Hi,
I'm trying to upload a image file to a oracle DB and i need to only use
ODBC functions.
In db i have a LONG RAW column (if this is not correct, please tell me).
I'm getting the error from oracle: [Oracle][ODBC][Ora]ORA-00972:
identifier is too long...
here is my php code:
if (isset($_FILES['foto']['name']) & !empty($_FILES['foto']['name'])) {
$foto = $_FILES['foto']['tmp_name'];
$date = addslashes(frea d(fopen($foto, "r"), filesize($foto) ));
$id = $_SESSION['id'];
$foto_type = $_FILES['foto']['type'];
$sql = "INSERT INTO fotos (id_foto, id_cat, id_m, fotos, avg,
total, foto_type) VALUES (fotografias_id .nextval, 1, $id, '$date', '0',
'0', '$foto_type')";
....
then i execute the sql, etc...
------------------
Any ideas how should i accomplish this upload task?
thanks in advance for your time,
ATK 4 3678
On Sun, 22 May 2005 04:23:48 +0100, ATK <ci*****@netcab o.pt> wrote: I'm trying to upload a image file to a oracle DB and i need to only use ODBC functions.
In db i have a LONG RAW column (if this is not correct, please tell me).
It should be BLOB - LONG RAW is deprecated.
I'm getting the error from oracle: [Oracle][ODBC][Ora]ORA-00972: identifier is too long...
here is my php code:
if (isset($_FILES['foto']['name']) & !empty($_FILES['foto']['name'])) { $foto = $_FILES['foto']['tmp_name']; $date = addslashes(frea d(fopen($foto, "r"), filesize($foto) )); $id = $_SESSION['id']; $foto_type = $_FILES['foto']['type'];
$sql = "INSERT INTO fotos (id_foto, id_cat, id_m, fotos, avg, total, foto_type) VALUES (fotografias_id .nextval, 1, $id, '$date', '0', '0', '$foto_type')";
Eep. Use placeholders/bind variables. Do not embed variables into SQL -
_particularly_ under Oracle.
Asides from the security issues due to escaping (addslashes() does NOT escape
strings as required by Oracle), it also results in masses of "hard parsing",
also the maximum length of a literal string is 4000 characters so your file
won't work, and also you're subjecting binary data to character set conversions
potentially resulting in more corruption.
... then i execute the sql, etc...
Any ideas how should i accomplish this upload task?
Placeholders/bind variables.
--
Andy Hassall / <an**@andyh.co. uk> / <http://www.andyh.co.uk >
<http://www.andyhsoftwa re.co.uk/space> Space: disk usage analysis tool
Thanks for your reply, i still have some questions:
Andy Hassall wrote: $sql = "INSERT INTO fotos (id_foto, id_cat, id_m, fotos, avg, total, foto_type) VALUES (fotografias_id .nextval, 1, $id, '$date', '0', '0', '$foto_type')";
Eep. Use placeholders/bind variables. Do not embed variables into SQL - _particularly_ under Oracle.
Asides from the security issues due to escaping (addslashes() does NOT escape strings as required by Oracle), it also results in masses of "hard parsing", also the maximum length of a literal string is 4000 characters so your file won't work, and also you're subjecting binary data to character set conversions potentially resulting in more corruption.
If addslashes is not enough, what should i use?
What do you mean "Placeholde rs/bind variables", can you show some
links/code examples, and let me remember that i can only use ODBC
functions, not oracle extension functions...
Thanks again
On Sun, 22 May 2005 23:24:02 +0100, ATK <ci*****@netcab o.pt> wrote: Thanks for your reply, i still have some questions:
Andy Hassall wrote:
$sql = "INSERT INTO fotos (id_foto, id_cat, id_m, fotos, avg, total, foto_type) VALUES (fotografias_id .nextval, 1, $id, '$date', '0', '0', '$foto_type')"; Eep. Use placeholders/bind variables. Do not embed variables into SQL - _particularly_ under Oracle.
Asides from the security issues due to escaping (addslashes() does NOT escape strings as required by Oracle), it also results in masses of "hard parsing", also the maximum length of a literal string is 4000 characters so your file won't work, and also you're subjecting binary data to character set conversions potentially resulting in more corruption.
If addslashes is not enough, what should i use?
Placeholders, and don't put values in the SQL, bind them separately.
(Oracle doesn't quote single quotes with slashes, it uses another quote. But
this is the wrong approach, anyway).
What do you mean "Placeholde rs/bind variables", can you show some links/code examples, and let me remember that i can only use ODBC functions, not oracle extension functions...
In that case I can only refer you to the manual, since I don't use ODBC. http://uk.php.net/odbc http://uk.php.net/manual/en/function.odbc-prepare.php http://uk.php.net/manual/en/function.odbc-execute.php
I believe (but could be wrong) that ODBC forces you to use anonymous
placeholders, i.e. "?". So your SQL would look like:
$sql = "INSERT INTO fotos (id_foto, id_cat, id_m, fotos, avg, total, foto_type)
VALUES (fotografias_id .nextval, 1, ?, ?, '0', '0', ?)";
You'd then pass in the values to bind to the placeholders in the execute call.
