469,336 Members | 5,643 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,336 developers. It's quick & easy.

Storing files on a database?

I wrote this script to display different files from a database and
properly display them by their respective MIME types. I have two
questions: the first is that it just so happens not to work, and I'm
just wondering if there are any discrepancies that I can't see that
maybe someone else can, and the second is what would be the benefits
and the drawbacks of storing different types of files in a database,
for example files like jpeg and gif images, flash files, and mpeg
videos?

Code:
<?php
error_reporting(E_ALL);
require 'config.php';
$id = $_GET['id'];
$dbTable = $_GET['tb'];
dbConnect();
$query = "SELECT content, mime_type FROM ".$dbTable." WHERE id=".$id;
$result = mysql_query("$query")
or die("Invalid query: " . mysql_error());
$data = mysql_fetch_array($result);
header("Content-type: ".stripslashes($data['mime_type']));
echo stripslashes($data['content']);
dbDisconnect();
?>

Dec 10 '06 #1
3 1674

Lucky_Syringe wrote:
dbConnect();
are you passing any parameters?
or calling mysql_select_db('my_db'); ?

Dec 11 '06 #2
BKDotCom wrote:
Lucky_Syringe wrote:
dbConnect();

are you passing any parameters?
or calling mysql_select_db('my_db'); ?
Why yes, yes I am...

Dec 11 '06 #3
On 9 Dec 2006 20:52:37 -0800, "Lucky_Syringe" <ke**********@gmail.comwrote:
>I wrote this script to display different files from a database and
properly display them by their respective MIME types. I have two
questions: the first is that it just so happens not to work,
In what way does it not work?
>and I'm
just wondering if there are any discrepancies that I can't see that
maybe someone else can,
See below.
>and the second is what would be the benefits
and the drawbacks of storing different types of files in a database,
for example files like jpeg and gif images, flash files, and mpeg
videos?
Putting it in the database means the data will be easier to keep consistent
with its own metadata, and reduces some of the worries about inconsistencies
introduced by failures between the commit of the database changes, and changes
to a filesystem (where you can't just do a rollback). It can make it easier to
back up, or at least easier to restore to a consistent point.

But it means you have a lot more data in your database, which some databases
may not be able to handle well. Your database may not have good large object
support (MySQL certainly doesn't - there's no API to stream the contents out,
so fetching a BLOB ends up with the whole file copied from place to place in
memory potentially several times). It's also much faster to serve files off the
filesystem (although this can be mitigated by having a disposable filesystem
cache of the files, but keeping the database copy as the master).

The method to choose depends on lots of factors.
>Code:
<?php
error_reporting(E_ALL);
require 'config.php';
$id = $_GET['id'];
$dbTable = $_GET['tb'];
dbConnect();
$query = "SELECT content, mime_type FROM ".$dbTable." WHERE id=".$id;
Potential for a SQL injection attack - use of user input without validation.
>$result = mysql_query("$query")
or die("Invalid query: " . mysql_error());
$data = mysql_fetch_array($result);
header("Content-type: ".stripslashes($data['mime_type']));
Why the stripslashes here?
>echo stripslashes($data['content']);
And particularly here - this is likely to corrupt the file.
>dbDisconnect();
?>
--
Andy Hassall :: an**@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
Dec 11 '06 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

6 posts views Thread by bissatch | last post: by
6 posts views Thread by stenospamron | last post: by
7 posts views Thread by C G | last post: by
4 posts views Thread by IkBenHet | last post: by
9 posts views Thread by Adam J Knight | last post: by
reply views Thread by suresh191 | last post: by
reply views Thread by Marylou17 | last post: by
1 post views Thread by Marylou17 | last post: by
1 post views Thread by Marylou17 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.