0

im trying to store an image in my firebird database(i know its not the best practice but i have to do it) but im getting a Message: ibase_query(): Dynamic SQL Error SQL error code = -104 Unexpected end of command - line 1, column 30 i guess this happens because the blob is too big. i did a print_r and i get the the entire blob between '' but i guess its too big for it to handle. I change the blob filed in the database to 4000+ bytes but still it fails. Any tips on how to turn this around?

My code:

 $encoded_data = file_get_contents($files['perf_photo']['tmp_name']);
 $query = "UPDATE emprs set foto = '{$encoded_data}' WHERE cod_uto = '$cod_uto'";
 return ibase_query($transaction, $query);
BRABO
  • 100
  • 7
  • You call the variable `$encoded_data` in what way is it encoded? – RiggsFolly Sep 01 '21 at 10:12
  • its just a name, i had in base64 before but i guess i dont need to be in base64 – BRABO Sep 01 '21 at 10:14
  • Did it work in base64? Because a raw image file can contain all sorts of bytes that may confuse, like having a zero byte the something else may assume is a end of file – RiggsFolly Sep 01 '21 at 10:18
  • No it still fails, i get the same error if i encode it. – BRABO Sep 01 '21 at 10:19
  • 1
    don't put data values into programming codes, pass data values as SQL PARAMETERS! see PHP examples at https://www.bobby-tables.com/ – Arioch 'The Sep 01 '21 at 10:49
  • No, that function returns an id from the ``ibase_blob_import()`` doenst return the full blob, so what it sends in the query is something like ``0x0000010000`` . – BRABO Sep 01 '21 at 11:11
  • Don't interpolate data into a query string like this, it makes you vulnerable to SQL injection. As shown in the duplicates, you need to populate a blob using the API, and then pass the blob id **as a parameter**. – Mark Rotteveel Sep 01 '21 at 11:35

0 Answers0