2

I am pulling the data from ms sql server image field. The byte array is formed like this

public byte[] saveImageBlob(string number)
{
    string strSql = "select pic from emp where number like '" + number + "'";
    SqlCommand cmd = new SqlCommand(strSql, conn);
    SqlDataReader MyReader = cmd.ExecuteReader();

    if (MyReader.Read())
    {
        byte[] m_MyImage = (byte[])MyReader["pic"];
        return m_MyImage;
    }
    return null;
}

Then i call the array in my page_load function and put it in the filestream like this

        Employee emp = new Employee();
        emp.getEmployee(Request.QueryString["user"]);
       string file_name = System.AppDomain.CurrentDomain.BaseDirectory + "/img/" + emp.Number.ToString() + ".bmp";

        System.IO.FileStream _FileStream = new System.IO.FileStream(file_name, System.IO.FileMode.Create, System.IO.FileAccess.Write);

        _FileStream.Write(emp.Picture, 0, emp.Picture.Length);

        _FileStream.Close();

The employee class does nothing but pass the data between page_load and my db class.

The file is saved in the right place with the right name and the size looks correct. But i cant open it or see the picture. The file is corrupt.

The client told me that the image field in the sql server contains BMP images.

I am a bit lost here, has anyone had experience with working with mssql blobs?

Is there any way i can see if the image/blob field is corrupt in the DB?

Am i missing something crucial in my code?

With regards, ssg.

Improve this question
5
  • Are you sure the blob is a bmp? Have you tried saving it as a jpg or png? Examining the first few bytes in text editor should give you a clue to the image type. Commented Dec 12, 2011 at 21:49
  • Have you tried naming it .gif, .png and then tried to open the image? Commented Dec 12, 2011 at 21:50
  • what if you used a memorystream and from there convert it down to to a byte MemoryStream ms = new MemoryStream(); yourBitmap.Save( ms, ImageFormat.Bmp ); byte[] bitmapData = ms.ToArray(); would that work better..? Commented Dec 12, 2011 at 22:00
  • I tried this MemoryStream ms = new MemoryStream(emp.Picture); Bitmap image = new Bitmap(ms); image.Save(file_name); And i get System.ArgumentException: Parameter is not valid. I also tried saving the file as .png,.jpg and .gif with my original filestream and it did not work. Just got more corrupted files. How can i see it in the text editor if it is a bmp file? Commented Dec 12, 2011 at 22:24
  • Here is the properties for the image field in the db felaga23.dg.is/imagefield.jpg. Could it be that length 16 is too small, this table is ancient and my client has never used the blob field to display the pictures, only insert. Commented Dec 13, 2011 at 1:34

1 Answer 1

Reset to default
3

First and foremost, stop doing SQL injection in your code. Please stop right now, review your entire project, and replace all the occurrences where you build dynamic SQL with proper parameters:

string strSql = "select pic from emp where number like @number";
SqlCommand cmd = new SqlCommand(strSql, conn);
cmd.Parameters.Add ("@number", SqlDbType.Varchar, 8000);
cmd.Parameters["@number"].Value = number;

Read How Data Access Code Affects Database Performance on how to properly use parameters. Second, use the proper predicates for locating data. There is no need for LIKE. Use =:

 string strSql = "select pic from emp where number = @number";

Now, your question: Why do you save the image to begin with, why not use the image straight from the DB? See Download and Upload images from SQL Server via ASP.Net MVC for a sample that uses SQL Server BLOB as storage for media in an efficient streaming fashion, w/o using full-image-size-in-memmory-array-copy allocations nor intermediate files.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks for your advise, i will certanly fix the SQL injections. But i really think the method suggested to display the image is too complex for this project. I have limited time now to finish this, and it will work for us to save the images on the disk. It should only be 500 1mb portraits so we dont worry about disk space.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.