Upload images via form and insert data into MySQL database
I've never had to do this before, and now that I'm trying, I can't seem to figure it out.
I have a site where users can register, and create a profile. I'm trying to add the ability for them to upload an image of themself, to store into their row in the database, which has a unique ID of "customerid".
I've found a bunch of really cool AJAX uploaders, but none of them seem to insert the data into the MySQL database, they just upload the file to a directory you set, which seems like only half the battle.
Can someone point me in the right direction? I don't necessarily need AJAX, just need to be able to allow people to upload an image, store it in the MySQL database, and then pull that data from the database, to display on their profile page.
AJAX - Lesson 11 - AJAX Guestbook (23/8/08)
C++ - Lesson 10 - Classes (24/8/08)
JavaScript - Lesson 03 - The DOM (24/8/08) Need an AJAX app? Look no further, I'm available for work
I'd never store an image into a database, that's complete waste of space. Always store the image in a directory, but store the image information in a database, that way you can always access the image, but don't have to run heavy tasks when getting the image information.
__________________
"Good judgement comes from experience, and experience comes from bad judgement." - Fred Brooks
Unreal Ed, can you point me in the right direction?
The more I read, the more I agree with you. I've figured out how to get the images to upload to the directory I specify, but can't figure out how to insert that filename into the database, in accordance with that specific user's data.
I suppose only registered users can upload an image, so basically you know how an image is related to the user that uploads the image. You're probably keeping track of the user through sessions as well.
Here's a simple option: after uploading the image, and moving it to the designated directory, you have to store the filename in the database. You already know the filename, as this is either the name of the file on the user's computer (accessible through $_FILES['my_file']['name']), or you created a name through your script (just keep track of it).
Suppose you have a table like this in your database:
Code:
CREATE TABLE `images` (
`id` MEDIUMINT NOT NULL PRIMARY KEY AUTO_INCREMENT,
`user_id` MEDIUMINT NOT NULL,
`image_name` CHAR 32 NOT NULL
) ENGINE=InnoDB AUTO_INCREMENT=0;
Now all you have to do is store the user id and the filename into that table, and the job is done. Whenever you feel like grabbing that user's image, you just have to get his id, and there's the filename
__________________
"Good judgement comes from experience, and experience comes from bad judgement." - Fred Brooks
// Check to see if the type of file uploaded is a valid image type function is_valid_type($file) { // This is an array that holds all the valid image MIME types $valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif");
if (in_array($file['type'], $valid_types)) return 1; return 0; }
// Just a short function that prints out the contents of an array in a manner that's easy to read // I used this function during debugging but it serves no purpose at run time for this example function showContents($array) { echo "<pre>"; print_r($array); echo "</pre>"; }
// Set some constants
// This variable is the path to the image folder where all the images are going to be stored // Note that there is a trailing forward slash $TARGET_PATH = "images/";
// Build our target path full string. This is where the file will be moved do // i.e. images/picture.jpg $TARGET_PATH .= $image['name'];
// Make sure all the fields from the form have inputs if ( $fname == "" || $lname == "" || $image['name'] == "" ) { $_SESSION['error'] = "All fields are required"; header("Location: index.php"); exit; }
// Check to make sure that our file is actually an image // You check the file type instead of the extension because the extension can easily be faked if (!is_valid_type($image)) { $_SESSION['error'] = "You must upload a jpeg, gif, or bmp"; header("Location: index.php"); exit; }
// Here we check to see if a file with that name already exists // You could get past filename problems by appending a timestamp to the filename and then continuing if (file_exists($TARGET_PATH)) { $_SESSION['error'] = "A file with that name already exists"; header("Location: index.php"); exit; }
// Lets attempt to move the file from its temporary directory to its new home if (move_uploaded_file($image['tmp_name'], $TARGET_PATH)) { // NOTE: This is where a lot of people make mistakes. // We are *not* putting the image into the database; we are putting a reference to the file's location on the server $sql = "insert into people (fname, lname, filename) values ('$fname', '$lname', '" . $image['name'] . "')"; $result = mysql_query($sql) or die ("Could not insert data into DB: " . mysql_error()); header("Location: images.php"); exit; } else { // A common cause of file moving failures is because of bad permissions on the directory attempting to be written to // Make sure you chmod the directory to be writeable $_SESSION['error'] = "Could not upload file. Check read/write persmissions on the directory"; header("Location: index.php"); exit; } ?>
I hope it will help you ...
Last edited by UnrealEd; 03-24-09 at 03:56 AM.
Reason: fixed code tags
I tried to get kOe's script to work, but couldn't. It just kept not accepting whatever file name I put into it.
I'm stumped here. I've tried a number of "scripts" online, which all work perfectly and upload the file, but I can't get them to insert the filename into the database, for that specific customerid.
The INSERT into statement works with the variables, but not when I add WHERE customerid=$customerid. It then fails.
UnrealEd, can you provide some more details on the method you mentioned above?
This isn't a deal breaker if I can't get it to work. It'd be nice, but the client can live without out. Any suggestions or help would be appreciated.
Linear Mode
