Viewing images stored in a database

Ok, I've written this script which is supposed to take an image
uploaded by a user and put it in to a database, then at a later date
be able to extract the image from the database and display the image
to the user.

The problem is that whenever I try to display the image, all I get is
an error message that the image contains errors. Can anyone tell me
where or why these errors might be coming up? Here is my script (I'm
pretty sure it's all there):


<?
include("header.inc");
if (!isset($_SESSION['username']) or ($_SESSION['username'] ==
"Guest")) {
header ("Location: ../index.php");
}
dbconnect();



if($id) {

$query = "select mimetype, data from files where id = $id";
$result = mysql_query($query);

$data = mysql_result($result,0,"data");
$type = mysql_result($result,0,"mimetype");

Header( "Content-type: $type");

$size = 150; // new image width
$src = imagecreatefromstring($data);
$width = imagesx($src);
$height = imagesy($src);
$aspect_ratio = $height/$width;

if ($width <= $size) {
$new_w = $width;
$new_h = $height;
} else {
$new_w = $size;
$new_h = abs($new_w * $aspect_ratio);
}

$img = imagecreatetruecolor($new_w,$new_h);
imagecopyresized($img,$src,0,0,0,0,$new_w,$new_h,$ width,$height);

// determine image type and send it to the client
if ($type == "image/pjpeg") {
imagejpeg($img);
} else if ($type == "image/jpeg") {
imagejpeg($img);
} else if ($type == "image/x-png") {
imagepng($img);
} else if ($type == "image/gif") {
imagegif($img);
}
imagedestroy($img);

}

if (isset($_POST['submit'])) {
if (isset($blob_name)) {

if(!$blob_id = upload($blob, $blob_type, $blob_name,
NULL, $_SESSION['username'])) {
echo "Error uploading file";
} else {
echo "File uploaded";
}
}
}

echo"
<form method=POST action=$PHP_SELF
enctype=multipart/form-data>
<p>File to upload:<br>
<input type=file name=blob>
<input type='submit' name='submit' value='Upload'>
</form>
";
echo "<p></p>";
if ($data = getInfo()) {

echo '<table border="0" align="center">
<tr bgcolor="#bad1d1">
<td>File Name</td>
<td><center>File Size</center></td>
<td><center>Mime Type</center></td>
<td><center>Checksum</center></td>
<td><center>Extension</center></td>
<td><center>Uploader</center></td>
<td><center>Date</center></td>
<td><center>Option</center></td>
</tr>
';
for ($i=0; $i<count($data); $i++) {
echo '
<tr bgcolor=#CCCCCC>
<td><a
href="index.php?id='.$data[$i]["id"].'">'.$data[$i]["file_name"].'</a></td>
<td>'.$data[$i]["file_size"].'</td>
<td>'.$data[$i]["mimetype"].'</td>
<td>'.$data[$i]["checksum"].'</td>
<td>'.$data[$i]["extension"].'</td>
<td>'.$data[$i]["uploader"].'</td>
<td>'.$data[$i]["date"].'</td>';
if ($_SESSION["username"] == $data[$i]["uploader"] ||
$_SESSION["level"] == "admin") {
echo '<td><a
href="index.php?id='.$data[$i]["id"].'">Delete</a></td>';}
echo '</tr>
';
}
echo '</table>';
echo '<br>';
echo 'Number of files: ';
echo blobcount();
echo '<br>';
}


?>


<?
function upload($blob, $blob_type, $blob_name, $blob_id = 0,
$uploader) {
if ($blob_id < 1) {
return add($blob, $blob_type, $blob_name, $uploader);
} else {
return update($blob_id, $blob, $blob_type, $blob_name,
$uploader);
}
}

function add($blob, $blob_type, $blob_name, $uploader) {
if ($blob_id = dbinsert("INSERT INTO files (id, file_name,
data, file_size, mimetype, extension, checksum, uploader, date) VALUES
('', '".$blob_name."', '".prepareFile($blob)."',
'".filesize($blob)."', '".$blob_type."',
'".getExtension($blob_name)."', '".generate_sfv_checksum($blob)."',
'".$uploader."', NOW())")) {
return $blob_id;
} else {
echo 'Error adding file';
return false;
}
}

