FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » is mysqli_real_escape_string bullet proof with binary data?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: is mysqli_real_escape_string bullet proof with binary data? [message #182287 is a reply to message #182278] Sat, 27 July 2013 14:36 Go to previous messageGo to previous message
The Natural Philosoph is currently offline  The Natural Philosoph
Messages: 993
Registered: September 2010
Karma:
Senior Member
On 27/07/13 14:28, Luuk wrote:
> On 27-07-2013 13:08, The Natural Philosopher wrote:
>> On 27/07/13 10:45, Luuk wrote:
>>> On 27-07-2013 11:31, The Natural Philosopher wrote:
>>>> The target is to create and store thumbnail PNG images in a Mysql
>>>> table.
>>>> Also any tips on actually getting the thumbnail data into a variable -
>>>> which package is recommended? I've always used GD, but never been 100%
>>>> happy with it
>>>>
>>>
>>> As far as the subject goes, i would say:
>>> DO NOT TOUCH binary data.....
>>>
>>> Simply store it, or not, in your database.....
>> Well exactly. the question is how to get it in there reliably using the
>> PHP API.
>>
>>
>
>
> When reading file contents, i see no need to do a mysqli_real_escape.
>
> <?php
> $link = mysqli_connect("localhost","test","test","test") or
> die("Error " . mysqli_error($link));
>
> $query = "CREATE TABLE `testpng` ( `id` int(11) NOT NULL
> AUTO_INCREMENT, `image` blob, PRIMARY KEY (`id`))";
> $result = $link->query($query);
>
> if (!$result) { echo "Could not create table....\n"; exit; } else {
> $stmt = $link->prepare("INSERT INTO testpng (image) VALUES (?)");
> $file = file_get_contents('upArrow.png');
> echo "Size before: ".strlen($file)."<br>\n";
> $stmt->bind_param('s', $file);
> $stmt->execute();
> printf("%d Row inserted.\n", $stmt->affected_rows);
> $stmt->close();
>
> $stmt = $link->query("SELECT image FROM testpng;");
> $row = $stmt->fetch_object();
> $file = $row->image;
> echo "Size before: ".strlen($file)."<br>\n";
> }
> ?>
...and hope that the file 'upArrow.png' does not contain a ['] or three?

--
Ineptocracy

(in-ep-toc’-ra-cy) – a system of government where the least capable to lead are elected by the least capable of producing, and where the members of society least likely to sustain themselves or succeed, are rewarded with goods and services paid for by the confiscated wealth of a diminishing number of producers.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Major trouble with PhpDocumentor
Next Topic: Education Path to become a PHP developer using free online courses
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Nov 22 03:35:58 GMT 2024

Total time taken to generate the page: 0.04325 seconds