?
Solved

Image upload works fine, but blob data incomplete

Posted on 2004-08-22
6
Medium Priority
?
668 Views
Last Modified: 2013-12-12
Ok...here's my problem. I have some code that uploads an image into a MySql DB table. When I initiate the upload, all fields receive their proper data except my mediumblob. I have the MAX_FILE_SIZE var set large enough to accomodate the file upload and the apache setting for uploads is also well within spec for a successful upload. But upon completion of the INSERT INTO query the only data that makes it to the blob field is between 38 to 40 bytes even though the file was originally 103k.

Here is the code I used for this...any help would be greatly appreciated.
-----------------------------------------------------------------------------------------------------------------------------------------------------
include('includes/db_functs_inc.php');

$uploaddir = '/var/tmp/uploads/';
$uploadfile = $uploaddir . $_FILES['userfile']['name'];

print 'Upload File: ' . $uploadfile . '<br>';

print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
{
   chmod($uploadfile, 0755);
   $sql = 'SELECT * FROM `tblImages`;';
   $dbResult = db_runQuery($sql);

   while($row = mysql_fetch_array($dbResult))
   {
      if($_FILES['userfile']['name'] == $row['imgName'])
      {
         $exists_in_db = true;
      }
      else
      {
         $exists_in_db = false;
      }
   }

   if(!$exists_in_db)
   {
      $ImageDim = getImgSize($uploadfile);
      #create a primary db row entry for the image
      $sql = 'INSERT INTO tblImages VALUES(\'\', \'' . $_POST['desc'] . '\', \'1\', \'';
      $sql .= $_FILES['userfile']['name'] . '\', \'LOAD_FILE("' . $uploadfile . '")\', \'' . $ImageDim[0] . '\', \'' . $ImageDim[1] . '\');';
      db_runQuery($sql);
      #add the image to the created row entry via the user's ID
      print "File ($uploadfile) is valid, and was successfully uploaded.<br>";
      print '<a href="javascript:history.back(\'1\');">Back</a>';
      shell_exec("rm " . $uploadfile);
   }
   else
   {
      print $_FILES['userfile']['name'] . ' already stored in the database.';
      print '<a href="javascript:history.back(\'1\');">Back</a>';
      exit();
   }
}
else
{
   print "Possible file upload attack!  Here's some debugging info:\n";
   print_r($_FILES);
}
print "</pre>";
----------------------------------------------------------------------------------------------------------------------------
As stated earlier, everything runs fine and the new record gets inserted. Its just that the image data being sent using the LOAD_FILE seems to be failing or I am missing something that ensures that the data makes it to the table field completely.

Thanks in advance for any help offered.
0
Comment
Question by:Richard Davis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
Boris Aranovich earned 200 total points
ID: 11870603
If the MySQL function is failing, try:

$sql = 'INSERT INTO tblImages VALUES(\'\', \'' . $_POST['desc'] . '\', \'1\', \'';
$sql .= $_FILES['userfile']['name'] . '\', \'' . mysql_escape_string(file_get_contents($uploadfile)) . '\', \'' . $ImageDim[0] . '\', \'' . $ImageDim[1] . '\');';

0
 
LVL 12

Author Comment

by:Richard Davis
ID: 11887425
Hi, thanks for the suggestion. Sorry that its taken me so long to get back to you. My schedule is insane. I'll be trying to implement what you left here and if that works, I award you the points for it immediatly.

I'll be getting back in touch tomorrow with whether this worked or not.

Thanks very much Nomaed.

~Adrian
0
 
LVL 12

Author Comment

by:Richard Davis
ID: 11928156
Hi,

Sorry its taken me so long to get with you. Extremely busy.
I tried your suggestion and still the same results.
When I upload with either form of the INSERT INTO sql statement only 46 bytes make it into the blob field even though the original file being uploaded is 103K in size.

Not sure what to look at now. I've checked my MySql settings, PHP settings and even Apache setting yet everything checks out fine.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 3

Expert Comment

by:Boris Aranovich
ID: 11928716
Perhaps there is some issue with the configuration of the apache...
try some upload script, put the file you uploaeded to some folder on the web (don't forget 777), and via FTP check if the file is the same as you uploaded
0
 
LVL 12

Author Comment

by:Richard Davis
ID: 11931455
Does it have to be chmod'ed to to 777 or can it just be 755 or 766?
I current am doing a chmod on the file and setting it to 755.

Thanks
0
 
LVL 12

Author Comment

by:Richard Davis
ID: 11931802
Ok,

I got it to work using your SQL suggestion. The problem was that I was calling a different script for handling the upload, but was modifying the filemgr.php instead of the upload.php script.

Also, I was able to keep the permissions at 755 and it still worked fine. I will be trying it with even tighter permissions like 744 and see if I can still keep it working just for security's sake.

Thanks for all you help.

Adrian
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question