How do I set a header() and echo an image using CodeIgniter?

Question

Hi,

I've written a method to set a header() to the appropriate file type of an upload stored in a database and then I would like to echo() the file.

The method is as follows inside a controller:

function view_upload( $id = 0 ) {

    $id = $this->db->escape( $id );

    $query = $this->db->query( "SELECT file_type FROM media WHERE id = $id" )->row();
    $query2 = $this->db->query( "SELECT file FROM media WHERE id = $id" )->row();  

    header("Content-type: ".$query->file_type);
    //die( "moo" );
    echo( $query2->file );
}

Strangely as soon as I set the header() the rest of the method seems to be ignored, for example, if I uncomment the die() statement it doesn't die and it doesn't echo the image. If I remove the header() call I see the raw upload blob presented to the screen..

Is this something to do with CodeIgniter or have I made a PHP mistake?

EDIT:

I've changed the function and put it in a separate file outside of CodeIgniter but if I browse to it and pass in an $id it still doesn't display the image...

<?php
// just so we know it is broken
error_reporting(E_ALL);
// some basic sanity checks
if(isset($_GET['id']) && is_numeric($_GET['id'])) {
    //connect to the db
    $link = mysql_connect("localhost", "user", "pass") or die("Could not connect: " . mysql_error());

    // select our database
    mysql_select_db("database") or die(mysql_error());

    $id = $_GET['id'];

    // get the file from the db
    $sql = "SELECT file FROM media WHERE id=$id";
    // the result of the query
    $result = mysql_query("$sql") or die("Invalid query: " . mysql_error());

    // get the file_type from the db
    $sql = "SELECT file_type FROM media WHERE id=$id";
    // the result of the query
    $result2 = mysql_query("$sql") or die("Invalid query: " . mysql_error());

    // set the header for the image
    //ob_clean();
    //die( mysql_result($result, 0) );
    //header('Content-type:'.mysql_result($result2, 0));
    header('Content-type: image/png');
    //ob_clean();
    echo mysql_result($result, 0);

    // close the db link
    mysql_close($link);
}
else {
    echo 'Please use a real id number';
}
?>

die() on the two $result produces what I would expect but it's not displaying the page in the browser. Again if I add ob_clean() it says:

ob_clean() [<a href='ref.outcontrol'>ref.outcontrol</a>]: failed to delete buffer. No buffer to delete.

I've copied the code from here: http://www.phpriot.com/articles/images-in-mysql/8 if that helps at all..

Answer 1

It turns out that the image in the database was corrupt, and hence not displaying, because I had added addslashes() to the file contents (not really sure why, seem to remember reading it was useful in combating XSS vulnerabilities).

Removing that meant I had non-corrupt images stored and then they displayed okay.