How to take an image that's been uploaded to a database and display it on the browser in a table with text in the other rows and columns

Question

I have been searching before asking a question to solve my problem. But couldn't quite find anything that solves my problem. What I'm trying to do is upload pictures and some text to a database. The uploading works and the image gets stored as its binary data in a blob variable. The problem is that I want to display the text and images in a table as part of a dynamic html page.

I get all of the text to load to the page correctly, but the images only show up as blank squares (for lack of a better description). If you have any ideas, I'm all for it. Here is the code for everything.

<form action="http://notactualsite/upload.php" method="post" enctype="multipart/form-data">
<table border="0">
<tr>
  <td>Select image to upload: </td>
<td><input type="file" name="image" id="image"></td>
</tr>
<tr>
<td>Where is this place?: </td>
<td><input type="text" name="destination" id="destination"></td>
</tr>
<tr>
<td>Why this place?: </td>
<td><input type="textbox" name="reason" id="reason"></td>  
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" value="Upload" name="submit"></td>        
</tr>
</table>
</form>

Now for the uploading php script/program

$servername = "";
$username = "";
$password = "";
$database = "";
$port = "";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database, $port);
// Check connection
if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
    }

$file = $_FILES['image']['tmp_name'];

$image = addslashes(file_get_contents($_FILES['image']['tmp_name']));
$image_size = getimagesize($_FILES['image']['tmp_name']);
$image_name = addslashes($_FILES['image']['name']);

$reason = $_POST['reason'];
$destination = $_POST['destination'];

if($image_size == true)
{


  $sqlStr = "INSERT INTO place2go VALUES ('$image_name','$image','$destination','$reason')";
  $insert = mysqli_query($conn, $sqlStr);


}
mysqli_close($conn);
header('Location: http://www.is1500finproj-000564723.squarespace.com/place-to-go/');
exit();
?>

now the problem code

$servername = "";
$username = "";
$password = "";
$database = "";
$port = "";

// Create connection
$conn = mysqli_connect($servername, $username, $password, $database, $port);

if ($conn) {

//echo "<h1>TESTING</h1>";

// Check connection
if (!$conn) {
   die("Connection failed: " . mysqli_connect_error());
}

$sql = "SELECT * FROM place2go";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
  // create table structure
 // output data of each row: a single player with picture and name
while($row = $result->fetch_assoc()) {

echo "<h3>";
echo $row["placeName"]. "</h3>";
 echo "<table border=0>";
  echo "<tr>";
   echo "<td><img src='" . $image . " ' width='50%' /></td>";
   echo "<td valign=top style='font-size:10pt'>";
   echo $row["placeWhy"]. "</td>";
 echo "</tr>";
echo "</table>";    
}  
}
mysqli_close($conn);
}
?>

one of the reasons why you DON'T store the image in the db, sore the path in the db, and the file on the (hint in the name) file system — , Aug 19 '15 at 21:54
Or if you have to store the image in the db, (though you shouldn't) call a PHP script that gets the image content from the db and use the header function to change the content type to that of an image — Pazuzu156, Aug 19 '15 at 22:03
Rather than saving the image to DB, move it somewhere and save a reference to that image. Add a timestamp and a random string or something to its name to make the name unique, move it somewhere and save the ref. — Dan-Levi Tømta, Aug 19 '15 at 22:09
See this answer for the specifics of Kaleb Klein's answer. [Change the retrieved image header.][1] [1]: http://stackoverflow.com/a/7793098/3585500 — ourmandave, Aug 19 '15 at 22:11
The website that I am using is weebly and as far as I can tell the website doesn't support storing information. If it does then I can change it to just upload it there instead. **I'll try everyone's suggestions later today and will let you know how it works** — Max S, Aug 20 '15 at 18:54

score -1 · Answer 1 · answered Aug 19 '15 at 22:12

-1

I will advice you to use a filesystem and also check the file to see that it really is a image file, but if you really want to save the image as binary use mysqli_real_escape_string instead of addslashes:

$image = mysqli_real_escape_string(file_get_contents($_FILES['image']['tmp_name']));

answered Aug 19 '15 at 22:12

Dan-Levi Tømta

796
3
14
29

no. don't use mysqli_real_escape_string on a blob, its not a string – Aug 19 '15 at 22:22
mysqli_real_escape_string is binary-safe - the documentation states: If binary data is to be inserted, this function must be used. ALL strings, whether user-supplied or not, need to be escaped if you don't use bound values. But that is outside the scope of this question. – Dan-Levi Tømta Aug 19 '15 at 22:29
ah ok, never knew (never stored binary data in a db) – Aug 19 '15 at 23:46

How to take an image that's been uploaded to a database and display it on the browser in a table with text in the other rows and columns

1 Answers1