and mysql not working

Question

I don't know why this is not working. Please help me guys to come from it

<form action="login.php" method="post" enctype="multipart/form-data">

<br><br><br>
Select image: <input type="file" name="image" size="40" id="image">
<br><small> must be less than 512kb </small>

<br><br>
<input type="submit" name="submit" value="submit">  
</form>


<?php 
    // Script Error Reporting
    error_reporting(E_ALL);
    ini_set('display_errors', '1');
?>

There are 3 columns in database like id , name , image as long blob type

<?php

if(isset($_POST['submit']))
{   
    $con=@mysqli_connect("localhost","root","","work");
    $imagedata=mysqli_real_escape_string($con,file_get_contents($_FILES['image'] ['tmp_name']));
    $imagename=mysqli_real_escape_string($con,$_FILES['image'] ['name']);
    $imagetype=mysqli_real_escape_string($con,$_FILES['image'] ['type']);

    if(substr($imagetype,0,5) =="image")
    {
     $con=@mysqli_connect("localhost","root","","work");
     mysqli_query($con,"INSERT INTO pics VALUES('$imagename','$imagedata')" or die (mysqli_error($con)));
    }
    else
    {
    echo"only images are allowed";
    }
}
?>
<img src="showimage.php" />

showimage.php

<?php

    $con=@mysqli_connect("localhost","root","","work");

    $query = mysqli_query($con,"select* from pics" or die (mysqli_error($con)));

    $row=mysqli_fetch_assoc($query);

    $imagedata= $row["image"];

    header("content-type: image/jpeg");

    echo $imagedata;

?>

Please help me guys. I don't know what wrong I am doing here.

@komaldeepsinghchahal Have you already localized the problem? Is it a problem with writing or reading the data? Will the data be written to the database correctly? — mario.van.zadel, Aug 05 '15 at 06:23
@mario.klump it is both with reading and writting the data... i dont know why this is happening now.. earlier it was working properly..... — komal deep singh chahal, Aug 05 '15 at 06:27
@komaldeepsinghchahal Please add the table fields to your insert statement like you did in your other question: `INSERT INTO pics ( name, image) values('$name','$image')` - https://stackoverflow.com/questions/31815043/base-64-code-not-working-not-showing-images-from-database-in-html-php-mysql-f — mario.van.zadel, Aug 05 '15 at 06:35
yea man.. i asked again .. bcause.. i dont able to solve my problem @mario.klump — komal deep singh chahal, Aug 05 '15 at 06:37
Can you give me a directory/folder where you want to save your image? — Logan Wayne, Aug 05 '15 at 06:41
i dont know.. that i have image in folder. i was just doing in database.... if i am wrong in my concept plz make me correct @LoganWayne — komal deep singh chahal, Aug 05 '15 at 06:44
So what is the column name? Where you want to store the file name? — Logan Wayne, Aug 05 '15 at 07:03
in showimage.php echo the $imagedata variable and let me know what output you are getting? — Tarun Upadhyay, Aug 05 '15 at 07:46

score 2 · Accepted Answer · edited May 23 '17 at 11:51

Note:

Why do you repeatedly declaring your $con?
Using mysqli_real_escape_string() is good for sanitizing the value of a variable, but it is best and a must to use mysqli_prepared statement.
Where is your code that does the uploading?
In your root folder, create a folder named images
You can use the accept tags for your input file. Add this accept=".jpg, .jpeg, .png" to your <input type="file"... And add a checking also in your PHP submitted page to check if it is indeed an image.
What is the name of your table/column you wanted to insert your file name?
I have included some explanations on the code below.

You can change your login.php to this:

<?php

  if(isset($_POST['submit']))
  {   

    $con = new mysqli("localhost","root","","work"); /* ESTABLISH CONNECTION */

    $uploadedfile = $_FILES["image"]["tmp_name"];
    $allowedExts = array("png","jpg","jpeg"); /* ACCEPTED FILE FORMAT */
    $filename = $_FILES["image"]["name"]; /* NAME OF THE FILE */
    $extension = pathinfo($filename, PATHINFO_EXTENSION); /* GET THE FILE EXTENSION */
    $extension = strtolower($extension); /* LOWER THE STRINGS OF THE EXTENSION */

    if(in_array($extension,$allowedExts)){ /* IF FILE IS INDEED AN IMAGE */

      $path = "images/".$filename; /* DIRECTORY WHERE YOU WANT TO STORE THE IMAGE ALONG WITH THE FILE NAME */
      move_uploaded_file($uploadedfile,$path); /* MOVE THE FILE TO YOUR IMAGES FOLDER */

      /* PLEASE CHANGE THE NECESSARY TABLE NAME AND COLUMN NAME IN THE QUERY BELOW*/
      if($stmt = $con->prepare("INSERT INTO pics (name) VALUES (?)")){
        $stmt->bind_param("s",$filename); /* BIND THE FILE NAME TO THE QUERY */
        $stmt->execute(); /* EXECUTE THE QUERY */
        $stmt->close();
      } /* END OF PREPARED STATEMENT */

      echo '<img src="images/'.$filename.'">'; /* OUTPUT THE UPLOADED IMAGE */

    } /* END OF IF; CHECKING THE ALLOWED EXTENSIONS */

    else { /* IF FILE FORMAT IS NOT SUPPORTED */

      echo "You did not upload an image.";

    } /* END OF ELSE */

  } /* END OF ISSET POST SUBMIT */

?>

Note: I did not rename the file name, so if a user uploaded a file that has the same file name with a previous file, it will cause a conflict. Understand this code first, before proceeding with renaming of files.

thanks for making my concept clear brother @logan wayne – komal deep singh chahal Aug 05 '15 at 08:34 — komal deep singh chahal, Aug 05 '15 at 08:34

image insertion to database and showing using php and mysql not working

1 Answers1

Note: