I am storing an image as a longblob in MYSQL. I would like to know how
I can display the image in my form in PHP since the image is stored as
ascii in the MySQL table.

anu wrote:
> I am storing an image as a longblob in MYSQL. I would like to know how
> I can display the image in my form in PHP since the image is stored as
> ascii in the MySQL table.

If its a longblob, it wont be in ASCII...

You display in two stages

You need an IMG statement that references a php program that can send 
the image.

e.g. I have this..

printf("<IMG border=\"0\" src=\"send_picture.php?id=%d\" alt=\"%s\">",
	$id,(mysql_result($result,$i,'picture_filename')=="")?"
		No Image":$name);

where the picture is stored in a table (product) blob along with its name.

The actual record ID is passes to send_picture.php.
This is the code in that script.

The file lib.php contains general authentication and database code.

The mimelib.php is really just to have the function get_mime, which in 
my case simply reads the mime type from the linux list of mime types.


send_picture.php
================

<?php
include('lib.php');
include('mimelib.php');
open_database(); // ready to check
$id=$_GET['id'];
$query="select picture, picture_filename, picture_size  from product 
where id='".$id."'";
//echo $query;
$result=mysql_query($query);
if(($result>0) && (($rows=mysql_numrows($result)) == 1)) //got some data
	{
	$name=mysql_result($result,0,'picture_filename');
	$content=mysql_result($result,0,'picture');
	$size=mysql_result($result,0,'picture_size');
	}
else die();
if ($name="") die();
$mtype=get_mime($name);
  header("Content-Type: ".$mtype);
header("Content-Disposition: inline; filename=\"".$name."\"");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".strlen($content));

print $content; ?>


** NOTE. Leave nothing at all after the closing ?> or it gets added to 
the download. **


mimelib.php
===========
?php
// looks up mime type in /etc/mime.types and returns the type, or a 
default if unmatched
// makes no attempt to interrogate the file content as such.
// THIS NEEDS MORE WORK!!! it doesn't get all types..espcially DWG/DXF!!
// Mind you we don't want to inmvoke plug-ins for these..
function get_mime($filename)
{
$default="application/force-download";
// first extract the extension
$array=explode(".",$filename); // split the name into the bits separated 
by periods
$count=count($array);
if ($count<2) // if there IS NO extension..
      return $default; // and let the user sort it out.
$ext=$array[$count-1]; // it will be the last element in the array..
$fp=fopen("/etc/mime.types", "r");
if(!$fp) return ($default); // no /etc/mime.types file
while (!feof($fp))
	{
	$buffer = fgets($fp, 128);
         if (ctype_space($buffer{0}) || $buffer{0}=='#' || $buffer{0}=='\n')
         	continue; // skip empty lines. or lines starting with  spaces 
or hashes    		
	sscanf($buffer, "%s %s %s %s %s %s \n",$mime_type,$extension,
	$extension1, $extension2, $extension3, $extension4);
    	if ($ext==$extension || $ext==$extension1 || $ext==$extension2 || 
$ext==$extension3 || $ext==$extension4 )
    		{
    		fclose ($fp);
    		return($mime_type);
    		}
	}
fclose($fp);
return $default;
}
?>

The Natural Philosopher wrote:

> anu wrote:
>> I am storing an image as a longblob in MYSQL. I would like to know how
>> I can display the image in my form in PHP since the image is stored as
>> ascii in the MySQL table.
> 
> If its a longblob, it wont be in ASCII...
> 
> You display in two stages
> 
> You need an IMG statement that references a php program that can send
> the image.
> 
> e.g. I have this..
> 
> printf("<IMG border=\"0\" src=\"send_picture.php?id=%d\" alt=\"%s\">",
> $id,(mysql_result($result,$i,'picture_filename')=="")?"
> No Image":$name);
> 
> where the picture is stored in a table (product) blob along with its name.
> 
> The actual record ID is passes to send_picture.php.
> This is the code in that script.
> 
> The file lib.php contains general authentication and database code.
> 
> The mimelib.php is really just to have the function get_mime, which in
> my case simply reads the mime type from the linux list of mime types.
> 
> 
> send_picture.php
> ================
> 
> <?php
> include('lib.php');
> include('mimelib.php');
> open_database(); // ready to check
> $id=$_GET['id'];
> $query="select picture, picture_filename, picture_size  from product
> where id='".$id."'";
> //echo $query;
> $result=mysql_query($query);
> if(($result>0) && (($rows=mysql_numrows($result)) == 1)) //got some data
> {
> $name=mysql_result($result,0,'picture_filename');
> $content=mysql_result($result,0,'picture');
> $size=mysql_result($result,0,'picture_size');
> }
> else die();
> if ($name="") die();
> $mtype=get_mime($name);
>   header("Content-Type: ".$mtype);
> header("Content-Disposition: inline; filename=\"".$name."\"");
> header("Content-Transfer-Encoding: binary");
> header("Content-Length: ".strlen($content));
> 
> print $content; ?>
> 
> 
> ** NOTE. Leave nothing at all after the closing ?> or it gets added to
> the download. **
> 
> 
> mimelib.php
> ===========
> ?php
> // looks up mime type in /etc/mime.types and returns the type, or a
> default if unmatched
> // makes no attempt to interrogate the file content as such.
> // THIS NEEDS MORE WORK!!! it doesn't get all types..espcially DWG/DXF!!
> // Mind you we don't want to inmvoke plug-ins for these..
> function get_mime($filename)
> {
> $default="application/force-download";
> // first extract the extension
> $array=explode(".",$filename); // split the name into the bits separated
> by periods
> $count=count($array);
> if ($count<2) // if there IS NO extension..
>       return $default; // and let the user sort it out.
> $ext=$array[$count-1]; // it will be the last element in the array..
> $fp=fopen("/etc/mime.types", "r");
> if(!$fp) return ($default); // no /etc/mime.types file
> while (!feof($fp))
> {
> $buffer = fgets($fp, 128);
>          if (ctype_space($buffer{0}) || $buffer{0}=='#' ||
>          $buffer{0}=='\n')
>          continue; // skip empty lines. or lines starting with  spaces
> or hashes
> sscanf($buffer, "%s %s %s %s %s %s \n",$mime_type,$extension,
> $extension1, $extension2, $extension3, $extension4);
>     if ($ext==$extension || $ext==$extension1 || $ext==$extension2 ||
> $ext==$extension3 || $ext==$extension4 )
>     {
>     fclose ($fp);
>     return($mime_type);
>     }
> }
> fclose($fp);
> return $default;
> }
> ?>

Needless to say, you shouldn't follow the above code exactly, as doing so 
will make it trivial for some jerk to come along and nuke your database...

Robert Tomsick wrote:
> The Natural Philosopher wrote:
> 
>> anu wrote:
>>> I am storing an image as a longblob in MYSQL. I would like to know how
>>> I can display the image in my form in PHP since the image is stored as
>>> ascii in the MySQL table.
>> If its a longblob, it wont be in ASCII...
>>
>> You display in two stages
>>
>> You need an IMG statement that references a php program that can send
>> the image.
>>
>> e.g. I have this..
>>
>> printf("<IMG border=\"0\" src=\"send_picture.php?id=%d\" alt=\"%s\">",
>> $id,(mysql_result($result,$i,'picture_filename')=="")?"
>> No Image":$name);
>>
>> where the picture is stored in a table (product) blob along with its name.
>>
>> The actual record ID is passes to send_picture.php.
>> This is the code in that script.
>>
>> The file lib.php contains general authentication and database code.
>>
>> The mimelib.php is really just to have the function get_mime, which in
>> my case simply reads the mime type from the linux list of mime types.
>>
>>
>> send_picture.php
>> ================
>>
>> <?php
>> include('lib.php');
>> include('mimelib.php');
>> open_database(); // ready to check
>> $id=$_GET['id'];
>> $query="select picture, picture_filename, picture_size  from product
>> where id='".$id."'";
>> //echo $query;
>> $result=mysql_query($query);
>> if(($result>0) && (($rows=mysql_numrows($result)) == 1)) //got some data
>> {
>> $name=mysql_result($result,0,'picture_filename');
>> $content=mysql_result($result,0,'picture');
>> $size=mysql_result($result,0,'picture_size');
>> }
>> else die();
>> if ($name="") die();
>> $mtype=get_mime($name);
>>   header("Content-Type: ".$mtype);
>> header("Content-Disposition: inline; filename=\"".$name."\"");
>> header("Content-Transfer-Encoding: binary");
>> header("Content-Length: ".strlen($content));
>>
>> print $content; ?>
>>
>>
>> ** NOTE. Leave nothing at all after the closing ?> or it gets added to
>> the download. **
>>
>>
>> mimelib.php
>> ===========
>> ?php
>> // looks up mime type in /etc/mime.types and returns the type, or a
>> default if unmatched
>> // makes no attempt to interrogate the file content as such.
>> // THIS NEEDS MORE WORK!!! it doesn't get all types..espcially DWG/DXF!!
>> // Mind you we don't want to inmvoke plug-ins for these..
>> function get_mime($filename)
>> {
>> $default="application/force-download";
>> // first extract the extension
>> $array=explode(".",$filename); // split the name into the bits separated
>> by periods
>> $count=count($array);
>> if ($count<2) // if there IS NO extension..
>>       return $default; // and let the user sort it out.
>> $ext=$array[$count-1]; // it will be the last element in the array..
>> $fp=fopen("/etc/mime.types", "r");
>> if(!$fp) return ($default); // no /etc/mime.types file
>> while (!feof($fp))
>> {
>> $buffer = fgets($fp, 128);
>>          if (ctype_space($buffer{0}) || $buffer{0}=='#' ||
>>          $buffer{0}=='\n')
>>          continue; // skip empty lines. or lines starting with  spaces
>> or hashes
>> sscanf($buffer, "%s %s %s %s %s %s \n",$mime_type,$extension,
>> $extension1, $extension2, $extension3, $extension4);
>>     if ($ext==$extension || $ext==$extension1 || $ext==$extension2 ||
>> $ext==$extension3 || $ext==$extension4 )
>>     {
>>     fclose ($fp);
>>     return($mime_type);
>>     }
>> }
>> fclose($fp);
>> return $default;
>> }
>> ?>
> 
> Needless to say, you shouldn't follow the above code exactly, as doing so 
> will make it trivial for some jerk to come along and nuke your database...
> 
SQL injection?

easily fixed by using printf("'%d'",id) to form the query string.

On 10/22/2010 1:36 PM, Robert Tomsick wrote:
> The Natural Philosopher wrote:
>
>> anu wrote:
>>> I am storing an image as a longblob in MYSQL. I would like to know how
>>> I can display the image in my form in PHP since the image is stored as
>>> ascii in the MySQL table.
>>
>> If its a longblob, it wont be in ASCII...
>>
>> You display in two stages
>>
>> You need an IMG statement that references a php program that can send
>> the image.
>>
>> e.g. I have this..
>>
>> printf("<IMG border=\"0\" src=\"send_picture.php?id=%d\" alt=\"%s\">",
>> $id,(mysql_result($result,$i,'picture_filename')=="")?"
>> No Image":$name);
>>
>> where the picture is stored in a table (product) blob along with its name.
>>
>> The actual record ID is passes to send_picture.php.
>> This is the code in that script.
>>
>> The file lib.php contains general authentication and database code.
>>
>> The mimelib.php is really just to have the function get_mime, which in
>> my case simply reads the mime type from the linux list of mime types.
>>
>>
>> send_picture.php
>> ================
>>
>> <?php
>> include('lib.php');
>> include('mimelib.php');
>> open_database(); // ready to check
>> $id=$_GET['id'];
>> $query="select picture, picture_filename, picture_size  from product
>> where id='".$id."'";
>> //echo $query;
>> $result=mysql_query($query);
>> if(($result>0)&&  (($rows=mysql_numrows($result)) == 1)) //got some data
>> {
>> $name=mysql_result($result,0,'picture_filename');
>> $content=mysql_result($result,0,'picture');
>> $size=mysql_result($result,0,'picture_size');
>> }
>> else die();
>> if ($name="") die();
>> $mtype=get_mime($name);
>>    header("Content-Type: ".$mtype);
>> header("Content-Disposition: inline; filename=\"".$name."\"");
>> header("Content-Transfer-Encoding: binary");
>> header("Content-Length: ".strlen($content));
>>
>> print $content; ?>
>>
>>
>> ** NOTE. Leave nothing at all after the closing ?>  or it gets added to
>> the download. **
>>
>>
>> mimelib.php
>> ===========
>> ?php
>> // looks up mime type in /etc/mime.types and returns the type, or a
>> default if unmatched
>> // makes no attempt to interrogate the file content as such.
>> // THIS NEEDS MORE WORK!!! it doesn't get all types..espcially DWG/DXF!!
>> // Mind you we don't want to inmvoke plug-ins for these..
>> function get_mime($filename)
>> {
>> $default="application/force-download";
>> // first extract the extension
>> $array=explode(".",$filename); // split the name into the bits separated
>> by periods
>> $count=count($array);
>> if ($count<2) // if there IS NO extension..
>>        return $default; // and let the user sort it out.
>> $ext=$array[$count-1]; // it will be the last element in the array..
>> $fp=fopen("/etc/mime.types", "r");
>> if(!$fp) return ($default); // no /etc/mime.types file
>> while (!feof($fp))
>> {
>> $buffer = fgets($fp, 128);
>>           if (ctype_space($buffer{0}) || $buffer{0}=='#' ||
>>           $buffer{0}=='\n')
>>           continue; // skip empty lines. or lines starting with  spaces
>> or hashes
>> sscanf($buffer, "%s %s %s %s %s %s \n",$mime_type,$extension,
>> $extension1, $extension2, $extension3, $extension4);
>>      if ($ext==$extension || $ext==$extension1 || $ext==$extension2 ||
>> $ext==$extension3 || $ext==$extension4 )
>>      {
>>      fclose ($fp);
>>      return($mime_type);
>>      }
>> }
>> fclose($fp);
>> return $default;
>> }
>> ?>
>
> Needless to say, you shouldn't follow the above code exactly, as doing so
> will make it trivial for some jerk to come along and nuke your database...
>

He shouldn't follow it at all, since it doesn't do the job he needs. 
Typical TNP response, though.

-- 
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

On 10/21/2010 5:13 PM, anu wrote:
> I am storing an image as a longblob in MYSQL. I would like to know how
> I can display the image in my form in PHP since the image is stored as
> ascii in the MySQL table.

OK, first of all, one correction: A BLOB is a binary object (hence the 
"B" in BLOB), not an ASCII one.  And binary data is character-set 
independent.

As for displaying the data:  Two steps.  First you have an img tag in 
your html file, as always.  However, instead of pointing at the image 
itself, it points at a PHP script, passing an identifier to the picture 
you want, i.e.

<img src="showimage.php?imageid=42">

Now, assuming your MySQL table ('images') has two columns labeled "id" 
and "imagedata" (you could have other columns, also), you could code 
showimage.php something like (data validation and error checking left 
out to keep them from confusing the matter):

<?php
// Get the id of the image to display
   $imageid = $_GET['imageid'];

// Connect to the database - change parms as necessary
   $link = mysql_connect('localhost', 'localuser', userpassword');
   $db = mysql_select_db('mydatabase');

// Set up the SQL and fetch the data
   $sql = "SELECT imagedata FROM images WHERE id=$imageid"):
   $result = mysql_query($sql);
   $data = mysql_fetch_assoc($result);

// Done with MySQL - clean it up
   mysql_free_result($result);
   mysql_close($link);  // Done with MySQL now

// Your blob is now in $data['imagedata']
   $datalen = strlen($data['imagedata']); For the header

// Send the content type
    header('Content-Type: image/jpeg');  // Assuming a jpeg
// Content length isn't strictly required, but good to send
    header("Content-Length: $datalen");
// And send your image
   echo $data['imagedata'];
?>

That's all there is to it

-- 
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

On 10/21/2010 06:34 PM, The Natural Philosopher wrote:
> anu wrote:
>> I am storing an image as a longblob in MYSQL. I would like to know how
>> I can display the image in my form in PHP since the image is stored as
>> ascii in the MySQL table.
>
> If its a longblob, it wont be in ASCII...
>
> You display in two stages
>
> You need an IMG statement that references a php program that can send
> the image.
>
> e.g. I have this..

Don�t mind the trolls.

Jerry Stuckle wrote:

> On 10/22/2010 1:36 PM, Robert Tomsick wrote:
>> The Natural Philosopher wrote:
>>
>>> anu wrote:
>>>> I am storing an image as a longblob in MYSQL. I would like to know how
>>>> I can display the image in my form in PHP since the image is stored as
>>>> ascii in the MySQL table.
>>>
>>> If its a longblob, it wont be in ASCII...
>>>
>>> You display in two stages
>>>
>>> You need an IMG statement that references a php program that can send
>>> the image.
>>>
>>> e.g. I have this..
>>>
>>> printf("<IMG border=\"0\" src=\"send_picture.php?id=%d\" alt=\"%s\">",
>>> $id,(mysql_result($result,$i,'picture_filename')=="")?"
>>> No Image":$name);
>>>
>>> where the picture is stored in a table (product) blob along with its
>>> name.
>>>
>>> The actual record ID is passes to send_picture.php.
>>> This is the code in that script.
>>>
>>> The file lib.php contains general authentication and database code.
>>>
>>> The mimelib.php is really just to have the function get_mime, which in
>>> my case simply reads the mime type from the linux list of mime types.
>>>
>>>
>>> send_picture.php
>>> ================
>>>
>>> <?php
>>> include('lib.php');
>>> include('mimelib.php');
>>> open_database(); // ready to check
>>> $id=$_GET['id'];
>>> $query="select picture, picture_filename, picture_size  from product
>>> where id='".$id."'";
>>> //echo $query;
>>> $result=mysql_query($query);
>>> if(($result>0)&&  (($rows=mysql_numrows($result)) == 1)) //got some data
>>> {
>>> $name=mysql_result($result,0,'picture_filename');
>>> $content=mysql_result($result,0,'picture');
>>> $size=mysql_result($result,0,'picture_size');
>>> }
>>> else die();
>>> if ($name="") die();
>>> $mtype=get_mime($name);
>>>    header("Content-Type: ".$mtype);
>>> header("Content-Disposition: inline; filename=\"".$name."\"");
>>> header("Content-Transfer-Encoding: binary");
>>> header("Content-Length: ".strlen($content));
>>>
>>> print $content; ?>
>>>
>>>
>>> ** NOTE. Leave nothing at all after the closing ?>  or it gets added to
>>> the download. **
>>>
>>>
>>> mimelib.php
>>> ===========
>>> ?php
>>> // looks up mime type in /etc/mime.types and returns the type, or a
>>> default if unmatched
>>> // makes no attempt to interrogate the file content as such.
>>> // THIS NEEDS MORE WORK!!! it doesn't get all types..espcially DWG/DXF!!
>>> // Mind you we don't want to inmvoke plug-ins for these..
>>> function get_mime($filename)
>>> {
>>> $default="application/force-download";
>>> // first extract the extension
>>> $array=explode(".",$filename); // split the name into the bits separated
>>> by periods
>>> $count=count($array);
>>> if ($count<2) // if there IS NO extension..
>>>        return $default; // and let the user sort it out.
>>> $ext=$array[$count-1]; // it will be the last element in the array..
>>> $fp=fopen("/etc/mime.types", "r");
>>> if(!$fp) return ($default); // no /etc/mime.types file
>>> while (!feof($fp))
>>> {
>>> $buffer = fgets($fp, 128);
>>>           if (ctype_space($buffer{0}) || $buffer{0}=='#' ||
>>>           $buffer{0}=='\n')
>>>           continue; // skip empty lines. or lines starting with  spaces
>>> or hashes
>>> sscanf($buffer, "%s %s %s %s %s %s \n",$mime_type,$extension,
>>> $extension1, $extension2, $extension3, $extension4);
>>>      if ($ext==$extension || $ext==$extension1 || $ext==$extension2 ||
>>> $ext==$extension3 || $ext==$extension4 )
>>>      {
>>>      fclose ($fp);
>>>      return($mime_type);
>>>      }
>>> }
>>> fclose($fp);
>>> return $default;
>>> }
>>> ?>
>>
>> Needless to say, you shouldn't follow the above code exactly, as doing so
>> will make it trivial for some jerk to come along and nuke your
>> database...
>>
> 
> He shouldn't follow it at all, since it doesn't do the job he needs.
> Typical TNP response, though.

