PDO File upload errors

R0xxy · May 10, 2014

I'm new to PHP and PDO however i've read about how effective PDO is I'm working on a file upload and so far i think the code is alright however i keep receiving this error

Fatal error: Call to a member function prepare() on a non-object on line 10

I've read that it is to do with the database connection but looking at it from my perpesctive i can't seem to find where the code has gone wrong

<?php
session_start();
$usid=$_SESSION["usersid"];
include_once "conninfo2.php";

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";
    $stmt  = $con->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }
        $filename = $key.$_FILES['files']['name'][$key];
        $fsize = $_FILES['files']['size'][$key];
        $file_tmp  = $_FILES['files']['tmp_name'][$key];
        $ftype = $_FILES['files']['type'][$key];  
        if($fsize > 2097152){
            $errors[] = 'File size must be less than 2 MB';
            continue;
        }
        try{       
            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->execute();

            $desired_dir="fileupload/";

            if(is_dir($desired_dir)==false){
                mkdir($desired_dir, 0700);// Create directory if it does not exist
            }
            if(is_file($desired_dir.'/'.$filename)==false){
                move_uploaded_file($file_tmp,$desired_dir.'/'.$filename);
            }else{    //rename the file if another one exist
                $new_file=$desired_dir.'/'.$filename.time();
                move_uploaded_file($file_tmp,$new_file) ;               
            }
        }catch(PDOException $e){
            $errors[] = $filename . 'not saved in the database.';
            echo $e->getMessage();
        }   
    }
    if(empty($error)){
        echo "The upload has been successful";
    }
}
?>

mac_gyver · May 10, 2014

start by looking at line 10 and work your way backwards - $stmt = $con->prepare($query); the error means that $con isn't an object. where is $con defined and are you sure it is defined and contains what you expect?

R0xxy · May 10, 2014

do mean defined in the connection of the database coz i changed the $conn to $db like in my conn info.php and got this error

SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens

Ch0cu3r · May 10, 2014

You have five placeholders in your query

    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";

But you are only bounding the first three a value

            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->execute();

You need to bound a value for the remianing two placeholders called :uid and :0

R0xxy · May 10, 2014

i binded the other 2 values and it goes back to the original error

$stmt = $db->prepare($query);

i know its the $db thats causing the issue but I have it in my connection php file or do i need a separate like a functions file

Ch0cu3r · May 10, 2014

Can you post the full error message you're getting.

Also post how $db is being defined.

R0xxy · May 10, 2014

Fatal error: Call to a member function prepare() on a non-object on line 8

<?
$db_host = "localhost";

$db_username = "user1"; 

$db_pass = "pass1"; 

$db_name = "roxy";
try{
	$db = new PDO('mysql:host='.$db_host.';dbname='.$db_name,$db_username,$db_pass);
	$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e){
	echo $e->getMessage();
	exit();
}
?>

Ch0cu3r · May 10, 2014

Try using the full opening PHP tag <?php in conninfo2.php

R0xxy · May 10, 2014

thanks its help although i've encountered this error

SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'subfolder' cannot be null

i change the column to null to see if it solves the issue which it does however i dont want the column to be null is there a way round this ??

Ch0cu3r · May 10, 2014

What value are you binding to the :0 placeholder?

R0xxy · May 10, 2014

the subfolder as the root folder will be known as 0 once folders are created they will be assigned numbers higher than 0

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";
    $stmt  = $db->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }

Ch0cu3r · May 10, 2014

In that case you dont need a placeholder for the subfolder column (remove the colon infront of the zero)

$query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,0)";

R0xxy · May 10, 2014

I'm getting the error parameter needs to be equal to 1 and or Invalid parameter number: number of bound variables does not match number of tokens

i read that parameters start at 1 but i want the root folder to be set to 0 is there a way round this

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,0)";
    $stmt  = $db->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }
        $filename = $key.$_FILES['files']['name'][$key];
        $fsize = $_FILES['files']['size'][$key];
        $file_tmp  = $_FILES['files']['tmp_name'][$key];
        $ftype = $_FILES['files']['type'][$key];  
        if($fsize > 2097152){
            $errors[] = 'File size must be less than 2 MB';
            continue;
        }
        try{       
            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->bindParam( ':usid', $usid, PDO::PARAM_STR );
            $stmt->bindParam( ':0', $subfolder, PDO::PARAM_STR );
            $stmt->execute();

Jacques1 · May 10, 2014

C'mon, it shouldn't be so hard to pass four values to four parameters.

You have four parameters:

filename
fsize
ftype
usid

Now you need to pass exactly one value to each of those parameters. You're still trying to access your weird “:0” parameter which you've just deleted.

R0xxy · May 10, 2014

i just removed it thanks for the help

Sign In

PDO File upload errors

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information