[Editing Add-Print]

Thanks! 

[Editing Add-Print]

Good day all,

 

I am new to Php, and trying to edit script 17.1.   I'm running into problems with inserting into database.  After running the script the error message I get is:

 

 

The file has been uploaded!

Warning: mysqli_stmt_bind_param() [function.mysqli-stmt-bind-param]: Number of elements in type definition string doesn't match number of bind variables in C:\xampp\htdocs\dwsite\add_print.php on line 122

Your submission could not be processed due to a system error.

 

 

Line 22 is in blue below

 

My script is below:

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
    <title>Add a Print</title>
</head>
<body>
<?php # Script 17.1 - add_print.php
// This page allows the administrator to add a print (product).

require_once ('mysqli_connect.php');

if (isset($_POST['submitted'])) { // Handle the form.
    
    // Validate the incoming data...
    $errors = array();

    // Check for a print name:
    if (!empty($_POST['print_name'])) {
        $pn = trim($_POST['print_name']);
    } else {
        $errors[] = 'Please enter the print\'s name!';
    }
    
    // Check for an image:
    if (is_uploaded_file ($_FILES['image']['tmp_name'])) {
    
        // Create a temporary file name:
        $temp = 'uploads/' . md5($_FILES['image']['name']);
        //$temp = '../../uploads/' . md5($_FILES['image']['name']);
    
        // Move the file over:
        if (move_uploaded_file($_FILES['image']['tmp_name'], $temp)) {
    
            echo '<p>The file has been uploaded!</p>';
            
            // Set the $i variable to the image's name:
            $i = $_FILES['image']['name'];
    
        } else { // Couldn't move the file over.
            $errors[] = 'The file could not be moved.';
            $temp = $_FILES['image']['tmp_name'];
        }

    } else { // No uploaded file.
        $errors[] = 'No file was uploaded.';
        $temp = NULL;
    }
    
    // Check for a size (not required):
    $s = (!empty($_POST['size'])) ? trim($_POST['size']) : NULL;
    
    // Check for a price:
    if (is_numeric($_POST['price'])) {
        $p = (float) $_POST['price'];
    } else {
        $errors[] = 'Please enter the print\'s price!';
    }
    
    // Check for a description (not required):
    $d = (!empty($_POST['description'])) ? trim($_POST['description']) : NULL;
    
    // Validate the artist...
    if (isset($_POST['property']) && ($_POST['property'] == 'new') ) {
        // If it's a new artist, add the artist to the database...
        
        // Validate the street and accom type names (neither required):
        $fn = (!empty($_POST['accom_type'])) ? trim($_POST['accom_type']) : NULL;
        $mn = (!empty($_POST['street_name'])) ? trim($_POST['street_name']) : NULL;

        // Check for a suburb_name...
        if (!empty($_POST['suburb_name'])) {
            
            $ln = trim($_POST['suburb_name']);
            
            // Add the property to the database:
            $q = 'INSERT INTO properties (accom_type, street_name, suburb_name) VALUES (?, ?, ?)';
            $stmt = mysqli_prepare($dbc, $q);
            if($stmt == false) {
        die("<pre>".mysqli_error($dbc).PHP_EOL.$query."</pre>");
    }  
            mysqli_stmt_bind_param($stmt, 'sss', $fn, $mn, $ln);
            mysqli_stmt_execute($stmt);
            
            // Check the results....
            if (mysqli_stmt_affected_rows($stmt) == 1) {
                echo '<p>The property has been added.</p>';
                $a = mysqli_stmt_insert_id($stmt); // Get the artist ID.
            } else { // Error!
                $errors[] = 'The new property could not be added to the database!';
            }
            
            // Close this prepared statement:
            mysqli_stmt_close($stmt);
            
        } else { // No last name value.
            $errors[] = 'Please enter the property\'s name!';
        }
        
    } elseif ( isset($_POST['property']) && ($_POST['property'] == 'existing') && ($_POST['existing'] > 0) ) { // Existing artist.
        $a = (int) $_POST['existing'];
    } else { // No artist selected.
        $errors[] = 'Please enter or select the print\'s property!';
    }
    
    if (empty($errors)) { // If everything's OK.
    