TBH, I didn't really check to make sure it was an appropriate solution.  The 
query string was what caught my eye.

Ah well...

Robert Tomsick wrote:
> Jerry Stuckle wrote:
> 
>> On 10/22/2010 1:36 PM, Robert Tomsick wrote:
>>> The Natural Philosopher wrote:
>>>
>>>> anu wrote:
>>>>> I am storing an image as a longblob in MYSQL. I would like to know how
>>>>> I can display the image in my form in PHP since the image is stored as
>>>>> ascii in the MySQL table.
>>>> If its a longblob, it wont be in ASCII...
>>>>
>>>> You display in two stages
>>>>
>>>> You need an IMG statement that references a php program that can send
>>>> the image.
>>>>
>>>> e.g. I have this..
>>>>
>>>> printf("<IMG border=\"0\" src=\"send_picture.php?id=%d\" alt=\"%s\">",
>>>> $id,(mysql_result($result,$i,'picture_filename')=="")?"
>>>> No Image":$name);
>>>>
>>>> where the picture is stored in a table (product) blob along with its
>>>> name.
>>>>
>>>> The actual record ID is passes to send_picture.php.
>>>> This is the code in that script.
>>>>
>>>> The file lib.php contains general authentication and database code.
>>>>
>>>> The mimelib.php is really just to have the function get_mime, which in
>>>> my case simply reads the mime type from the linux list of mime types.
>>>>
>>>>
>>>> send_picture.php
>>>> ================
>>>>
>>>> <?php
>>>> include('lib.php');
>>>> include('mimelib.php');
>>>> open_database(); // ready to check
>>>> $id=$_GET['id'];
>>>> $query="select picture, picture_filename, picture_size  from product
>>>> where id='".$id."'";
>>>> //echo $query;
>>>> $result=mysql_query($query);
>>>> if(($result>0)&&  (($rows=mysql_numrows($result)) == 1)) //got some data
>>>> {
>>>> $name=mysql_result($result,0,'picture_filename');
>>>> $content=mysql_result($result,0,'picture');
>>>> $size=mysql_result($result,0,'picture_size');
>>>> }
>>>> else die();
>>>> if ($name="") die();
>>>> $mtype=get_mime($name);
>>>>    header("Content-Type: ".$mtype);
>>>> header("Content-Disposition: inline; filename=\"".$name."\"");
>>>> header("Content-Transfer-Encoding: binary");
>>>> header("Content-Length: ".strlen($content));
>>>>
>>>> print $content; ?>
>>>>
>>>>
>>>> ** NOTE. Leave nothing at all after the closing ?>  or it gets added to
>>>> the download. **
>>>>
>>>>
>>>> mimelib.php
>>>> ===========
>>>> ?php
>>>> // looks up mime type in /etc/mime.types and returns the type, or a
>>>> default if unmatched
>>>> // makes no attempt to interrogate the file content as such.
>>>> // THIS NEEDS MORE WORK!!! it doesn't get all types..espcially DWG/DXF!!
>>>> // Mind you we don't want to inmvoke plug-ins for these..
>>>> function get_mime($filename)
>>>> {
>>>> $default="application/force-download";
>>>> // first extract the extension
>>>> $array=explode(".",$filename); // split the name into the bits separated
>>>> by periods
>>>> $count=count($array);
>>>> if ($count<2) // if there IS NO extension..
>>>>        return $default; // and let the user sort it out.
>>>> $ext=$array[$count-1]; // it will be the last element in the array..
>>>> $fp=fopen("/etc/mime.types", "r");
>>>> if(!$fp) return ($default); // no /etc/mime.types file
>>>> while (!feof($fp))
>>>> {
>>>> $buffer = fgets($fp, 128);
>>>>           if (ctype_space($buffer{0}) || $buffer{0}=='#' ||
>>>>           $buffer{0}=='\n')
>>>>           continue; // skip empty lines. or lines starting with  spaces
>>>> or hashes
>>>> sscanf($buffer, "%s %s %s %s %s %s \n",$mime_type,$extension,
>>>> $extension1, $extension2, $extension3, $extension4);
>>>>      if ($ext==$extension || $ext==$extension1 || $ext==$extension2 ||
>>>> $ext==$extension3 || $ext==$extension4 )
>>>>      {
>>>>      fclose ($fp);
>>>>      return($mime_type);
>>>>      }
>>>> }
>>>> fclose($fp);
>>>> return $default;
>>>> }
>>>> ?>
>>> Needless to say, you shouldn't follow the above code exactly, as doing so
>>> will make it trivial for some jerk to come along and nuke your
>>> database...
>>>
>> He shouldn't follow it at all, since it doesn't do the job he needs.
>> Typical TNP response, though.
> 
> TBH, I didn't really check to make sure it was an appropriate solution.  The 
> query string was what caught my eye.
> 
> Ah well...
Well it does the job for me (displays a blob image onscreen), but the 
stucklehead knows very little about real world programming.

