Jump to content

PDO File upload errors


Go to solution Solved by Ch0cu3r,

Recommended Posts

I'm new to PHP and PDO however i've read about how effective PDO is I'm working on a file upload and so far i think the code is alright however i keep receiving this error 

 

Fatal error: Call to a member function prepare() on a non-object on line 10

 

​I've read that it is to do with the database connection but looking at it from my perpesctive i can't seem to find where the code has gone wrong 

<?php
session_start();
$usid=$_SESSION["usersid"];
include_once "conninfo2.php";

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";
    $stmt  = $con->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }
        $filename = $key.$_FILES['files']['name'][$key];
        $fsize = $_FILES['files']['size'][$key];
        $file_tmp  = $_FILES['files']['tmp_name'][$key];
        $ftype = $_FILES['files']['type'][$key];  
        if($fsize > 2097152){
            $errors[] = 'File size must be less than 2 MB';
            continue;
        }
        try{       
            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->execute();

            $desired_dir="fileupload/";

            if(is_dir($desired_dir)==false){
                mkdir($desired_dir, 0700);// Create directory if it does not exist
            }
            if(is_file($desired_dir.'/'.$filename)==false){
                move_uploaded_file($file_tmp,$desired_dir.'/'.$filename);
            }else{    //rename the file if another one exist
                $new_file=$desired_dir.'/'.$filename.time();
                move_uploaded_file($file_tmp,$new_file) ;               
            }
        }catch(PDOException $e){
            $errors[] = $filename . 'not saved in the database.';
            echo $e->getMessage();
        }   
    }
    if(empty($error)){
        echo "The upload has been successful";
    }
}
?>
Link to comment
https://forums.phpfreaks.com/topic/288386-pdo-file-upload-errors/
Share on other sites

You have five placeholders in your query

    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";

But you are only bounding the first three a value

            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->execute();

You need to bound a value for the remianing two placeholders called  :uid  and  :0

Edited by Ch0cu3r

i binded the other 2 values and it goes back to the original error

 

$stmt  = $db->prepare($query);

 

i know its the $db thats causing the issue but I have it in my connection php file or do i need a separate like a functions file

Edited by R0xxy

Fatal error: Call to a member function prepare() on a non-object on line 8

<?
$db_host = "localhost";

$db_username = "user1"; 

$db_pass = "pass1"; 

$db_name = "roxy";
try{
	$db = new PDO('mysql:host='.$db_host.';dbname='.$db_name,$db_username,$db_pass);
	$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e){
	echo $e->getMessage();
	exit();
}
?>

Edited by R0xxy

thanks its help although i've encountered this error

SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'subfolder' cannot be null

i change the column to null to see if it solves the issue which it does however i dont want the column to be null is there a way round this ??

the subfolder as the root folder will be known as 0 once folders are created they will be assigned numbers higher than 0

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";
    $stmt  = $db->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }

I'm getting the error parameter needs to be equal to 1 and or  Invalid parameter number: number of bound variables does not match number of tokens

 

​i read that parameters start at 1 but i want the root folder to be set to 0 is there a way round this

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,0)";
    $stmt  = $db->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }
        $filename = $key.$_FILES['files']['name'][$key];
        $fsize = $_FILES['files']['size'][$key];
        $file_tmp  = $_FILES['files']['tmp_name'][$key];
        $ftype = $_FILES['files']['type'][$key];  
        if($fsize > 2097152){
            $errors[] = 'File size must be less than 2 MB';
            continue;
        }
        try{       
            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->bindParam( ':usid', $usid, PDO::PARAM_STR );
            $stmt->bindParam( ':0', $subfolder, PDO::PARAM_STR );
            $stmt->execute();

C'mon, it shouldn't be so hard to pass four values to four parameters.

 

You have four parameters:

  • filename
  • fsize
  • ftype
  • usid

Now you need to pass exactly one value to each of those parameters. You're still trying to access your weird “:0” parameter which you've just deleted.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.