Jump to content

Need Help With Storing File in Database with PHP


$Three3

Recommended Posts

Hey everyone, I am having trouble with this script I am running. I am trying to store pdf's and image files in my MySQL database but I keep getting crazy output in my browser. So to break everything down, here is my database setup for just the file storage part:

 

CREATE TABLE students (enrollment_from LONGBLOB NULL)

 

Now, when I try to upload a file and store it in the database in the enrollment_from column, I get an error. Here is the code I am using to upload the file to the databse so it can be stored:

 

//Start the SESSION
session_start() ;

if (!$_SESSION['loggedin']) {
header('Location: http://blah/School/Home.html') ;
exit() ;
}

/*If the user makes it this far, they have succesfully logged in.*/

//Check to see if the form has been submitted
if (isset($_POST['submitted'])) {

//Set the default timezone
date_default_timezone_set('US/Central') ;

//Check to make sure there were no errors with the file upload
if ($_FILES['file']['error'] == 0) {

	if (!$fp = fopen($_FILES['file']['tmp_name'], 'r')) {
		echo '<p>Could Not Open File.</p>' ;
                        exit() ;
	}

	if (!$file_content = fread($fp, $_FILES['file']['size'])) {
		echo '<p>Could Not Read File.</p>' ;
                        exit() ;
	}

	//Connect to the database
	require_once('blah/html/Payments/mysql_connect.php') ;

	//Insert the uploaded content into the database
	$query = "UPDATE students SET enrollment_form = '$file_content' WHERE student_id = " . $_SESSION['student_id'] . " LIMIT 1" ;
	$result = mysqli_query($dbc, $query) ;
	$num = mysqli_affected_rows($dbc) ;

	if ($num == 1) {

		//The query was successful
		//Redirect the user to the upload 2 page where the 2nd document will be uploaded
		header('Location: http://blah/Payments/upload2.php') ;
		exit() ;

	} else {

		//There was an error with the query
		echo '<p>There was an error in the query. Error # 1.</p>' ;

	}

} else {

	//There was an error with the file upload
	echo '<p>There was an error with the file upload. The error # is: ' . $_FILES['file']['error'] . '</p>' ;

}

} else {

//The form has not been submitted
//Display the form

echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Student Payment Center: Upload Enrollment Form</title>
</head>' ;

echo '
<fieldset><legend>Please upload the students enrollment form into the form below.</legend>
<form action="upload.php" method="post" enctype="multipart/form-data">
<input name="MAX_FILE_SIZE" type="hidden" value="8388608">
<p>Upload: <input name="file" type="file"></p>
<input name="submit" type="submit" value="Upload">
<input name="submitted" type="hidden" value="true">
</form>' ;

echo '<p>The student id is: ' . $_SESSION['student_id'] ;

}

?>

 

The error I am getting is this: There was an error in the query. Error # 1. It is my own error. It means there is an error with the query obviously but I am not sure what is wrong with the query. I have googled everything but have found no answers. Any help is greatly appreciated and Thanks in advance.

 

--------------------------------------------------------------------------------------------------------------------------------------------

EDIT

I have been trying to upload every file type possible to see if anything will work, and the olny thing that will seem to work is a file with a .html extension. Why is?

Link to comment
Share on other sites

A) If everything in this post is accurate, you have a column spelled two different ways and would be getting a mysql error.

 

B) If you echo mysql_error() as part of your error reporting logic, php/mysql will tell you why the query failed.

 

C) You must escape all data that is put into a query so that any SQL special characters in it does not break the SQL syntax. I can just about guarantee that binary file data will contain a number of values that must be escaped. See this link - mysql_real_escape_string

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.