He's been out of work for years now.

..oO(The Natural Philosopher)

>Well it does the job for me (displays a blob image onscreen), but the 
>stucklehead knows very little about real world programming.

This "real world programming" is what regularly appears on TheDailyWTF
and in security bulletins.

Your posted code is not only insecure, but obviously from the last
century. There's a lot of deprecated stuff in it and many things to
optimize. In one word: ugly.

Micha

Michael Fesser wrote:
> .oO(The Natural Philosopher)
> 
>> Well it does the job for me (displays a blob image onscreen), but the 
>> stucklehead knows very little about real world programming.
> 
> This "real world programming" is what regularly appears on TheDailyWTF
> and in security bulletins.
> 
> Your posted code is not only insecure, but obviously from the last
> century. There's a lot of deprecated stuff in it and many things to
> optimize. In one word: ugly.
> 
> Micha
Nevertheless it shows the principle

I am indeed from the last century.

I note no one else HAS posted  a solution.

Those that can, do.

Those that can't teach.

Those that cant teach, sit and criticise.

On 10/22/2010 4:45 PM, Michael Fesser wrote:
> .oO(The Natural Philosopher)
>
>> Well it does the job for me (displays a blob image onscreen), but the
>> stucklehead knows very little about real world programming.
>
> This "real world programming" is what regularly appears on TheDailyWTF
> and in security bulletins.
>
> Your posted code is not only insecure, but obviously from the last
> century. There's a lot of deprecated stuff in it and many things to
> optimize. In one word: ugly.
>
> Micha

Micha, not surprising.  It's just something he copied from a web site 
but doesn't understand.

Examine the code and it doesn't even display the image from the database 
like the op wants.

-- 
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

On 10/22/2010 05:48 PM, The Natural Philosopher wrote:
> Michael Fesser wrote:
>> .oO(The Natural Philosopher)
>>
>>> Well it does the job for me (displays a blob image onscreen), but the
>>> stucklehead knows very little about real world programming.
>>
>> This "real world programming" is what regularly appears on TheDailyWTF
>> and in security bulletins.
>>
>> Your posted code is not only insecure, but obviously from the last
>> century. There's a lot of deprecated stuff in it and many things to
>> optimize. In one word: ugly.
>>
>> Micha
> Nevertheless it shows the principle
>
> I am indeed from the last century.
>
> I note no one else HAS posted a solution.
>
> Those that can, do.
>
> Those that can't teach.
>
> Those that cant teach, sit and criticise.

Don’t reply to the stupid and ignore them. They only seek for attention 
by attacking others. Plonk them.