Cant upload and store the image to the database by using php

Question

I try to build an upload image system by using php.After testing it,the system echo out"Image is uploaded",but it doesn't shown in database.Here is my code here

upload.php

<?php
//connect database
include('config.php');

//file properties
 if(isset($_FILES['image'])){
   $file = $_FILES['image']['tmp_name'];
}

if(!isset($file)){
    echo "Please select an image";
}
else{
    $image = addslashes(file_get_contents($_FILES['image']['tmp_name']));
    $image_name =addslashes($_FILES['image']['name']);
    $image_size =getimagesize($_FILES['image']['tmp_name']);

    if ($image_size == FALSE) {
        echo "This is not an image";
    }
    else{
        $insert = "INSERT INTO image(name,picture) VALUES ('$image_name','$image')";

        if(!$insert){
            echo "Problem uploading";
        }
        else {
            $lastid =mysqli_insert_id($con);
            echo "Image Uploaded <p />Your Image :<p /><img src=get.php?id=$lastid>";
        }
    }
}


?>

get.php

<?php
include ('config.php');

$id = addslashes($_REQUEST['id']);

$image = mysqli_query($con ,"SELECT * FROM image WHERE id=$id");
$image = mysqli_fetch_assoc($image);
$image = $image['picture'];

header("Content-type :image/jpeg");
?>

and I clicking the submit button without choosing any files this 2 line of warning is showing up

Warning: file_get_contents(): Filename cannot be empty in upload.php line 14.

line14 is this $image = addslashes(file_get_contents($_FILES['image']['tmp_name']));

Warning: getimagesize(): Filename cannot be empty in in upload.php line 16.

while line 16 is this $image = addslashes(file_get_contents($_FILES['image']['tmp_name']));

Any idea about this?

Answer 1

You need a function to send your query, otherwise you just filled up a string: this:

$insert = "INSERT INTO image(name,picture) VALUES ('$image_name','$image')";

should be followed by this:

mysqli_query($con, $insert);

The warnings are caused by multiple issues with your code. First you are checking whether the file has been uploaded in the wrong way: this

if(isset($_FILES['image'])){
    $file = $_FILES['image']['tmp_name'];
}

Will always set a $file variable, even though no file has been selected into the form, leading therefore to never execute this if statement:

if(!isset($file)){
    echo "Please select an image";
}

and to always execute what's in the else block instead, which causes the errors, because the functions you mentioned, which are contained in this else block, are not able to operate on any file.

Therefore simply checking the file upload correctly will solve the issue: one way to do this would be to first remove this, which is unuseful

if(isset($_FILES['image'])){
    $file = $_FILES['image']['tmp_name'];
}

and then change this:

if(!isset($file)){
    echo "Please select an image";
}

to this:

if(!isset($_FILES['image']['tmp_name'])){
    echo "Please select an image";
}

Answer 2

After line 16 you need to echo the image data.

echo $image;

@ken, here is a function that I use to output the image by setting the correct headers:

    function output_headers($filetype, $imgsize, $filename, $attachment=false)
{
header("Content-Type: {$filetype}");
header("Pragma: public");
header("Cache-Control: public");
header("Cache-Control: must-revalidate");
$offset = 60 * 60 * 24 * 4 -1;
$ExpStr = "Expires: " . gmdate("D, d M Y H:i:s", time() + $offset) . " GMT";
header($ExpStr);
header("Cache-Control: max-age=$offset");
//header("Content-Type: application/octet-stream");
header('Accept-Ranges: bytes');
header("Content-Length: $imgsize");
#insert the filename we want into the image so it can be saved with something
# more meaningful that showimg.jpg. :-)
# 04/03/06
#attachment causes save as to appear, inline serves imbedded image.
if ($attachment)
    header('Content-Disposition: attachment; filename="' . $filename . '"');
else
    header('Content-Disposition: inline; filename="' . $filename . '"');
}

This is part of a php file called showimg.php.jpg

This needs to be saved into a separate directory with the following .htaccess file to get php to handle requests for .jpgs:

AddType application/x-httpd-php .jpg

In this way, the webpage refers to the image <img src='/img/showimg.php.jpg?<add your parameters here>

regards Steve