        // Add the print to the database:
        $q = 'INSERT INTO prints (prop_id, print_name, price, size, description, image_name) VALUES (?, ?, ?, ?, ?, ?)';
        //$stmt = mysqli_prepare($dbc, $q);
        $stmt = mysqli_prepare($dbc, $q);
            if($stmt == false) {
        die("<pre>".mysqli_error($dbc).PHP_EOL.$query."</pre>");
    }  
        mysqli_stmt_bind_param($stmt, 'idddddss', $a, $pn, $p, $s, $d, $i);
        mysqli_stmt_execute($stmt);
        
        // Check the results...
        if (mysqli_stmt_affected_rows($stmt) == 1) {
        
            // Print a message:
            echo '<p>The print has been added.</p>';
            
            // Rename the image:
            $id = mysqli_stmt_insert_id($stmt); // Get the print ID.
            //rename ($temp, "../../uploads/$id");
            rename ($temp, "uploads/$id");
            
            // Clear $_POST:
            $_POST = array();
            
        } else { // Error!
            echo '<p style="font-weight: bold; color: #C00">Your submission could not be processed due to a system error.</p>';
        }
        
        mysqli_stmt_close($stmt);
        
    } // End of $errors IF.
    
    // Delete the uploaded file if it still exists:
    if ( isset($temp) && file_exists ($temp) && is_file($temp) ) {
        unlink ($temp);
    }
    
} // End of the submission IF.

// Check for any errors and print them:
if ( !empty($errors) && is_array($errors) ) {
    echo '<h1>Error!</h1>
    <p style="font-weight: bold; color: #C00">The following error(s) occurred:<br />';
    foreach ($errors as $msg) {
        echo " - $msg<br />\n";
    }
    echo 'Please reselect the print image and try again.</p>';
}

// Display the form...
?>
<h1>Add a Property</h1>
<form enctype="multipart/form-data" action="add_print.php" method="post">

    <input type="hidden" name="MAX_FILE_SIZE" value="524288" />
    
    <fieldset><legend>Fill out the form to add a print to the catalog:</legend>
    
    <p><b>Property Name:</b> <input type="text" name="print_name" size="30" maxlength="60" value="<?php if (isset($_POST['print_name'])) echo htmlspecialchars($_POST['print_name']); ?>" /></p>
    
    <p><b>Image:</b> <input type="file" name="image" /></p>
    
    <div><b>Property:</b>
    <p><input type="radio" name="property" value="existing" <?php if (isset($_POST['property']) && ($_POST['property'] == 'existing') ) echo ' checked="checked"'; ?> /> Existing =>
    <select name="existing"><option>Select One</option>
    <?php // Retrieve all the artists and add to the pull-down menu.
    $q = "SELECT prop_id, CONCAT_WS(' ', accom_type, street_name, suburb_name) FROM properties ORDER BY suburb_name, accom_type ASC";        
    //$r = mysqli_query ($dbc, $q);
    $r = mysqli_query($dbc, $q);
            if($r == false) {
        die("<pre>".mysqli_error($dbc).PHP_EOL.$query."</pre>");
        }
    if (mysqli_num_rows($r) > 0) {
        while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) {
            echo "<option value=\"$row[0]\"";
            // Check for stickyness:
            if (isset($_POST['existing']) && ($_POST['existing'] == $row[0]) ) echo ' selected="selected"';
            echo ">$row[1]</option>\n";
        }
    } else {
        echo '<option>Please add a new property.</option>';
    }
    mysqli_close($dbc); // Close the database connection.
    ?>
    </select></p>
    
    <p><input type="radio" name="property" value="new" <?php if (isset($_POST['property']) && ($_POST['property'] == 'new') ) echo ' checked="checked"'; ?> /> New =>
    Accomodation Type: <input type="text" name="accom_type" size="10" maxlength="20" value="<?php if (isset($_POST['accom_type'])) echo $_POST['accom_type']; ?>" />
    Street Name: <input type="text" name="street_name" size="10" maxlength="20" value="<?php if (isset($_POST['street_name'])) echo $_POST['street_name']; ?>" />
    Suburb Name: <input type="text" name="suburb_name" size="10" maxlength="40" value="<?php if (isset($_POST['suburb_name'])) echo $_POST['suburb_name']; ?>" /></p>
    </div>
    
    <p><b>Price:</b> <input type="text" name="price" size="10" maxlength="10" value="<?php if (isset($_POST['price'])) echo $_POST['price']; ?>" /> <small>Do not include the dollar sign or commas.</small></p>
    
    <p><b>Size:</b> <input type="text" name="size" size="30" maxlength="60" value="<?php if (isset($_POST['size'])) echo htmlspecialchars($_POST['size']); ?>" /> (optional)</p>
    
    <p><b>Description:</b> <textarea name="description" cols="40" rows="5"><?php if (isset($_POST['description'])) echo $_POST['description']; ?></textarea> (optional)</p>
    
    </fieldset>
        
    <div align="center"><input type="submit" name="submit" value="Submit" /></div>
    <input type="hidden" name="submitted" value="TRUE" />

</form>

</body>
</html>

<body>
</body>
</html>