Home Accessibility Courses Twitter The Mouth Facebook Resources Site Map About Us Contact
For 2023 - we are now fully retired from IT training.
We have made many, many friends over 25 years of teaching about Python, Tcl, Perl, PHP, Lua, Java, C and C++ - and MySQL, Linux and Solaris/SunOS too. Our training notes are now very much out of date, but due to upward compatability most of our examples remain operational and even relevant ad you are welcome to make us if them "as seen" and at your own risk.

Lisa and I (Graham) now live in what was our training centre in Melksham - happy to meet with former delegates here - but do check ahead before coming round. We are far from inactive - rather, enjoying the times that we are retired but still healthy enough in mind and body to be active!

I am also active in many other area and still look after a lot of web sites - you can find an index ((here))
Upload Image, Store in database, redisplay in browser. PHP and MySQL

If you have just a few images that you want to display on your web site, keep them as regular files on your server. But if you've thousands, it's better to keep them in a database and server them via a script - such as a PHP script. And if you're dealing with thousands of images, you probably want to upload them via a web form or let you users do so. One of the most popular demonstrations / solutions on our site is a complete example that shows you all the stages combined - it's [here]. But although the code is not long, there's a lot happening - so earlier today (during a PHP Techniques Workshop), I [re]wrote each of the stages as a separate script.

1. To upload a file (and store it on the server as a regular file) - see [here]; source will display in separate window.

2. To place the uploaded file into a database table - see [here]; source will display in separate window.

3. To read the image data from the database and send it to the browser - see [here]; source will display in separate window.

Notes ....

Script 1, 1: The Image Upload needs to be an input box type "file", to use a hidden field giving a maximum length called "MAX_FILE_SIZE", to use the "POST" method, and to use "multipart/form-data" encoding.

Script 1, 2: I have chosen to use a hidden field called "rocket" with a data value "scientist" to check whether the page has been accessed from the completed form (and has an image uploaded) or not.

Script 1, 3: In order for this script to work, your PHP must be configured to allow uploads and have the temporary upload directory existing. That's not usually an issue if you're running a default server on Linux or Unix, but it may need setting up in php.ini and the directory may need creating if your server is running Windows.

Script 1, 4: The directory / file that you move the uploaded file to also needs to be writeable on the server.

Script 2, 1: Before you save to a MySQL database, you'll need to have the database installed, running and accessible to you.

Script 2, 2: If you use a copy of my script, you'll need to change the login user name and password and possibly the host in the mysql_connect call (the latter will probably be localhost).

Script 2, 3: My example requires the database to exist already, but it will create the table for you the first time it's run - it actually attempts to create the table every single time and fails silently if it already exists.

Script 2, 4: I have created an extra field that's unused in the database called "authorised" - this is to demonstrate how and where extra fields associated with the data would go

Script 2, 5: Rather than using mysql_connect, I could have used mysqli_connect; rather than using fread, I could have used file_get_contents ... there are plenty of alternative functions in PHP and you should use whichever is most appropriate for you.

Script 2, 6: Once a picture has been stored in my database, I have deleted the original file from the disc. That way, it avoids accidentally storing lots of copies in this simple demonstration.

Script 3, 1: The database access needs to be set up in this script just like in script (2) [use an include or require file and do it just once in a live application!]

Script 3, 2: You must not have a blank line or even a single space before the <?php - if you do, you'll get an error message rather than an image output. Similarly, no trailing blanks please!

Script 3, 3: The script will ONLY display one image - no text or anything else. If you want to display the image within a complete web page, you'll need to call it up from that page via an <img src=.....> tag.

You can run the three stages on our server - [here], [here] and [here].

Important note on security issues

By allowing uploads which are not password / login protected, you are opening your hosting to any content that anyone wants to add. And there are a lot of people who would love you to host and serve content that breaks a variety of laws - copyright, decency, incitement, discrimination, libel, etc ... or illustrates views that you don't share. You MUST consider these aspects as you provide such a script.

The most practical and common way of setting up an image upload feed which is not an "open" one is to only allow uploaded by authorized users, using a cookie based login system. In some instances, you may want each image to go through a separate authorization process before you'll serve it, even after it has been uploaded. That's what the illustrative extra field in my database might be used for.

Other General Notes

By using Apache mod_rewrite, you'll be able to access the third script - or variants of it - using a URL that ends in .jpg, and you'll even be able to pass in the part of the URL that looks like the file name to the script so that you can use it to identify the record from which you want to read back the image.

Rather than using MySQL, you could use SqLite or another database if it were more appropriate; MySQL is very good, but there are questions as to whether it's current dominance is justified, or is a good thing in the long term.

The PHP display script may be easily extended to "watermark" images, "thumbnail" them, refuse to serve them if they're being called in from a hotlinking site, select a random image, etc.

We have a further example - "putting it all in one" in our solution centre - [here].

You'll be seeing from even this article and the three tiny scripts that it references just how much is involved in image upload, and also the critical security considerations. The primary course we cover this subject on is our PHP Techniques workshop which is suitable for delegates with prior PHP experience; if you're new to PHP, you should attend either Learning to program in PHP or PHP Programming first.

This article is illustrated by random images from our databases, using an extended version of the third script in the series

Do you want help implementing an upload / store in database / access system such as this article illustrates? If you do - if you're having problems and you're badly stuck - you should really come on a course. It's not practical for me to teach you all about PHP and MySQL via a series of questions and answers. But if you're nearly there and you just need a final query or two sorting out, please get in touch. For folks I already know (e.g. past delegates) I can probably help via a couple of technical emails; for others, I can arrange to spend an hour or two with you one evening to help you out in person. That needs to be at our training centre in Melksham, Wiltshire - I won't charge for my time in a first instance, but you'll need to stay over if you don't live in Wiltshire so it will cost you the price of a hotel room at our training centre [details].

(written 2010-08-12, updated 2010-08-20)

Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
H304 - PHP - DDA, Style and image handling
  [806] Check your user is human. Have him retype a word in a graphic - (2006-07-17)
  [1506] Ongoing Image Copyright Issues, PHP and MySQL solutions - (2008-01-14)
  [2031] Choosing from an image with an image map - (2009-02-08)
  [2343] World Flags in your PHP pages - (2009-08-10)
  [2539] Changing Images - (2009-12-17)
  [2715] Uploading an image, document or pdf via a browser (php) - (2010-04-10)
  [3747] An easy way to comply with the new cookie law if your site is well designed - (2012-06-02)

Back to
Testing the robustness of our hotel and training systems - holiday and sickness times
Previous and next
Horse's mouth home
Forward to
Downloading a report from the web for further local analysis
Some other Articles
Does copying a variable duplicate the contents?
Sorting - naturally, or into a different order
London to Calne, Corsham, Melksham, Bradford-on-Avon, Chippenham by public Transport
Downloading a report from the web for further local analysis
Upload Image, Store in database, redisplay in browser. PHP and MySQL
Testing the robustness of our hotel and training systems - holiday and sickness times
Looking up a value by key - associative arrays / Hashes / Dictionaries
Older picture.
Six languages in one file - an HTML++ web page
Predictions for the seagull population
4759 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96 at 50 posts per page

This is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.

Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).

You can Add a comment or ranking to this page

© WELL HOUSE CONSULTANTS LTD., 2023: 48 Spa Road • Melksham, Wiltshire • United Kingdom • SN12 7NY
PH: 01144 1225 708225 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho

PAGE: http://www.wellho.net/mouth/2917_Upl ... MySQL.html • PAGE BUILT: Sun Oct 11 16:07:41 2020 • BUILD SYSTEM: JelliaJamb