mysql - PHP - broken image displaying from database -
every time user submits picture "profile pic" display "broken image" , noticed when physically insert image mysql data base , display it, works , size of file changes "blob - kib" instead of mb. when insert same image database using "upload file", image turns "blob mb" , doesn't display on website. saw post , said remove "addslashes" variable , did still didn't work. wan't display image database submitted user. works when physically insert database without file if one, doesn't work. here screen shot of database structure, upload file, , retrieving file.
php upload file
session_start(); if(empty($_files) && empty($_post) && isset($_server['request_method']) && strtolower($_server['request_method']) == 'post') { //catch file overload error... $postmax = ini_get('post_max_size'); //grab size limits... echo "<p style=\"color: #f00;\">\nplease note files larger {$postmax} result in error!</p>"; // echo out error , solutions... return $postmax; } if(isset($_cookie['username'])) { if($_session['came_from_upload'] != true) { setcookie("username", "", time() - 60 * 60); $_cookie['username'] = ""; header("location: developerlogin.php"); exit; } error_reporting(e_all & ~e_notice); if($_server['request_method'] == "post") { $token = $_session['token']; $userid = $_session['id']; $fullname = addslashes(trim($_post['fullname'])); $username = addslashes(trim($_post['username'])); $email = addslashes(trim($_post['email'])); $password = addslashes(trim($_post['password'])); $storepassword = password_hash($password, password_bcrypt, array( 'cost' => 10 )); $file_tmp = addslashes(trim($_files['file']['tmp_name'])); $file_name = addslashes(trim($_files['file']['name'])); try { // new php data object $handler = new pdo('mysql:host=127.0.0.1;dbname=magicsever', 'root', ''); //attr_errmode set exception $handler->setattribute(pdo::attr_errmode, pdo::errmode_exception); } catch(pdoexception $e) { die("there error connecting database"); } $stmtchecker = $handler->prepare("select * generalusersdata user_id = ?"); $stmtchecker->execute(array( $userid )); if($result = !$stmtchecker->fetch()) { setcookie("username", "", time() - 60 * 60); $_cookie['username'] = ""; header("location: developerlogin.php"); exit; } if(!empty($fullname)) { $stmtfullname = $handler->prepare("update generalusersdata set fullname = ? user_id = ?"); $stmtfullname->execute(array( $fullname, $userid )); } if(!empty($username)) { $stmtcheckerusername = $handler->prepare("select * generalusersdata username = ?"); $stmtcheckerusername->execute($username); if($resultcheckerusername = $stmtcheckerusername->fetch()) { die("username in use! please try again"); } $stmtusername = $handler->prepare("update generalusersdata set username = ? user_id = ?"); $stmtusername->execute(array( $username, $userid )); } if(!empty($email)) { if(filter_var($email, filter_validate_email) == false) { die("email not valid!"); } $stmtcheckeremail = $handler->prepare("select * generalusersdata email = ?"); $stmtcheckeremail->execute($email); if($resultcheckeremail = $stmtcheckeremail->fetch()) { die("email in use! please try again"); } $stmtemail = $handler->prepare("update generalusersdata set email = ? user_id = ?"); $stmtemail->execute(array( $email, $userid )); } if(!empty($password)) { if(strlen($password) < 6) { die("password has greater 6 characters!"); } //check if password has atleast 1 uppercase, 1 lowercase , number if(!preg_match("(^(?=.*[a-z])(?=.*[a-z])(?=.*\d).+$)", $password)) { echo 'password needs @ least 1 uppercase, 1 lowercase, , number!'; exit; } $stmtpassword = $handler->prepare("update generalusersdata set password = ? user_id = ?"); $stmtpassword->execute(array( $storepassword, $userid )); } if($_files['file']['error'] == upload_err_ok) { $mime = mime_content_type($_files['file']['tmp_name']); if(strstr($mime, "video/")) { die("please note file not image... please select image profile picture"); } else if(strstr($mime, "image/")) { $allowedtypes = array( imagetype_png, imagetype_jpeg ); $detectedtype = exif_imagetype($_files['file']['tmp_name']); if($extensioncheck = !in_array($detectedtype, $allowedtypes)) { die("failed upload image; format not supported"); } $dir = "devfiles/"; $uploadedfile = $dir . basename($_files['file']['name']); if(is_dir($dir) == false) { mkdir($dir, 0700); } if(!move_uploaded_file($_files['file']['tmp_name'], $uploadedfile)) { die("there error moving file... please try again later!"); } $stmtfile = $handler->prepare("update generalusersdata set profile_image = ?, file_tmp = ? user_id = ?"); $stmtfile->execute(array( $file_name, $file_tmp, $userid )); } } $_session['token'] = $token; header("location: developerupload.php"); exit; } } else { header("location: developerlogin.php"); exit; } html
<form method="post" enctype="multipart/form-data" autocomplete="off"> information changer<br> fullname: <input type="text" name="fullname" placeholder="full name....."> <br/> <br/> username: <input type="text" name="username" placeholder="user name....."> <br/> <br/> email: <input type="text" name="email" placeholder="email....."> <br/> <br/> password: <label><input type="password" name="password" placeholder="password....." ></label> <br></br> profile picture: <input type="file" name="file"> <br/> <input type="submit" name="submit"> </form> retrieving file
try { // new php data object $handler = new pdo('mysql:host=127.0.0.1;dbname=magicsever', 'root', ''); //attr_errmode set exception $handler->setattribute(pdo::attr_errmode, pdo::errmode_exception); } catch(pdoexception $e) { die("there error connecting database"); } $stmt = $handler->prepare("select * generalusersdata user_id = :userid"); $stmt->bindvalue(':userid', '61', pdo::param_int); $stmt->execute(); while($result = $stmt->fetch()) { echo '<img src="data:image/jpeg;base64,' . base64_encode($result['file_tmp']) . '"/>'; }
you storing temporay filename - not contents.
$file_tmp = addslashes(trim($_files['file']['tmp_name'])); should be
$file_tmp = file_get_contents($_files['file']['tmp_name']);
Comments
Post a Comment