I upload an image file using a form, i read the temporary file's contents into a string, check the length with strlen() and get 17857 bytes. I then escape the string with mysql_real_escape_string() and check the length again, this time it's 18743 bytes. I add the string into a query, process it with no error. Then later, I try to download the file from the database, the download occurs without error, but I get an empty image. I check the database, and the size of the MEDIUMBLOB entry is... 17408 bytes???????? How can that even be possible? This seems to occur for all other uploads as well. To make matters even stranger, I don't get the same on my local test server - it works fine, and both servers use UTF8. What's going on? Anybody have a clue?
You'll have to show us your code if we are going to be able to help you much. I'm guessing there is some sort of php 4 vs 5 issue going on if it works on one server and not the other. Do you know the versions of php and mysql that are running on your dev and production servers?
Try viewing the source to see what is missing from the original file. Is it from the beginning or the end?
I think you dont need escape file, just encode file with base64 and save it on db, when u want output it, use base64 decode!
Both thumbs up, silotka, that did the trick Thanks. Still, this phenomenon (as I like to call them) is a mystery, so I'll give the details anyway: Aa far as the files are considered, there is no consistency to where the differences occur (I checked that with a script). It seems almost as if the files are completely different with only occasional matches of some bytes. My server: PHP 5.2.4 Apache 1.3.35 MySQL 4.1.19-community-nt Target server: PHP 5.2.0 Apache 2.0 MySQL 5.0.32-Debian_7etch8-log Source code: if($_FILES[$input_name]['error'] > 0) switch($_FILES[$input_name]['error']): case 1: case 2: $error = 'The file is too big.'; break; case 3: case 4: $error = 'Unknown error.'; break; default: $error = 'No file specified.'; break; endswitch; if( !isset($error) && ($_FILES[$input_name]['size'] > 16777216) ) $error = 'The file is too big.'; if( !isset($error) ): $rez = @getimagesize($_FILES[$input_name]['tmp_name']); if(!@is_array($rez)): $error = 'Invalid image.'; break; endif; if( ($rez[2] != IMAGETYPE_JPEG) && ($rez[2] != IMAGETYPE_PNG) && ($rez[2] != IMAGETYPE_GIF) ) $error = 'Only .jpg, .gif and .png images are allowed.'; break; endif; if(!isset($error)): $bulk = file_get_contents($_FILES[$input_name]['tmp_name']); $name = $_FILES[$input_name]['name']; $type = $_FILES[$input_name]['type']; $size = $_FILES[$input_name]['size']; MySQL_save_file($db, $account_id, $name, $type, $bulk, $size); endif; ... function MySQL_save_file($db, $account_id, $name, $type, $bulk, $size){ $bulk = mysql_real_escape_string($bulk, $db); if(!get_magic_quotes_gpc()) $name = mysql_real_escape_string($name, $db); $query = "INSERT INTO account_files(account_id, name, type, bulk, size) "; $query.= "VALUES('".$account_id."', '".$name."', '".$type."', '".$bulk."', ".$size.");"; @mysql_query($query, $db) or die(mysql_error($db)); } ... $query = "SELECT name, type, bulk, size FROM wnioski_dane_cyfrowe WHERE account_id = '".$account_id."';"; $qresult = @mysql_query($query, $db) or die(mysql_error($db)); if(@mysql_num_rows($qresult) > 0): $row = @mysql_fetch_array($qresult); header("Content-length: ".$row['size']); header("Content-type: ".$row['type']); header("Content-Disposition: attachment; filename=\"".$row['name']."\""); echo $row['bulk']; endif; @mysql_free_result($qresult); PHP:
lmao is right... because you remove some chars with mysql_real_escape_string() ... and then of course you get an error because some parts/chars of the image code are missing... because mysql_real_escape_string() removes them. :S just use addslashes when you insert it into mysql and then when you select/read it from mysql use stripslashes to set it back to how it was.