About the protection: magic_quotes is off for me. That means that I have to protect the data I want to insert because it won't be done automatically
So I don't unserstand Jason who says:
"Additionally, it should be noted that whether you need to use stripslashes()
on data retrieved from the database depends on the setting of
magic_quotes_runtime. The recommended setting is to have it disabled which
means you do not need stripslashes()."
magic_quotes is disabled, so I use addslashes for all my inserts and stripslashes when I retrieve them.
For that picture, I tried using addslashes/stripslashes, mysql_real_escape_string for upload,addslashes only for upload (thanks Mike for the clear explanation about how it is stored, I was always confused about that, and apparently I won't need stripslashes anymore for retrieval :-) ) and nothing.
So I would like to know if somebody has a very basic script for that that he is really using (very basic form just to ensure I can make it work as well), or if somebody can tell me what I'm doing wrong here...
Thanks to everybody!!
From: "Neil Smith [MVP, Digital media]" <php@xxxxxxxxxxxxxxxxxxxxxxxx> To: php-db@xxxxxxxxxxxxx CC: list_php@xxxxxxxxxxxxx Subject: Re: Subject: mysql - image storing Date: Wed, 19 Jan 2005 00:48:39 +0000
No, really really , don't do this. Store the path to the image. You then load the path into PHP and use
header("Content-type: image/jpeg"); readfile($path_from_database); exit;
Then .htaccess the *actual directory* you store the images in so it's hidden from browsing.
Only allow authorised people access to their own images, using a standard authentication system, and retrieve the image filenames they're allowed from the DB, append that to your protected directory path, and use readfile() to pass through the file data directly to the browser.
Really, don't store them in the database ;-)
Cheers - Neil
At 18:59 18/01/2005 +0000, you wrote:Message-ID: <BAY21-F17F19F7A3CEA5F97AB9E7BA78F0@xxxxxxx> From: "mel list_php" <list_php@xxxxxxxxxxxxx> To: php-db@xxxxxxxxxxxxx Date: Tue, 18 Jan 2005 11:30:12 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Subject: mysql - image storing
Hi list,
I try to store/retrieve pictures into MySQL.
I know that a lot of people will say this is not a good practice, so here are briefly my reasons:
-I want to protect that pictures (restricted access)
-I don't want to use htaccess as I want my users to be able to modify their password whenever they want, and I don't want to modify dynamically an htaccess file.
-I could store them on the filesystem (my actual solution), but I have only few pictures, so I would like to give the MySQL option a trial.
_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
