0

Recently I have tried to insert images into database via prepared statements. Sadly, in the tutorials there is not information how to include other informations than strings. I would like to make my prepared statements pass images into database Here is my code which does not work.

$connect = mysqli_connect($hostname, $username, $password, $databaseName);
$fname = mysqli_real_escape_string($connect, $_POST['yname']);
$lname = mysqli_real_escape_string($connect, $_POST['email']);
$filename = $_FILES['uploadfile']['name'];
$filetmpname = $_FILES['uploadfile']['tmp_name'];
$folder = 'imagesuploadedf/';
// edited and added below code. it will check if folder exists and create if not exists.....
$foldername = 'imagesuploadedf';
if ( ! is_dir($foldername)) {
    mkdir($foldername);
}
// end of edited and added code
move_uploaded_file($filetmpname, $folder.$filename);
// $sql = "INSERT INTO `uploadedimage` (`imagename`)  VALUES ('$filename')";
// connect to mysql database using mysqli
$sql = "INSERT INTO `tabela`(`name`, `email`, `imagename`) VALUES (?, ?, ?)";    
$stmt = mysqli_stmt_init($connect);
if(!mysqli_stmt_prepare($stmt, $sql)){
    echo "Error";
} else{
    mysqli_stmt_bind_param($stmt, "sss", $fname, $lname, $filename);
    mysqli_stmt_execute($stmt);
}
mysqli_close($connect);
}
BlackNetworkBit
  • 768
  • 11
  • 21
Jonathan Crane
  • 23
  • 6
  • Images do not belong to database, they belong to file system. what you should do store the image in a directory then store the path to the image in the db – Masivuye Cokile Sep 06 '18 at 10:32
  • Is that the whole code ? if yes then you got an } extra – BlackNetworkBit Sep 06 '18 at 10:33
  • It's not clear if you're trying to insert a blob field and the image embedded there or if you want to store only the file name string into the database. In the title it seems that you're trying to store a blob and the code indicates that you're trying to insert the file name string – Leandro Jacques Sep 06 '18 at 10:35
  • If it's blob that you're trying to store, here's the PHP PDO documentation indicating how to do this. PDO is the indicated way to connect to database in PHP, as it's database agnostic and has lots of functionalities. http://php.net/manual/en/pdo.lobs.php – Leandro Jacques Sep 06 '18 at 11:11

1 Answers1

-1

For saving the image to the database you have to convert them into a dataurl format which will make your database large in size. There is an alternative which you are trying to above save data to local or to the server then save its name to data and call it from there

if (!empty($_FILES['image']['name'])) {
    $imgFile = $_FILES['image']['name'];
    $tmp_dir = $_FILES['image']['tmp_name'];
    $imgSize = $_FILES['image']['size'];
    $imgExt = strtolower(pathinfo($imgFile, PATHINFO_EXTENSION));
    $upload_dir = $folder.$filename;
    $filename = rand(1000, 1000000) . "." . $imgExt;
    $valid_extensions = array('jpeg', 'jpg', 'png', 'gif');
    if (in_array($imgExt, $valid_extensions)) {
        if ($imgSize < 5000000) {
            move_uploaded_file($tmp_dir, $upload_dir . $filename);
        } else {
            $error = 'Image is too large';
        }
    } else {
        $error = 'Please choose image of valid extension';
    }
} else {
    $error = 'Upload image';
}

above is the code to save the image to the local or server. Now, include the image name to the database query. I hope this helps.

Exterminator
  • 1,221
  • 7
  • 14