Tell me more ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite

New to PHP/mySql and having trouble inserting and retrieving binary data. I have a mySql table called usr_pressdata. The field 'BinDat' is of type mediumblob.

$dat = $this->parseOverview($sql);
    // $dat is now a binary string

$datsql = "Update usr_pressdata Set BinDat = " . $dat;
$datresult = mysql_query($datsql, $this -> conn) or die(mysql_error());

$getdat = "Select * from usr_pressdata";
$getdatresult = mysql_query($getdat, $this -> conn) or die(mysql_error());
$row = mysql_fetch_array( $getdatresult );
   $retval = $row['BinDat'];

In this example my goal is that $retval == $dat but it does not. I suspect that my query string $datsql is incorrect. Can someone correct this example code? Thank you.

share|improve this question
how are $retval and $dat different? did you try a var_dump() of both vars? – Damien Pirsy Feb 20 '11 at 9:10

1 Answer

up vote 1 down vote accepted

When inserting values in a table (or more generally, when including a value in an SQL request):

  1. the string must be enclosed between quotes ('...')
  2. the string must be “escaped” using mysql_real_escape_string so as to prevent SQL injection.

So you need to write something like:

$request = "UPDATE usr_pressdata SET bindat= '" . mysql_real_escape_string($dat) . "';";

I suspect you may want to add a WHERE someColumn = someCondition clause at the end, because as it is now, it would affect all the rows in the table.

share|improve this answer
It is okay to affect all rows in the table. There is only one row. – eeejay Feb 20 '11 at 9:08
This sql request does not work for me. Is mysql_real_escape_string a native method? – eeejay Feb 20 '11 at 9:21
Yes, have a look here: php.net/manual/en/function.mysql-real-escape-string.php – ChrisJ Feb 20 '11 at 9:58

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.