Posting Base64 encoded values in phpmyadmin from Android

Question

In my app i am trying to post image from android to phpmyadmin i have also created php code which is here:

MyPhp.php:

<?php
$servername = "dontneedthis";
$username = "also";
$password = "dont care";
$dbname = "bla bla";


$conn =mysqli_connect('localhost', $username, $password);

$db_selected = mysqli_select_db($conn, $dbname);
if (!$db_selected) {
  die ('Can\'t use db : ' . mysql_error());
}


    $base=$_REQUEST['image'];
    $filename = $_REQUEST['filename'];
    $binary=base64_decode($base);

    $sql = "INSERT INTO table (image) VALUES('{$binary}')";

    if ($conn->query($sql) === TRUE) {
    echo "New record created successfully";
} else {
    echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();

?>

When i upload image from android i get an error where it is shown that he doent understand this :

INSERT INTO table (image) VALUES

And he shows a lot of symbols which i do not recognise. I have created table where is a row where you can add 100 000 symbols of TEXT I tried to add the value as blob and tried to change collation to binary nothing worked do you have any ideas?

Answer 1

Why doesn't anyone ever bother to properly quote their stuff?

table is a keyword in all SQL dialects I know, and hence causes a syntax error.
But for that reason, quotes and backticks have been invented.

Do this:

INSERT INTO `table` (`image`) VALUES ...

and you should have one problem less.

Also, you have to escape your $binary variable, otherwise it's gonna break your ' quotes:

$binary = mysqli_real_escape_string($conn, base64_decode($base));