douniuta4783 2018-10-26 16:59
浏览 158

图像上传和操作,然后作为blob存储在DB中失败

I don't get it. Goal as described in Title, i did a multipart-form and simple upload a Image to DB works (!), but...

my next step is to mod the uploaded file. I want to add a Logo. Then my problem begins..

I added a lot of debuginformations and recognised step by step: The binary Image-Data of a simple uploaded File (wich is well saved in the DB!) is different to the binary resulted from imagecopy (wich is not saved in the DB).

So I need some help. Please take a quick look:

<?php  
error_reporting(E_ALL);
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 'On');
ini_set('log_errors', 'On');
ini_set('error_log', 'php-errors.log');

if (! isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $client_ip = $_SERVER['REMOTE_ADDR'];
}else{
    $client_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
$connect = mysqli_connect("mysql..de", "", "", "");  
if(isset($_POST["insert"]))  
{  
    if( isset($_POST["copyrights"]) ){
        $file = addslashes(file_get_contents($_FILES["image"]["tmp_name"]));  
        /*
        // start adding Logo
        $stampfile=getcwd().'/Logo2.jpg';
        $stamp=imagecreatefromjpeg($stampfile);

        $im = imagecreatefromjpeg($_FILES["image"]["tmp_name"]);


        $marge_right = 10;
        $marge_bottom = 10;
        $sx = imagesx($stamp);
        $sy = imagesy($stamp);

        imagecopy($im, $stamp, imagesx($im) - $sx - $marge_right, imagesy($im) - $sy - $marge_bottom, 0, 0, imagesx($stamp), imagesy($stamp));

        $file="";

        ob_start();
        imagejpeg($im,NULL,100);
        $file = ob_get_contents();
        ob_get_clean();
        imagedestroy($im);
        //end adding logo
        */
        echo "file-enght(string/blob):".strlen($file);
        echo $file;
        $query = "INSERT INTO myjoints_images(image,uploadDate,state,ip) VALUES ('$file',UNIX_TIMESTAMP(),NULL,'$client_ip')";  
        if(mysqli_query($connect, $query))  
        {  
            //ok
        }  
    }else{
        echo '<script>alert("Upload fehlgeschlagen! Du musst die Nutzungsvereinbarung akzeptieren!")</script>';  
    }
}  

?>

Results are: If I just upload a Picture, Image is stored in DB, type/size is:

file-enght(string/blob):793506����\0JFIF\0\0`\0`\0\0��-Exif\0\0MM\0*\0\0\0\02\0\0\0\0\0\0\0bGF\0\0\0\0\0\0\0GI\0\0\0\0\0X\0\0��\0\0\0\0\0\0\0v��...

If I run my mod, Image is NOT stored in DB, type/size is:

file-enght(string/blob):551227����JFIF``��a]�|����F�2��,6�As����@�ط���U�Lq�T�Dy8Vf<4(A�P˴0� �'�;#)�~h�T!e����gE1+!C;yk�r���>zū+�k�ҍ��+�������m8��iGh��m-9yU���j��{7�z���...

I uploaded every time the same picture.

  • 写回答

2条回答 默认 最新

  • dsf6281 2018-10-26 19:41
    关注

    You cannot escape data for database storage using addslashes(). Use prepared statements instead.

    Something like this should work, though there are issues with storing large amounts of data using the old mysqli extension. PDO is a better and more modern way to go.

    if (! isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $client_ip = $_SERVER['REMOTE_ADDR'];
}else{
    $client_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
$connect = new mysqli("host", "username", "password", "database");  
if(isset($_POST["insert"]))  
{  
    if( isset($_POST["copyrights"]) ){
        // start adding Logo
        $stampfile = './Logo2.jpg';
        $stamp = imagecreatefromjpeg($stampfile);
        $im = imagecreatefromjpeg($_FILES["image"]["tmp_name"]);
        $mr = 10;
        $mb = 10;
        $sx = imagesx($stamp);
        $sy = imagesy($stamp);
        imagecopy($im, $stamp, imagesx($im) - $sx - $mr, imagesy($im) - $sy - $mb, 0, 0, imagesx($stamp), imagesy($stamp));

        // output and destroy the image before getting buffer to ensure we get everything
        ob_start();
        imagejpeg($im, null, 100);
        imagedestroy($im);
        $file = ob_get_clean();

        $sql = "INSERT INTO myjoints_images(image,uploadDate,state,ip) VALUES (?,UNIX_TIMESTAMP(),NULL,?)";
        // of course you should check these statements for successful execution
        $stmt = $connect->prepare($sql);
        $stmt->bind_param("bs", $file, $client_ip);
        $stmt->execute();
    }else{
        echo '<script>alert("Upload fehlgeschlagen! Du musst die Nutzungsvereinbarung akzeptieren!")</script>';  
    }
}
    评论

报告相同问题?

悬赏问题

  • ¥15 使用ue5插件narrative时如何切换关卡也保存叙事任务记录
  • ¥20 软件测试决策法疑问求解答
  • ¥15 win11 23H2删除推荐的项目,支持注册表等
  • ¥15 matlab 用yalmip搭建模型,cplex求解,线性化处理的方法
  • ¥15 qt6.6.3 基于百度云的语音识别 不会改
  • ¥15 关于#目标检测#的问题:大概就是类似后台自动检测某下架商品的库存,在他监测到该商品上架并且可以购买的瞬间点击立即购买下单
  • ¥15 神经网络怎么把隐含层变量融合到损失函数中?
  • ¥15 lingo18勾选global solver求解使用的算法
  • ¥15 全部备份安卓app数据包括密码,可以复制到另一手机上运行
  • ¥20 测距传感器数据手册i2c