1

Basically working on a test to get an idea about how to upload/display images in relation betweehn php/mysql.

The problem is after I upload the image, on database, BLOB column just dipslays the "im" instead of "image/jpeg". What could be the problem that is inserting the data as an "im"?

Many Thanks

Here is the Code

$aname = $_POST['aname'];
$adetails = $_POST['adetails'];
$aphoto = addslashes(file_get_contents($_FILES['aphoto']['tmp_name']));
$image = getimagesize($_FILES['aphoto']['tmp_name']); //to know about image type etc.
$aphototype = $image['mime'];


$q = "INSERT INTO animaldata VALUES('','$aname','$adetails','$aphoto','$aphototype')";
Improve this question
1
  • It just displays "im" where? Are you talking about phpMyAdmin or something? Why are you storing the mime type in a blob field? Commented Jul 20, 2012 at 13:40

1 Answer 1

Reset to default
1

My best guess is the column you're inserting last should be a varchar, or is not long enough (e.g. only 2 characters allowed max), or something similar. Check your table structure too!

Note by inserting into animaldata without specifying which columns, you're also creating a little bit of ambiguity. I'd recommend naming the columns, and possibly having a default value for your first column...

INSERT INTO animaldata
    (Name, Details, Photo, PhotoType)
    Values('$aname', '$adetails', '$aphoto', '$aphototype');

Look into prepared statements too... make your statements a little more secure ;)

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

OMG! this is ridiculuous. Thank you very much David, sometimes it doesn't matter how many of the glasses you put on your face in order to be able to see, you can't see it anyway... varchar(2) was causing the problem. btw thnx for additional information which makes it more secure. However, what I don't understand is, additional name options are actually as same as I put in the values. What is the main purpose to put column names before Values? Many thanks again...
@user1540914 : If his answer solved your doubt, mark it as correct answer (click on the tick symbol on the left side of this answer)
@user1540914: sorry for not explaining better. If you are getting user data, I would recommend a prepared statement like this: link Note the "?" in the prepared statements -- PDO and mysqli both allow you to throw in unsafe text (filled with quotation marks, for example) without the fear they can be used as injection attacks. Anyway...

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.