1

我有一个 SQLite 数据库,我有一个名为 PersonalPic 的 BLOB 类型的字段

这是我将图像保存到 SQLite 的代码

cm.CommandText = "insert into People(Name,FullName,FatherName,MotherName,NationalID,Mobile,Phone,Birth,Intma,Info,Address,CuAddress,PersonalPic,Pics) values('"+textBox1.Text+"','"+textBox2.Text+"','"+textBox3.Text+"','"+textBox4.Text+"','"+textBox5.Text+"','"+textBox6.Text+"','"+textBox7.Text+"','"+dateTimePicker1.Value.ToString("yyyy-MM-dd")+"','"+textBox8.Text+"','"+textBox9.Text+"','"+textBox10.Text+"','"+textBox11.Text+"','"+ConvertToString(personalpic)+"','"+ConvertToString(pic)+"')";
            cm.ExecuteNonQuery();



public string ConvertToString(String path)
        {
            FileStream fs = new FileStream(path,
            FileMode.OpenOrCreate, FileAccess.Read);
            byte[] rawData = new byte[fs.Length];
            fs.Read(rawData, 0, System.Convert.ToInt32(fs.Length));
            fs.Close();

            // Convert byte[] to Base64 String
            string base64String = Convert.ToBase64String(rawData);

            return base64String;
        }

当我尝试检索它给我的图像时,它的保存没有任何问题 Parameter is no valid Exception

SQLiteDataReader reader = cm.ExecuteReader();
            if (reader.HasRows)
            {
                while (reader.Read())
                {

                        textBox1.Text = reader["Name"].ToString();
                        textBox2.Text = reader["FullName"].ToString();
                        textBox3.Text = reader["FatherName"].ToString();
                        textBox4.Text = reader["MotherName"].ToString();
                        textBox5.Text = reader["NationalID"].ToString();
                        textBox6.Text = reader["Mobile"].ToString();
                        textBox7.Text = reader["Phone"].ToString();
                        dateTimePicker1.Value = DateTime.Parse(reader["Birth"].ToString());
                        textBox8.Text = reader["Intma"].ToString();
                        textBox9.Text = reader["Info"].ToString();
                        byte[] photoarray = (byte[])reader["PersonalPic"];
                        MemoryStream ms = new MemoryStream(photoarray);
                        MessageBox.Show(photoarray.Length.ToString());
                        ms.Position = 0;
                        pictureBox1.Image = Image.FromStream(ms);



                }
            }
            reader.Close();

异常在行中 (pictureBox1.Image = Image.FromStream(ms))

请帮忙!!

4

1 回答 1

2

除了可怕的 sql injection insert 语句之外,您还将图片byte数组转换为 B64 string。而且您不会将其转换回另一端。您正在将完整的垃圾数据传递给您的图片框。要么将其从byte[]-> B64转换回来string,然后将其解码回 .. 要么一开始就不要将byte[]其保存为 B64string

替换ConvertToStringConvertToBlob

    public byte[] ConvertToBlob(String path)
    {
        FileStream fs = new FileStream(path,
        FileMode.OpenOrCreate, FileAccess.Read);
        byte[] rawData = new byte[fs.Length];
        fs.Read(rawData, 0, System.Convert.ToInt32(fs.Length));
        fs.Close();


        return rawData;
    }

并将原始数据 Byte[] 直接传递给您的 SQL 查询(您需要将其重写为参数化查询)。

于 2013-09-26T14:48:40.173 回答