By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,715 Members | 1,773 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,715 IT Pros & Developers. It's quick & easy.

Storing files on a database?

P: n/a
I wrote this script to display different files from a database and
properly display them by their respective MIME types. I have two
questions: the first is that it just so happens not to work, and I'm
just wondering if there are any discrepancies that I can't see that
maybe someone else can, and the second is what would be the benefits
and the drawbacks of storing different types of files in a database,
for example files like jpeg and gif images, flash files, and mpeg
videos?

Code:
<?php
error_reporting(E_ALL);
require 'config.php';
$id = $_GET['id'];
$dbTable = $_GET['tb'];
dbConnect();
$query = "SELECT content, mime_type FROM ".$dbTable." WHERE id=".$id;
$result = mysql_query("$query")
or die("Invalid query: " . mysql_error());
$data = mysql_fetch_array($result);
header("Content-type: ".stripslashes($data['mime_type']));
echo stripslashes($data['content']);
dbDisconnect();
?>

Dec 10 '06 #1
Share this Question
Share on Google+
3 Replies


P: n/a

Lucky_Syringe wrote:
dbConnect();
are you passing any parameters?
or calling mysql_select_db('my_db'); ?

Dec 11 '06 #2

P: n/a
BKDotCom wrote:
Lucky_Syringe wrote:
dbConnect();

are you passing any parameters?
or calling mysql_select_db('my_db'); ?
Why yes, yes I am...

Dec 11 '06 #3

P: n/a
On 9 Dec 2006 20:52:37 -0800, "Lucky_Syringe" <ke**********@gmail.comwrote:
>I wrote this script to display different files from a database and
properly display them by their respective MIME types. I have two
questions: the first is that it just so happens not to work,
In what way does it not work?
>and I'm
just wondering if there are any discrepancies that I can't see that
maybe someone else can,
See below.
>and the second is what would be the benefits
and the drawbacks of storing different types of files in a database,
for example files like jpeg and gif images, flash files, and mpeg
videos?
Putting it in the database means the data will be easier to keep consistent
with its own metadata, and reduces some of the worries about inconsistencies
introduced by failures between the commit of the database changes, and changes
to a filesystem (where you can't just do a rollback). It can make it easier to
back up, or at least easier to restore to a consistent point.

But it means you have a lot more data in your database, which some databases
may not be able to handle well. Your database may not have good large object
support (MySQL certainly doesn't - there's no API to stream the contents out,
so fetching a BLOB ends up with the whole file copied from place to place in
memory potentially several times). It's also much faster to serve files off the
filesystem (although this can be mitigated by having a disposable filesystem
cache of the files, but keeping the database copy as the master).

The method to choose depends on lots of factors.
>Code:
<?php
error_reporting(E_ALL);
require 'config.php';
$id = $_GET['id'];
$dbTable = $_GET['tb'];
dbConnect();
$query = "SELECT content, mime_type FROM ".$dbTable." WHERE id=".$id;
Potential for a SQL injection attack - use of user input without validation.
>$result = mysql_query("$query")
or die("Invalid query: " . mysql_error());
$data = mysql_fetch_array($result);
header("Content-type: ".stripslashes($data['mime_type']));
Why the stripslashes here?
>echo stripslashes($data['content']);
And particularly here - this is likely to corrupt the file.
>dbDisconnect();
?>
--
Andy Hassall :: an**@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
Dec 11 '06 #4

This discussion thread is closed

Replies have been disabled for this discussion.