Search the Community

This is my php code like the admin code in ecommerce chapter of book PHP 6 and mysql. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Add a dress</title> </head> <body> <?php ini_set ('display_errors', 1); require_once('../../mysqli_connect.php'); if (isset($_POST['submitted'])) { $errors=array(); if(!empty($_POST['dress_name'])) { $dn =trim($_POST['dress_name']); } else { $errors[]='please enter the dress name!'; } // Check for an image: if (is_uploaded_file ($_FILES['image']['tmp_name'])) { // Create a temporary file name: $temp = '../../uploads/' . md5($_FILES['image']['name']); // Move the file over: if (move_uploaded_file($_FILES['image']['tmp_name'], $temp)) { echo '<p>The file has been uploaded!</p>'; // Set the $i variable to the image name: $i = $_FILES['image']['name']; } else { // Couldn't move the file over. $errors[] = 'The file could not be moved.'; $temp = $_FILES['image']['tmp_name']; } } else { // No uploaded file. $errors[] = 'No file was uploaded.'; $temp = NULL; } // Check for a color : $c=(!empty($_POST['color'])) ? trim($_POST['color']):NULL ; // Check for origional price: if (is_numeric($_POST['origional_price'])) { $op = (float) $_POST['origional_price']; } else { $errors[] = 'Please enter the dress price!'; } // Check for our price: if (is_numeric($_POST['our_price'])) { $rp = (float) $_POST['our_price']; } else { $errors[] = 'Please enter the dress price!'; } // Check for a description (not required): $d = (!empty($_POST['description'])) ? trim($_POST['description']): NULL; // Validate the designer... if (isset($_POST['designer']) && ($_POST['designer'] == 'new') ) { // If it's a new designer, add the designer to the database... // Validate the first and middle names : if (!empty($_POST['first_name'])) { $fn = trim($_POST['first_name']); $mn = (!empty($_POST['middle_name'])) ? trim($_POST['middle_name']) : NULL; // Check for a last_name... if (!empty($_POST['last_name'])) $ln = trim($_POST['last_name']); // Add the designer to the database: $q = 'INSERT INTO designers (first_name, middle_name, last_name) VALUES (?, ?, ?)'; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'sss', $fn, $mn, $ln); mysqli_stmt_execute($stmt); // Check the results.... if (mysqli_stmt_affected_rows($stmt) == 1) { echo '<p>The designer has been added.</p>'; $designer = mysqli_stmt_insert_id($stmt); // Get the designer ID. } else { $errors[] = 'The new designer could not be added to the database!'; } // Close this prepared statement: mysqli_stmt_close($stmt); } else { // No last name value. $errors[] = 'Please enter the designer name!'; } } elseif ( isset($_POST['designer']) && ($_POST['designer'] == 'existing') && ($_POST['existing'] > 0) ) { // Existing designer. $designer = (int) $_POST['existing']; } else { // No designer selected. $errors[] = 'Please enter or select the dress designer'; } if (empty($errors)) { // If everything's OK. // Add the dress to the database: $q = "INSERT INTO dresses (designer, dress_name, origional_price, our_price, color, description, image_name) VALUES (?, ?, ?, ?, ?, ?,?)"; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param( $stmt, 'isdsss', $designer, $dn, $op, $rp, $c, $d,$i); mysqli_stmt_execute($stmt); // Check the results... if (mysqli_stmt_affected_rows($stmt) == 1) { // Print a message: echo '<p>The dress has been added.</p>'; // Rename the image: $id = mysqli_stmt_insert_id($stmt); // Get the dress ID. rename ($temp, "../../uploads/$id"); // Clear $_POST: $_POST = array(); } else { // Error! echo '<p style="font-weight: bold; color: #C00">Your submission could not be processed due to a system error.</p>'; } mysqli_stmt_close($stmt); } // End of $errors IF. // Delete the uploaded file if it still exists: if ( isset($temp) && file_exists ($temp) && is_file($temp) ) { unlink ($temp); } } // End of the submission IF. // Check for any errors and print them: if ( !empty($errors) && is_array($errors) ) { echo '<h1>Error!