Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

PHP

Posted by Fabio Neto da Silva
Fabio Neto da Silva
12,440 Points

Backend for Shirts 4 Mike

Hello,

I am trying to make a backend for our mike's shirts project... so far i am doing good, i think :)

I am working with a database where i send all my new added products to my mysql database, This part is not difficult, I work with INSERT INTO .... de values ... product name, price etc... from my form.

My problem is with the product image, How to do this?

  1. Send the image to our db and store this photo as an IMAGE or
  2. Send only the image name or path to our database and store as TEXT.

En How to do this? Teamtreehouse doesn't have any tutorial about uploading files in php.

I searched on the web, and i found some good tutorials, but when i read the comments, they allways complain about security issues?

Can someone help me?

thanks in advance

4 Answers

Matt Campbell
Matt Campbell
9,767 Points
Matt Campbell
Matt Campbell
9,767 Points

I'm guessing but this is the approach I'd take.

I'd build an FTP uploader into the backend that, when a file is uploaded, a second section of the FTP uploader also saves the link data to the database.

You can probably find the code for this somewhere out there. Haven't read it but....http://stackoverflow.com/questions/14280688/ftp-upload-via-php-form

Patrick Cooney
Patrick Cooney
12,216 Points

Pretty much how you do it. You upload it to the temporary location on the server, use the built in functions to move it to a permanent location while keeping track of that location in a variable. insert the link in a column in your table and retrieve from there. I actually had code for this at one point during a PHP class I took a couple of semesters ago but it's gone now.

Fabio Neto da Silva
Fabio Neto da Silva
12,440 Points
Fabio Neto da Silva
Fabio Neto da Silva
12,440 Points

I've never heard about this approach... it seems interesting... but it seems dangerous or not? it feels unsecure... :) is this a beter way than using " move_uploaded_file function " ?

Matt Campbell
Matt Campbell
9,767 Points
Matt Campbell
Matt Campbell
9,767 Points

I don't see how it is dangerous. You take the necessary steps for text inputs same as you would with contact forms etc and you only allow images to be uploaded which can't contain anything that can "run" and cause damage due to the nature of the file type.

Fabio Neto da Silva
Fabio Neto da Silva
12,440 Points
Fabio Neto da Silva
Fabio Neto da Silva
12,440 Points

you probably right, i will try this way.