Reputation: 5763
How to randomly retrieve images from my mysql database?
Okay, so I've made one php file to output the images this is the sample code for the output page:
mysql_connect (" "," "," ") or die(mysql_error()); mysql_select_db (" ") or die(mysql_error());
$query = mysql_query("SELECT * FROM store");
$number=mysql_num_rows($query);
$result = mysql_query ("SELECT * FROM store ORDER BY RAND() LIMIT $number");
while ($row = mysql_fetch_assoc($result))
{
echo '<img src=get.php?id=$row["id"]>';
}
The get.php that the img tag is referring to has this code:
mysql_connect (" "," "," ") or die(mysql_error()); mysql_select_db (" ") or die(mysql_error());
$id = addslashes ($_REQUEST['id']);
$query = mysql_query("SELECT * FROM store WHERE id= $id ");
$row = mysql_fetch_array($query);
$content = $row['image'];
header('Content-type: image/jpg');
echo $content;
All I'm getting are a series of torn page icons on the output page. I could have made a very simple mistake seeing as how I am still learning php. Thanks in advance.
Upvotes: 0
Views: 4224
Answers (3)
Reputation: 157828
All I'm getting are a series of torn page icons on the output page.
In fact, you create kind of "denial of service" attack against your site, mking it run dozens PHP scripts and opening dozens sql connections per single page request. No wonder yor server being overloaded with such a flood and shows no pictures.
Also note that your code suffering from SQL injection.
Either change addslashes to intval() or add quotes around $id in the query (otherwise escaping will make no sense)
Upvotes: 0
Reputation: 5316
Cleaning up:
$result = mysql_query("SELECT * FROM store ORDER BY RAND()");
while($row = mysql_fetch_assoc($result)){
echo '<img src="get.php?id='.$row[id].'" />';
}
You can also echo mysql_error(); to see if there are any errors in your mysql statements.
You should also use mysql_real_escape_string() instead of addslashes()
Or consider PDO for an even more secure solution.
To debug, go to get.php?id=1. If you see an image get.php is working and the main file is not.
Have you made sure that get.php connects to the database as well as the main file?
Upvotes: 1
Reputation: 14941
There are some illogical things in this script.
You select EVERYTHING from store (* equals all fields). This is very, very expensive. If you want to use this you should use SELECT COUNT(id) FROM store.
You use the count, to LIMIT. But the limit will always be the same as the amount of rows. Which makes LIMIT irrelevant?
You should not use addslashes for escaping your values. Use mysql_real_escape_string instead. Check it out here.
I am not sure what values are in your database, perhaps you could post some? Perhaps you need to perform strip slashes, since you probably save values with slashes in your database?
Upvotes: 0
Related Questions
- Fetch images randomly from directory?
- Randomly select image an from directory using php and use its filename for a mysql query
- Random set of images using php
- Get random images with other table in mysql
- SQL pulling random images from database
- Random Picture From Database MYSQL
- Return random image SQL
- random images from existing database
- How to display the random images without repetition from database(MySql) using php
- How to Cache RAND() random images in PHP MYSQL