</h1> <p style="font-weight: bold; color: #C00">The following error(s) occurred:<br />'; foreach ($errors as $msg) { echo " - $msg<br />\n"; } echo 'Please reselect the dress image and try again.</p>'; } ?> <h1>Add a dress</h1> <form enctype="multipart/form-data" action="add_dress.php" method="post"> <input type="hidden" name="MAX_FILE_SIZE" value="524288" /> <fieldset><legend>Fill out the form to add a dress to the catalog: </legend> <p><b>Dress Name:</b> <input type="text" name="dress_name" size="30" maxlength="60" value="<?php if (isset($_POST['dress_name'])) echo htmlspecialchars($_POST['dress_name']); ?>" /></p> <p><b>Image:</b> <input type="file" name="image" /></p> <div><b>Designer:</b> <p><input type="radio" name="designer" value="existing" <?php if (isset($_POST['designer']) && ($_POST['designer'] == 'existing') ) echo ' checked="checked"'; ?> /> Existing => <select name="existing"> <option>Select One </option> <?php // Retrieve all the designers and add to the pull-down menu. $q = "SELECT designer_id, CONCAT_WS(' ', first_name, middle_name, last_name) FROM designers ORDER BY first_name, last_name ASC"; $r = mysqli_query ($dbc, $q); if (mysqli_num_rows($r) > 0) { while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) { echo "<option value=\"$row[0]\""; // Check for stickyness: if (isset($_POST['existing']) && ($_POST['existing'] == $row[0]) ) echo ' selected="selected"'; echo ">$row[1] </option> \n"; } } else { echo '<option> Please add a new designer. </option>'; } mysqli_close($dbc); // Close the database connection. ?> </select> </p> <p><input type="radio" name="designer" value="new" <?php if (isset($_POST['designer']) && ($_POST['designer'] == 'new') ) echo ' checked="checked"'; ?> /> New => First Name: <input type="text" name="first_name" size="10" maxlength="20" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" /> Middle Name: <input type="text" name="middle_name" size="10" maxlength="20" value="<?php if (isset($_POST['middle_name'])) echo $_POST['middle_name']; ?>" /> Last Name: <input type="text" name="last_name" size="10" maxlength="40" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name'];?>" /></p> </div> <p><b>Origional Price:</b> <input type="text" name="origional_price" size="10" maxlength="10" value="<?php if (isset($_POST['origional_price'])) echo $_POST['origional_price']; ?>" /> <small>Do not include the dollar sign , commas or Rs.</small></p> <p><b>Our Price:</b> <input type="text" name="our_price" size="10" maxlength="10" value="<?php if (isset($_POST['our_price'])) echo $_POST['our_price']; ?>" /> <small>Do not include the dollar sign, commas or Rs.</small></p> <p><b>color:</b> <input type="text" name="color" size="30" maxlength="60" value="<?php if (isset($_POST['color'])) echo htmlspecialchars($_POST['color']); ?>" /> (optional)</p> <p><b> Description: </b> <textarea name="description" cols="40" rows="5"> <?php if (isset($_POST['description'])) echo $_POST['description'] ?> </textarea> (optional) </p> </fieldset> <div align="center"><input type="submit" name="submit" value="Submit" /> </div> <input type="hidden" name="submitted" value="TRUE" /> </form> </body> </html> these are the errors: Warning: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, boolean given in C:\xampp\htdocs\admin\add_dress.php on line 140 Warning: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, boolean given in C:\xampp\htdocs\admin\add_dress.php on line 141 Warning: mysqli_stmt_affected_rows() expects parameter 1 to be mysqli_stmt, boolean given in C:\xampp\htdocs\admin\add_dress.php on line 145 Your submission could not be processed due to a system error. Warning: mysqli_stmt_close() expects parameter 1 to be mysqli_stmt, boolean given in C:\xampp\htdocs\admin\add_dress.php on line 166 please help me i ve been trying to solve it for three days but no use