0

I would like to store image into MySQL Database. But apparently all i received was this [Secreenshot 1]. And, how do i upload image into MySQL Database? (I know that i need to edit at the $target_dir but what exactly should i put inside?

HTML Codes for uploading.

<form action="upload.php" method="post" enctype="multipart/form-data">
Select image to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload Image" name="submit">
</form>

PHP codes for upload.php

<?php
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
    echo "File is an image - " . $check["mime"] . ".";
    $uploadOk = 1;
} else {
    echo "File is not an image.";
    $uploadOk = 0;
}
}
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
    echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
} else {
    echo "Sorry, there was an error uploading your file.";
}
}
?>

Preview! Secreenshot 1

Wen Qing
  • 109
  • 6
  • 2
    You're probably better off storing the path in a database, and saving the actual image on the server instead. – Qirel Nov 28 '17 at 12:22
  • @Qirel may I know the reason please? – Danyal Sandeelo Nov 28 '17 at 12:22
  • 1
    Image transfers will kill your database performance. – mopsyd Nov 28 '17 at 12:23
  • 1
    There's a few reasons why storing the actual image in a database is a bad idea, heres some of them https://stackoverflow.com/questions/3748/storing-images-in-db-yea-or-nay – Qirel Nov 28 '17 at 12:23
  • Best option: Store the image on S3 or similar, and store the path in your database. This way you aren't eating the bandwith for the transfer from the host to client. Second best option: Otherwise store the image locally in your file structure and store the path to that in the database. – mopsyd Nov 28 '17 at 12:24
  • storing the image on a filepath would speed up the fetch operation since just the name will be fetched instead of the whole blob and then we have the overhead of converting the blob. – Danyal Sandeelo Nov 28 '17 at 12:25
  • On what PHP version are you running this?.. You might want to remove NULL bytes from $target_file with `$target_file = str_replace("\0", '', $target_file)` so NULL byte injection with a filename image.php\0.jpg isn't possible on the functions file_exists() and move_uploaded_file()... – Raymond Nijland Nov 28 '17 at 12:29

1 Answers1

-1

There could be two issues

  1. Directory missing : The directory where you're trying to upload could be missing. Make sure destination directory exists before you upload a file
  2. Permission : Apache might not be having proper permission to move the file from tmp directory to destination directory. Please provide proper file upload permission to the destination directory. If you are using Linux environment, you can run chmod or chown commands to achieve this.
Rads
  • 185
  • 1
  • 2
  • 16