function generate_sfv_checksum($blob) {
$sfv_checksum =
strtoupper(dechex(crc32(file_get_contents($blob))) );
return $sfv_checksum;
}

function getExtension($filename) {
return ereg( ".([^\.]+)$", $filename, $r ) ? $r[1] : "";
}

function prepareFile($blob) {
$blob = addslashes(fread(fopen($blob, "rb"),
filesize($blob)));
$blob = base64_encode($blob);
return $blob;
}

function getInfo($ID = false) {
if ($ID) {
return dbselect("SELECT id, mimetype, extension,
file_size, checksum, file_name, uploader, date FROM files WHERE id =
'".$ID."'");
} else {
return dbselect("SELECT id, mimetype, extension,
file_size, checksum, file_name, uploader, date FROM files");
}
}
?>

--Plex

On Sat, 21 Aug 2004 02:37:59 -0700, Plex <invalid@thisisfake.com> wrote:

>Ok, I've written this script which is supposed to take an image
>uploaded by a user and put it in to a database, then at a later date
>be able to extract the image from the database and display the image
>to the user.
>
>The problem is that whenever I try to display the image, all I get is
>an error message that the image contains errors. Can anyone tell me
>where or why these errors might be coming up? Here is my script (I'm
>pretty sure it's all there):
>
>
>if($id) {
>
> $query = "select mimetype, data from files where id = $id";
> $result = mysql_query($query);
>
> $data = mysql_result($result,0,"data");
> $type = mysql_result($result,0,"mimetype");
>
> Header( "Content-type: $type");
>
> $size = 150; // new image width
> $src = imagecreatefromstring($data);
>
[snip]

>function prepareFile($blob) {
> $blob = addslashes(fread(fopen($blob, "rb"),
>filesize($blob)));
> $blob = base64_encode($blob);

As far as I can see, if you remove this line then the rest looks OK. For some
reason you're trying to use base64 encoded data as if it were the original raw
data; if you're uploading into a BLOB field you don't need this step.

> return $blob;
>}

--
Andy Hassall / <andy@andyh.co.uk> / <http://www.andyh.co.uk>
<http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool

On Sat, 21 Aug 2004 11:43:50 +0100, Andy Hassall <andy@andyh.co.uk>
wrote:

>On Sat, 21 Aug 2004 02:37:59 -0700, Plex <invalid@thisisfake.com> wrote:
>
>>Ok, I've written this script which is supposed to take an image
>>uploaded by a user and put it in to a database, then at a later date
>>be able to extract the image from the database and display the image
>>to the user.
>>
>>The problem is that whenever I try to display the image, all I get is
>>an error message that the image contains errors. Can anyone tell me
>>where or why these errors might be coming up? Here is my script (I'm
>>pretty sure it's all there):
>>
>>
>>if($id) {
>>
>> $query = "select mimetype, data from files where id = $id";
>> $result = mysql_query($query);
>>
>> $data = mysql_result($result,0,"data");
>> $type = mysql_result($result,0,"mimetype");
>>
>> Header( "Content-type: $type");
>>
>> $size = 150; // new image width
>> $src = imagecreatefromstring($data);
>>
>[snip]
>
>>function prepareFile($blob) {
>> $blob = addslashes(fread(fopen($blob, "rb"),
>>filesize($blob)));
>> $blob = base64_encode($blob);
>
> As far as I can see, if you remove this line then the rest looks OK. For some
>reason you're trying to use base64 encoded data as if it were the original raw
>data; if you're uploading into a BLOB field you don't need this step.
>
>> return $blob;
>>}

I took out that line (I think it's a remnant from when I was trying
something else to get it to work), and uploaded another picture. This
time I also put in a couple lines to output the data receive from the
database into a file, so I could check if the data was somehow getting
corrupted.

Taking out that encode line, the file output worked (images uploaded
with it didn't). However, even thought the file output worked, I am
still getting the error message about the file containing errors, so I
think the problem may be somewhere in processing and outputting the
data, but I don't know enough about the image functions to know where
the problem might be (or if they're even the problem).

--Plex