Jump to content

PHP Blob File

hobbiton73

By hobbiton73
in PHP Coding Help

 Share

Recommended Posts

hobbiton73 Member

hobbiton73

Posted
Posted

Hi, I wonder whether someone may be able to help me please.

 

Through articles I've read on the Interent I've put together the code shown below which allows a user to upload, view and delete image files from a mySQL database.

 

if (!mysql_connect($db_host, $db_user, $db_pwd))
    die("Can't connect to database");

if (!mysql_select_db($database))
    die("Can't select database");

// This function makes usage of 
// $_GET, $_POST, etc... variables 
// completly safe in SQL queries 
function sql_safe($s) 
{ 
    if (get_magic_quotes_gpc()) 
        $s = stripslashes($s); 

    return mysql_real_escape_string($s); 
} 

// If user pressed submit in one of the forms 
if ($_SERVER['REQUEST_METHOD'] == 'POST') 
{ 
    if (!isset($_POST["action"])) 
    { 
        // cleaning title field 
        $title = trim(sql_safe($_POST['title'])); 

        if ($title == '') // if title is not set 
            $title = '(No title provided';// use (empty title) string 

        if (isset($_FILES['photo'])) 
        { 
            @list(, , $imtype, ) = getimagesize($_FILES['photo']['tmp_name']); 
            // Get image type. 
            // We use @ to omit errors 

            if ($imtype == 3) // cheking image type 
                $ext="png";   // to use it later in HTTP headers 
            elseif ($imtype == 2) 
                $ext="jpeg"; 
            elseif ($imtype == 1) 
                $ext="gif"; 
            else 
                $msg = 'Error: unknown file format'; 

            if (!isset($msg)) // If there was no error 
            { 
                $data = file_get_contents($_FILES['photo']['tmp_name']); 
                $data = mysql_real_escape_string($data); 
                // Preparing data to be used in MySQL query 

                mysql_query("INSERT INTO {$table} 
                                SET ext='$ext', title='$title', 
                                    data='$data'"); 

                $msg = 'Success: Image Uploaded'; 
            } 
        } 
        elseif (isset($_GET['title']))      // isset(..title) needed 
            $msg = 'Error: file not loaded';// to make sure we've using 
                                            // upload form, not form 
                                            // for deletion 

	elseif($_FILES["fileupload"]["size"]/1024000 >= 10) // 10mb 
	{     
	$msg = "<br />Your uploaded file size:<strong>[ ". $_FILES["fileupload"]["size"]/1024000  . " MB]</strong> is more than allowed 10MB Size.<br />";        
	} 

        if (isset($_POST['del'])) // If used selected some photo to delete 
        {                         // in 'uploaded images form'; 
            $imageid = intval($_POST['del']); 
            mysql_query("DELETE FROM {$table} WHERE imageid=$imageid"); 
            $msg = 'Photo deleted'; 
        } 

        if (isset($_POST['view'])) // If used selected some photo to delete  
        { // in 'uploaded images form';  
            $imageid = intval($_POST['view']);  
            mysql_query("SELECT ext, data FROM {$table} WHERE imageid=$imageid");  

            if(mysql_num_rows($result) == 1)  
            {  
                $image = $row['myimage'];  
                header("Content-type: image/gif"); // or whatever  
                print $image;  
                exit;  
            }  
        }  
    } 
    else 
    { 
        $imageid = intval($_POST['del']); 

        if ($_POST["action"] == "view") 
        { 
            $result = mysql_query("SELECT ext, UNIX_TIMESTAMP(imagetime), data 
                                     FROM {$table} 
                                    WHERE imageid=$imageid LIMIT 1"); 

            if (mysql_num_rows($result) == 0) 
                die('no image'); 

            list($ext, $imagetime, $data) = mysql_fetch_row($result); 

            $send_304 = false; 
            if (php_sapi_name() == 'apache') { 
                // if our web server is apache 
                // we get check HTTP 
                // If-Modified-Since header 
                // and do not send image 
                // if there is a cached version 

                $ar = apache_request_headers(); 
                if (isset($ar['If-Modified-Since']) && // If-Modified-Since should exists 
                    ($ar['If-Modified-Since'] != '') && // not empty 
                    (strtotime($ar['If-Modified-Since']) >= $imagetime)) // and grater than 
                    $send_304 = true;                                     // imagetime 
            } 

            if ($send_304) 
            { 
                // Sending 304 response to browser 
                // "Browser, your cached version of image is OK 
                // we're not sending anything new to you" 
                header('Last-Modified: '.gmdate('D, d M Y', $ts).' GMT', true, 304); 

                exit(); // bye-bye 
            } 

            // outputing HTTP headers 
            header('Content-Length: '.strlen($data)); 
            header("Content-type: image/{$ext}"); 

            // outputing image 
            echo $data; 
            exit(); 
        } 
        else if ($_POST["action"] == "delete") 
        { 
            $imageid = intval($_POST['del']); 
            mysql_query("DELETE FROM {$table} WHERE imageid=$imageid"); 
            $msg = 'Photo deleted'; 
        } 
    } 
} 
?>

 

The problem I'm having is around the error message shown if the File Size is over the prescribed limit.

 

The part of the script that deals with this starts with the line: 

elseif($_FILES["fileupload"]["size"]/1024000 >= 10) // 10mb

Even though the file upload may fail because of the size of the file I receive the 'Error: unknown file format' message, and I'm not sure why.

 

I'm certainly no expert when it comes to PHP, so perhaps my lack of knowledge is letting me down.

 

But I just wondered if someone could perhaps take a look at this please and let me know where I'm going wrong.

 

Many thanks

 

Chris

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

You must test if the $_FILES array is empty or not (exceeding the post_max_size setting will cause the $_FILES array to be empty.) See this link - http://us3.php.net/manual/en/ini.core.php#ini.post-max-size Then you must test if the upload was successful or not before you can access any of the uploaded file information. See this link - http://us3.php.net/manual/en/features.file-upload.errors.php

Link to comment
Share on other sites
hobbiton73 Member

hobbiton73

Posted
  • Author
Posted

Hi many thanks for taking the time to reply to my post, but I must admit to being a little lost!

 

I'm am relatively new to PHP, so could you possibly elaborate as to the changes that I need to make to my script so I can then tie them up with the links you kindly provided.

 

Kind regards

 

Chris

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.