margaux Posted February 5, 2012 Share Posted February 5, 2012 I'm having trouble with the addPrint php script and hoping someone can spot my error. The form validation works as I get the appropriate error messages and I know I'm connecting to the database as the list of artists is being displayed in a drop down menu on the form. I also receive the message 'the image file has been uploaded' so I'm getting part way there. but I also get the following warnings: Warning: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, boolean given in /Applications/MAMP/htdocs/Ecommerce/admin/addPrint.php on line 55 Warning: mysqli_stmt_execute() expects parameter 1 to be mysqli_stmt, boolean given in /Applications/MAMP/htdocs/Ecommerce/admin/addPrint.php on line 56 Notice: Use of undefined constant mysqli_stmt_affected_rows - assumed 'mysqli_stmt_affected_rows' in /Applications/MAMP/htdocs/Ecommerce/admin/addPrint.php on line 57 and my error message 'The print could not be inserted etc...". I'm thinking the problem is with the prepared insert statement and possibly to do with the $a variable as the selected artist is not 'sticky'. any suggestions??? Also I'm not familiar with the $_POST['existing'], is there somewhere I could learn more about that bit of code, didnt find anything in the php manual. here's my addPrint.php code <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Add an Artist</title> <style> body {font-family:sans-serif; color:#666666} .error {font-weight:bold; color:#c00;} </style> </head> <body> <?php //ADD Print - // require ('../../mysqli_connect.php'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $errors = array(); if (!empty($_POST['printname'])) { $pn = trim($_POST['printname']); } else { $errors[] = 'Please enter the print\'s name'; } if (is_uploaded_file($_FILES['image']['tmp_name'])){ $temp = '../../uploads/' . md5($_FILES['image']['name']); if (move_uploaded_file($_FILES['image']['tmp_name'], $temp)) { echo '<p>The image file has been uploaded.</p>'; $i = $_FILES['image']['name']; } else { $errors[] = "The file could not be moved."; $temp = $_FILES['image']['tmp_name']; } } else { $errors[] = 'No file was uploaded.'; $temp = NULL; } $s = (!empty($_POST['size'])) ? trim($_POST['size']) : NULL; if (is_numeric($_POST['price']) && ($_POST['price'] > 0)) { $p = (float)$_POST['price']; } else { $errors[] = 'Please enter the print\'s price.'; } $d = (!empty($_POST['descrip'])) ? trim($_POST['descrip']) : NULL; if (isset($_POST['artist']) && filter_var($_POST['artist'], FILTER_VALIDATE_INT, array('min_range' => 1)) ) { $a = $_POST['artist']; } else { $errors[] = 'No artist was selected, please select the print\'s artist.'; } // insert the record into the database if (empty($errors)) { $q = 'INSERT INTO prints (artist_id, printname, price, size, description, imagename) VALUES (?, ?, ?, ?, ?, ?)'; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'isdsss', $a, $pn, $p, $s, $d, $i); mysqli_stmt_execute($stmt); if (mysqli_stmt_affected_rows ==1) { echo '<p>The print has been inserted successfully</p>'; $id = mysqli_stmt_insert_id($stmt); rename ($temp, "../../uploads/$id"); $_POST = array(); } else { echo '<p class="error">The print could not be inserted due to a system error. Please try later.</p>'; } mysqli_stmt_close($stmt); } if (isset($temp) && file_exists($temp) && is_file($temp) ){ unlink ($temp); } } if (!empty($errors) && is_array($errors)) { echo '<h2 class="error">Error!</h2><p class="error">The following errors occurred:<ul>'; foreach ($errors as $msg) { echo '<li>' . $msg . '</li>'; } echo '</ul><p>Please reselect the print image and try again.</p>'; } ?> <h1>Add a Print</h1> <form enctype="multipart/form-data" action="addPrint.php" method="post"> <input type="hidden" name="MAX_FILE_SIZE" value="524288" /> <fieldset><legend>Please fill in the form to add a print to the catalogue:</legend> <p><b>Print name: </b><input name="printname" type="text" size="30" maxlength="60" value="<?php if (isset($_POST['printname'])) echo htmlspecialchars($_POST['printname']); ?>"/></p> <p><b>Image: </b><input type="file" name="image" /></p> <p><b>Artist: </b><select name="artist"><option>Select One</option> <?php $q = "SELECT artist_id, CONCAT_WS(' ', firstname, middlename, lastname) FROM artists ORDER BY lastname, firstname ASC"; $r = mysqli_query($dbc, $q); if (mysqli_num_rows($r) > 0) { while ($row = mysqli_fetch_array($r, MYSQLI_NUM)) { echo "<option value = \"$row[0]\""; if (isset($_POST['existing']) && ($_POST['existing'] == $row[0])) echo ' selected="selected"'; echo ">$row[1]</option>\n"; } } else { echo '<option>Please add a new artist first.</option>'; } mysqli_close($dbc); ?> </select></p> <p><b>Price: </b> <input type="text" name="price" size="10" maxlength="10" value="<?php if (isset($_POST['price'])) echo $_POST['price']; ?>" /><small>Do not include the currency sign or commas.</small></p> <p><b>Size: </b> <input type="text" name="size" size="10" maxlength="10" value="<?php if (isset($_POST['size'])) echo htmlspecialchars($_POST['size']); ?>" /><small>optional</small></p> <p><b>Description: </b> <textarea name="descrip" cols="40" rows="6" > <?php if (isset($_POST['descrip'])) echo $_POST['descrip']; ?></textarea><small>optional</small></p> </fieldset> <div align="center"><input type="submit" name="submit" value="Add print" /></div> </form> </body> </html> Link to comment Share on other sites More sharing options...
margaux Posted February 5, 2012 Author Share Posted February 5, 2012 I've realised that in the artists table there is a typo on the description field which I've corrected and the affected_rows statement is incorrect, it should be if (mysqli_stmt_affected_rows($stmt) == 1) { AlsoI've put some debugging code in the script which yields the following: Notice: Query: INSERT INTO prints (artist_id, printname, price, size, description, imagename) VALUES (?, ?, ?, ?, ?, ?) MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, ?, ?, ?, ?, ?)' at line 1 in /Applications/MAMP/htdocs/Ecommerce/admin/addPrint.php on line 57 The print is inserted into the d/b and the file is uploaded to the uploads directory but I'm not sure what the above notice is referring to. I'd appreciate your suggestions. Thanks! Link to comment Share on other sites More sharing options...
Larry Posted February 6, 2012 Share Posted February 6, 2012 Well, what is the debugging code that created that result? Link to comment Share on other sites More sharing options...
margaux Posted February 6, 2012 Author Share Posted February 6, 2012 after mysqli_stmt_execute($stmt); I inserted this line of code $r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n <br />MySQL Error: " . mysqli_error($dbc)); Link to comment Share on other sites More sharing options...
Larry Posted February 6, 2012 Share Posted February 6, 2012 Yeah...that's not debugging code, that's code that will run another query and print any errors that occur should it fail. And since you've created the query for use as a prepared statement, that query will fail, as you saw. Link to comment Share on other sites More sharing options...
margaux Posted February 6, 2012 Author Share Posted February 6, 2012 of course, my mistake! Thanks for the comments. One question if you don't mind - where am I going wrong in the form code as the artist from the drop down menu is not sticking? Link to comment Share on other sites More sharing options...
Larry Posted February 6, 2012 Share Posted February 6, 2012 That was my mistake and it's in the errata: It shouldn't be $_POST['existing'] but $_POST['artist']. Link to comment Share on other sites More sharing options...
Recommended Posts