if(isset($_GET['id'])) {
$id=$_GET['id'];
$query = select bin_data, filetype from binary_data where id=$id;
This is a really bad example, anybody can inject your query with
malicious sql commands.
Never trust user supplied data.
--
PHP Database Mailing List (http://www.php.net/)
To
]
Subject: RE: [PHP-DB] storing images in database
Date: Wed, 26 Jan 2005 13:30:45 +
if(isset($_GET['id'])) {
$id=$_GET['id'];
$query = select bin_data, filetype from binary_data where id=$id;
This is a really bad example, anybody can inject your query with malicious
sql commands.
Never trust
Thanks for all the tips guys. I'll keep the last couple for future
reference.
--
Chip
Gareth Heyes [EMAIL PROTECTED] wrote on 01/26/2005 05:30:45 AM:
if(isset($_GET['id'])) {
$id=$_GET['id'];
$query = select bin_data, filetype from binary_data where id=$id;
This is a really bad
Could be lots of things, improper/missing headers is most likely, although
it's not clear from your statement if you're displaying the binary data
directly in the page or are you calling an image output script in an image
tag. (as you should)
Show some code and the answer will be clear.
you can not ouput html and binary data at the same time. you need to have
image headers sent to the browser to show the image properly.
the best way to do this is to move the image processing code to a separate
page and include it like this
echo 'img src=./path/to/image.php?id=$id';
then the
Thanks Bastien,
In testing this I have added the code samples to a page and have it
working except the path statement is not correct. For now, I've just added
all the code to one page, rather than including a second page. The
statement - echo 'img src=id=$id'; is resulting in this error - The
Its not src='id=$id' that will defnintely blow up
echo 'img src=./path/to/image.php?id=$id';
where $id is the id of the record you are trying to get the image to...
Bastien
From: Chip Wiegand [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
CC: php-db@lists.php.net
Subject: RE: [PHP-DB] storing images
@lists.php.net
Subject: RE: [PHP-DB] storing images in database
Date: Tue, 25 Jan 2005 12:57:40 -0800
Bastien Koert [EMAIL PROTECTED] wrote on 01/25/2005 12:46:12 PM:
yes goes back to the whole header problem which is why you are here.
If you could post the code, it would be simpler to help you...
Bastien
Bastien Koert wrote:
Its not src='id=$id' that will defnintely blow up
echo 'img src=./path/to/image.php?id=$id';
where $id is the id of the record you are trying to get the image to...
Bastien
From: Chip Wiegand [EMAIL PROTECTED]
[snip]
In testing this I have added the code samples to a page
the default is the record_id that corresponds back to
the
id of the row with the image blob field.
Bastien
From: Chip Wiegand [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
CC: PHP DB php-db@lists.php.net
Subject: RE: [PHP-DB] storing images in database
Date: Tue, 25 Jan 2005 12:57:40 -0800
Filesystem is easier, by far since it avoids the content header. Glad you
solved it
bastien
From: Chip Wiegand [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
CC: PHP DB php-db@lists.php.net
Subject: RE: [PHP-DB] storing images in database
Date: Tue, 25 Jan 2005 14:32:11 -0800
I have done it an easier
. FWIW, I have the image stored in the database in a blob
field, is that correct?
--
Chip
From: Chip Wiegand [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] storing images in database
Date: Tue, 25 Jan 2005 12:44:44 -0800
Bastien Koert [EMAIL PROTECTED] wrote on 01/25/2005 12:39
12 matches
Mail list logo