Constants are OK in SQL, but variables are not, and replaced by placeholders.
Note that placeholders are not quoted, nor are the values passed to execute
escaped in any way. They are passed to the database as-is and it handles
binding them to the correct places in the statement.
I also recommend ADOdb as a layer on top of the basic database calls. I
believe it can use ODBC connections to Oracle. http://adodb.sourceforge.net/
--
Andy Hassall / <an**@andyh.co. uk> / <http://www.andyh.co.uk >
<http://www.andyhsoftwa re.co.uk/space> Space: disk usage analysis tool
On Sun, 22 May 2005 18:03:02 +0100, Andy Hassall wrote: then i execute the sql, etc...
Any ideas how should i accomplish this upload task?
Placeholders/bind variables.
Easy package to do this with is John Lim's wonderful ADOdb. He even
shows you how to do that.
--
You can get more of what you want with a kind word and a gun than
you can with just a kind word. (Al Kapone) This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: simianphile |
last post by:
OK, I had a problem that I've now fixed but I can't really understand
what was causing it in the first place. I have an intranet site that
uses basic authentication to allow users to view and update information
from an Oracle DB (ver 8.1.6 -- ancient, I know). Anyway, the site
worked fine as long as the machine accessing the ASP page was running
Win 2k but when an XP machine tried to view the page, the client got an
error:
Microsoft...
|
by: Kong Li |
last post by:
Environments:
1. WinXP SP1, MDAC 2.7 SP1 (Microsoft ODBC for Oracle is
2.573.9030.0), Oracle client 9.2.0.1.
2. Win2000 SP4, MDAC 2.7 SP1 (Microsoft ODBC for Oracle is
2.573.9030.0), Oracle client 9.2.0.1.
3. Win2000 SP4, MDAC 2.8 (Microsoft ODBC for Oracle is 2.573.1022.0),
Oracle client 9.2.0.1.
I have a simple program calling SQLDriverConnect (not OLEDB, not ADO,
but ODBC) to an Oracle server 9.2, and then disconnect. The value of
|
by: SerGioGio |
last post by:
Hello,
I am going nuts. I am trying to connect to my local ORACLE instance using
ODBC.
It used to work few weeks ago, but it fails now.
Connection with:
- SQL*plus: connection works!
- DataDirect 5.0 Oracle Wire protocol (3rd party ODBC driver): connection
works when I hit the driver's "test connection"
|
by: Roger Redford |
last post by:
Dear Experts,
I'm attempting to marry a system to an Oracle 817 datbase.
Oracle is my specialty, the back end mainly, so I don't
know much about java or javascript.
The system uses javascript to make ODBC calls to the db.
The particular system I'm working with, will not work
with an Oracle stored procedure I'm told. However, it
|
by: jrefactors |
last post by:
My machine is Windows XP with Oracle 9.2 Home; IIS and Oracle
are in the same box.
I have tried both Oracle OLEDB Provider and Microsoft ODBC For Oracle,
but both not working.
For Microsoft ODBC For Oracle approach, I added a data source
in Oracle Data Source Administrator, in System DSN tab, I created
a system data source named OracleDSN with Microsoft ODBC for Oracle.
| |
by: totierne |
last post by:
comp.databases.ms-access,
I want to know how to use Oracle views with session variables in
Access.
The parameterised views in access, are migrated to views with per
session
variables.
The open questions:
How to display a resultset
|
by: Chris Botha |
last post by:
The machine is running XP Pro with all the latest service packs, etc. I must
access an Oracle database so I installed the Oracle client stuff. I can
query Oracle from a Windows app, no problem. Using the exact same code (copy
and paste) into a Web app I get the following error "Error while trying to
retrieve text for error ORA-01019". Security I thought, so I use
Impersonation on the Web site, then the aspnet_wp.exe crashes with "The...
|
by: Crazy Cat |
last post by:
Hi all,
I am having trouble getting linked Oracle 9 server in MS SQL Server
2005 Express to work properly. My machine is running Windows XP.
The Microsoft and Oracle OLE DB Providers have problems dealing with
Oracle's Numeric Data Type, so I decided to use Microsoft's OLE DB for
ODBC Provider and an Oracle ODBC source. When using the Microsoft ODBC
for Oracle Driver in my ODBC source I have inconsistent behavior.
Sometimes my queries...
|
by: Ben |
last post by:
Hi,
I have a problem connecting to Oracle using and ODBC connection in a ASP.Net
web page.
The TNS Names works fine because when I create a DSN it works, and it works
in SQL Plus.
Here are the error I get depending on the connection string:
Using the right server (Oracle 9i), and the Native Oracle Driver
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |