c# - Can't add picture into database -


i'm trying following things:

  1. add new picture database (into column named "picprofile").
  2. copy path/location textbox (named image_path_txt). in addition, can add record other fields except image.

can tell me doing wrong?

private void button1_click(object sender, eventargs e)  {         byte[] imagebt = null;      filestream fstream = new filestream(this.image_path_txt.text, filemode.open, fileaccess.read);        binaryreader br = new binaryreader(fstream);      imagebt = br.readbytes((int)fstream.length);      string constring = "datasource=localhost;port=3306;username=root;password=amg135468lns";      string query = "insert db.newuser (fname,lname,age,gender,phone_no, mobile_no,city, street, street_no,email,idnewuser,picprofile)"+ "values('" + this.fname_txt.text + "','" + this.lname_txt.text + "','"+this.age_txt.text+"','"+this.gender+"','" + this.phone_txt.text + "','" + this.mobile_txt.text + "','" + this.city_txt.text + "','" + this.street_txt.text + "','" + this.streetno_txt.text + "','" + this.email_txt + "','"+this.user_no_txt.text+"',@picp);";         mysqlconnection condatabase = new mysqlconnection(constring);      mysqlcommand cmddatabase = new mysqlcommand(query,condatabase);      mysqldatareader myreader;       try      {          condatabase.open();          cmddatabase.parameters.add(new mysqlparameter("@picp", imagebt));           myreader = cmddatabase.executereader();          messagebox.show("saved");          while (myreader.read())          {           }       }      catch (exception ex)      {          messagebox.show(ex.message);      }  }

empty path name not legal.

if that's error; it's pretty self-explanatory. you're providing empty path. or, in other words, text of this.image_path_txt empty.

wow. let's start why can't add database. can't issue executereader against insert statement. so, instead of:

myreader = cmddatabase.executereader(); messagebox.show("saved"); while (myreader.read()) {  }

just this:

cmddatabase.executenonquery();

also, instead of of this:

byte[] imagebt = null;  filestream fstream = new filestream(     this.image_path_txt.text,     filemode.open,     fileaccess.read);   binaryreader br = new binaryreader(fstream); imagebt = br.readbytes((int)fstream.length);

just this:

byte[] imagebt = file.readallbytes(this.image_path_txt.text);

next, let's move on resource management. need leverage using statement here:

using (mysqlconnection condatabase = new mysqlconnection(constring)) using (mysqlcommand cmddatabase = new mysqlcommand(query,condatabase)) {     // add parameters      // execute statement }

next, let's move on sql injection attacks. right you're building query that's wide open sql injection because it's not parameterized. should read this:

insert tbl (field1, field2, field3) values (@field1, @field2, @field3)

and when add parameters, this:

cmddatabase.parameters.addwithvalue("@field1", txtfield1.text); cmddatabase.parameters.addwithvalue("@field2", txtfield2.text); cmddatabase.parameters.addwithvalue("@field3", imagebt);

Comments

Post a Comment

Popular posts from this blog

java.util.scanner - How to read and add only numbers to array from a text file -

i'm learning java , have question regarding reading file want read numbers file contains strings well. here example of file: 66.56 "3 java 3-43 5-42 2.1 1 and here coding: public class test { public static void main (string [] args){ if (0 < args.length) { file x = new file(args[0]); try{ scanner in = new scanner( new fileinputstream(x)); arraylist<double> test = new arraylist<>(); while(in.hasnext()){ if(in.hasnextdouble()){ double f=in.nextdouble(); test.add(f);} else {in.next();} } catch(ioexception e) { system.err.println("exception during reading: " + e); } } my problem add 66.56,2.1 , 1 doesn't add 3 after "3 or ignores 3-43 , 5-42 can tell me how skip strings , add doubles here? thanks all said 3 ie; "3, 3-43 , 4-42 strings either u read string , split , check number @ " , - or put in space between characters , integers. jvm after compilation tre...
Read more

rewrite - Trouble with Wordpress multiple custom querystrings -

i'm working on adding multiple querystring , doesn't seem work. i've found codes seems work others might i'm missing something. i want like: http://mydomain.com/board/?getyear=2013&getsometext2=sometext to http://mydomain.com/board/2013/sometext/ i added code below functions.php file. doesn't seem work should though. this works. echoing querystring gets both variable without problem. http://mydomain.com/board/2013/sometext/ but doesn't. tested querystring vis isset() seems nothing being set/get http://mydomain.com/board/2013/ function add_query_vars($vars) { $vars[] = "getyear"; $vars[] = "getsometext2"; return $vars; } add_filter('query_vars', 'add_query_vars'); function add_rewrite_rules($arules) { $anewrules = array('board/([^/]+)/([^/]+)/?$' => 'index.php?pagename=board&getyear=$matches[1]&getsometext2=$matches[2]'); $arules = $a...
Read more