Metropolitan State University

ICS 325

Building Services on the Internet

 

Using File Upload in PHP and Storing Images in MySQL

(Linux Redhat 7.1)

 

1.      Uploading files – see also Chapter 16

 

Log onto redhat.ics.metrostate.edu using your loginid and password given in class.

 

$ cd

$ cd public_html

$ mkdir uploads

$ chmod a+rw uploads

$ mkdir lab21

$ cd lab21

 

§           Edit the following file with the name as “loadfile.php” using pico:

 

<?php

function myUpload() {

     print "The myUpload function has been called!<br>";

     print "The temporary file name is ".$_FILES['aFile']['tmp_name'];

     if (is_uploaded_file($_FILES['aFile']['tmp_name'])) {

         $fileName = $_FILES['aFile']['tmp_name'];

         print "<br>The file $fileName was uploaded successfuly";

         $realName = $_FILES['aFile']['name'];

         print "<br>The real file name is $realName";

         print "<br>Copying file [$realName] to the uploads-directory";

 

move_uploaded_file($_FILES['aFile']['tmp_name'],

"/home/student/f04325/f04325??/public_html/uploads/".

$realName);

     }

     else {

print"<br>Possible a file upload attack:".

$_FILES['aFile']['name'].".";

     }

}

?>

<html>

<body>

<?php

// Check to see if the upload button has been pressed

if ($_REQUEST['task'] == "uploadfile") {

        myUpload();     // call the function myUpload()

}

?>

<form enctype="multipart/form-data"  method="POST"

action="loadfile.php?task=uploadfile">

File Name: <INPUT TYPE="FILE" NAME="aFile" SIZE="35"><br>

<input type="hidden" name="MAX_FILE_SIZE" value="2000000"><br>

<input type="submit" value="Upload" name="B1">

Please wait for confirmation

</form>

<a href=loadfile.php>Clean screen!</a>

</body>

</html>   

  

§           Invoke the script using the following link,

http://redhat.ics.metrostate.edu/~f04325??/lab21/loadfile.php

 

 

2.      Storing and retrieving Images or Binary Data in MySQL

 

Storing and retrieving Images or Binary Data in MySQL is a three-step process.  First you need to upload the file into the database.  Then you will need to convert a standard php page as an image, then you will call that page with some argument to get the image that you want from the database.

 

a.      First we need to Create a database Table for storing binary data (images).

 

§         Log onto "redhat.ics.metrostate.edu" using your class account, then do the following:

$ mysql –u f04325?? -p

$ Enter Password:

$ use f04325??

 

§         Create a new table with the following lines:

     

CREATE TABLE binary_data(

   id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,

   description VARCHAR(50),

   bin_data longblob,

   filename VARCHAR(50),

   filesize VARCHAR(50),

   filetype VARCHAR(50)

);

 

b. Log onto redhat.ics.metrostate.edu using your loginid and password given in class.

 

$ cd

$ cd public_html

$ cd lab21

 

§           Create the file that will upload the images.

§           Edit the following file with the name as “loadImage.php” using pico:

 

<html>

<head><title>Store binary data into SQL Database</title></head>

<body>

 

<?php

 

if ($submit) {

    $dbcn = mysql_connect("localhost","f04325??","your db password");

    mysql_select_db("f04325??",$dbcn);

 

    $data = addslashes(fread(fopen($form_data, "r"),

filesize($form_data)));

    $sql="INSERT INTO binary_data VALUES

(NULL,'$form_description','$data','$form_data_name',

'$form_data_size','$form_data_type')";

    echo $query;

    $result=mysql_query($sql,$dbcn);

 

    $id= mysql_insert_id();

    print "<p>This file has the following Database ID: <b>$id</b>";

 

    mysql_close();

} else {

 

?>

 

<form method="post" action="<?php echo $PHP_SELF; ?>"

enctype="multipart/form-data">

      File Description:<br>

      <input type="text" name="form_description"  size="40">

      <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="1000000">

      <br>File to upload/store in database:<br>

      <input type="file" name="form_data"  size="40">

      <p><input type="submit" name="submit" value="submit">

</form>

 

<?php

}

?>

 

</body>

</html>

 

§           Invoke the script to upload pictures using the following link,

http://redhat.ics.metrostate.edu/~f04325??/lab21/loadImage.php

 

 

c.  Log onto redhat.ics.metrostate.edu using your loginid and password given in class.

 

$ cd

$ cd public_html

$ cd lab21

 

§           Create the php file that will transform to an image.

§           Edit the following file with the name as “image.php” using pico:

 

<?php

if(isset($id)) {

 

    $dbcn = mysql_connect("localhost","f04325??","your db password");

 

    @mysql_select_db("f04325??", $dbcn);

 

    $sql = "SELECT bin_data, filetype FROM binary_data WHERE id= $id";

    $rs = @mysql_query($sql,$dbcn);

 

    $data = mysql_result($rs,0,"bin_data");

    $type = mysql_result($rs,0,"filetype");

    mysql_close();

    Header( "Content-type: $type");

    echo $data;

}

?>

 

 

 

d. Log onto redhat.ics.metrostate.edu using your loginid and password given in class.

 

$ cd

$ cd public_html

$ cd lab21

 

§           Create the file that will display the images from the database.

§           Edit the following file with the name as “getImage.php” using pico:

 

 

<?php

  if(isset($id)){

    echo "<img src=image.php?id=$id />";

  }

  else{

    $dbcn = mysql_connect("localhost","f04325??","your db password");

    @mysql_select_db("f04325??", $dbcn);

    $sql = "SELECT id, filename FROM binary_data";

    $rs = @mysql_query($sql,$dbcn);

    while($row = mysql_fetch_array($rs)){

      echo "<a href=getImage.php?id=" .$row["id"] ." border=0>

<img src=image.php?id=" .$row["id"] ." width=100 height=80 />

</a><p />";

    }

    mysql_close();

  }

?>

 

§           Invoke the script using the following link,

http://redhat.ics.metrostate.edu/~f04325??/lab21/getImage.php