PHP - Store Images in SESSION data?

Question

Can you store an image in a PHP SESSION ?

I have a multi-step registration process using PHP on my site. On one of the steps, the users can upload their company log

Answer 1

Yes, you can store an image in a PHP session. Get it into PHP as a string (i.e. binary data) and then you can put it in the session.

You will want it to only be as big as it needs to be and you need to delete it as soon as you don't need it because large pieces of information in the session will slow down the session startup.

Answer 2

You can store image data in session as base encoded one easily. In production server you are supposed to have enough RAM. My application needed upto 40MB of 4 images/apps for update and change before putting in mongoDB. (Base encoding makes 1.3 times larger image size.)

  $tmpNameSS1 = $_FILES["screenshot1"]["tmp_name"];
  $fp      = fopen($tmpNameSS1, 'r');
  $rawDataSS1 = fread($fp, filesize($tmpNameSS1));
  fclose($fp);
  $SS1FileName = $_FILES["screenshot1"]["name"];
  $encodedSS1Data = base64_encode($rawDataSS1);

  registry::update('sCreateSS1Name', $SS1FileName);
  registry::update('sCreateSS1Data', $encodedSS1Data);

A case will be: you have multiple image to uploaded and both client and server validation for size and type. It is faster to fetch from session. After putting in DB null the variable holding the image.

Browser will show show that image with:

<img src="data:image/;base64,<?php echo registry::get('sCreateSS1Data'); ?>"/>

You can update the session for the image with empty string after the code reaches the end of the block. Typical case is updating form field with validation and when the user wants to change the text. You also want to show what image was uploaded between those failed updates. If you want to save the round trip (advisable) keep data for some moments in the session and empty that value after code is about exit.

Answer 3

You can but expect memory usage of your session to increase depending on the size of the images. In order to do so, you must save the file contents into a session variable.

If it is in session data and you have multiple steps after the upload the image will be reloaded (into the session) every page view until the steps are complete.

I would personally recommend against using the session for holding a binary file. Saving the image on disk into a temporary location until the registration is complete. I would only save the path to the temporary file in session. When the transaciton is completed move it to a proper location and do your db inserts.

Also, in essence, session data is stored on disk (or db) anyway so you might as well save the image file once then issue a move command once complete.

Answer 4

Sometimes We need to preview/confirm page before save data into database. But Image file to the confirm page is a little bit differnt.You cant do $_SESSION['s_name'] = $_FILES['f_name'] coz SESSION just keep the text file. In the alternative way keeping file contents/binary value in session.

$_SESSION['obj_image_session'] = file_get_contents($_FILES['image_name']['tmp_name']);

$file= "new_file.jpg";
$fp=($file,"w");

fwrite($fp,$_SESSION['obj_image_session']);

Answer 5

If you have to keep the data, I would suggest keeping it as base64_encoded string. You can directly send base64_encode image data to the browser.

If I'd be in similar situation i would have rather saved the image and kept the information about the image in session/db. If for some reason the registration fails, i would unlink the file later. and occasionally run cron jobs to locate missing links with the images.

But i will really suggest you to stick to the second option and avoid the hassle altogether.

Answer 6

I'd save the file to disk, you could even name it using the user's session id. Then there could be some sort of clean up script which is run as a cron job and deletes the images of people who never successfully paid.

If you try and store an image in the session, you're doing it wrong.