What you have described is a problem with how you are trying to insert the raw binary data into the database. When you say it works as base64, that is because base64 generally won't have a single-quote character in it which would break the sql query you show you are using.
To escape the value using those old
mysql_* functions, you would use
Please do not use that old mysql method!
You should migrate to mysqli which has been around for many years (your server should support it). Since it looks like your DB_CONNECT method is built around the old mysql, you will have to restructure that for mysqli. Its not too difficult.
I can provide you with an example of how to do the mysqli insert using a safely prepared statement:
$mysqli = new mysqli("localhost", "my_user", "my_password", "db_name");// db connect $stmt = $mysqli->prepare("INSERT INTO Memories (username, drinkName, caption, photo) VALUES(?,?,?,?)"); $stmt->bind_param("ssss", $username, $drinkName, $caption, $photo); $stmt->execute();
This treats the last value as a straight passthrough as a 'string' into your
MEDIUMBLOB field to be inserted safely (as well as safely handle the other three variables protecting you from sql injection attacks).
An alternate way to send binary data in, in packets, is this method:
$mysqli = new mysqli("localhost", "my_user", "my_password", "db_name");// db connect $stmt = $mysqli->prepare("INSERT INTO Memories (username, drinkName, caption, photo) VALUES(?,?,?,?)"); $null = NULL; // this is just a holder to bind on $stmt->bind_param("sssb", $username, $drinkName, $caption, $null); // note the 'b' $stmt->send_long_data(3,$photo); // 3 indicates the 4th bound variable $stmt->execute();
- If your images are bigger than the
max_allowed_packetof mysql, you will run into some errors in that regard.
- If your field is a BLOB it would only hold an image < 64kb. If its MEDIUMBLOB it will hold a 16mb image, but you risk run over
- If you run over the packet issue, you would need to build a packet loop to pass smaller chunks through the