Jump to content

PDO File upload errors

R0xxy

By R0xxy
in PHP Coding Help

 Share
Go to solution Solved by Ch0cu3r,

Recommended Posts

R0xxy Newbie

R0xxy

Posted
Posted

I'm new to PHP and PDO however i've read about how effective PDO is I'm working on a file upload and so far i think the code is alright however i keep receiving this error 

 

Fatal error: Call to a member function prepare() on a non-object on line 10

 

​I've read that it is to do with the database connection but looking at it from my perpesctive i can't seem to find where the code has gone wrong 

<?php
session_start();
$usid=$_SESSION["usersid"];
include_once "conninfo2.php";

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";
    $stmt  = $con->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }
        $filename = $key.$_FILES['files']['name'][$key];
        $fsize = $_FILES['files']['size'][$key];
        $file_tmp  = $_FILES['files']['tmp_name'][$key];
        $ftype = $_FILES['files']['type'][$key];  
        if($fsize > 2097152){
            $errors[] = 'File size must be less than 2 MB';
            continue;
        }
        try{       
            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->execute();

            $desired_dir="fileupload/";

            if(is_dir($desired_dir)==false){
                mkdir($desired_dir, 0700);// Create directory if it does not exist
            }
            if(is_file($desired_dir.'/'.$filename)==false){
                move_uploaded_file($file_tmp,$desired_dir.'/'.$filename);
            }else{    //rename the file if another one exist
                $new_file=$desired_dir.'/'.$filename.time();
                move_uploaded_file($file_tmp,$new_file) ;               
            }
        }catch(PDOException $e){
            $errors[] = $filename . 'not saved in the database.';
            echo $e->getMessage();
        }   
    }
    if(empty($error)){
        echo "The upload has been successful";
    }
}
?>
Link to comment
Share on other sites
R0xxy Newbie

R0xxy

Posted
  • Author
Posted

do mean defined in the connection of the database coz i changed the $conn to $db like in my conn info.php and got this error

 

SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens

Link to comment
Share on other sites
Ch0cu3r Newbie

Ch0cu3r

Posted
Posted (edited)

You have five placeholders in your query

    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";

But you are only bounding the first three a value

            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->execute();

You need to bound a value for the remianing two placeholders called  :uid  and  :0

Edited by Ch0cu3r
Link to comment
Share on other sites
R0xxy Newbie

R0xxy

Posted
  • Author
Posted (edited)

i binded the other 2 values and it goes back to the original error

 

$stmt  = $db->prepare($query);

 

i know its the $db thats causing the issue but I have it in my connection php file or do i need a separate like a functions file

Edited by R0xxy
Link to comment
Share on other sites
R0xxy Newbie

R0xxy

Posted
  • Author
Posted (edited)

Fatal error: Call to a member function prepare() on a non-object on line 8

<?
$db_host = "localhost";

$db_username = "user1"; 

$db_pass = "pass1"; 

$db_name = "roxy";
try{
	$db = new PDO('mysql:host='.$db_host.';dbname='.$db_name,$db_username,$db_pass);
	$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch(PDOException $e){
	echo $e->getMessage();
	exit();
}
?>
Edited by R0xxy
Link to comment
Share on other sites
R0xxy Newbie

R0xxy

Posted
  • Author
Posted

thanks its help although i've encountered this error

SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'subfolder' cannot be null

i change the column to null to see if it solves the issue which it does however i dont want the column to be null is there a way round this ??

Link to comment
Share on other sites
R0xxy Newbie

R0xxy

Posted
  • Author
Posted

the subfolder as the root folder will be known as 0 once folders are created they will be assigned numbers higher than 0

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,:0)";
    $stmt  = $db->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }
Link to comment
Share on other sites
R0xxy Newbie

R0xxy

Posted
  • Author
Posted

I'm getting the error parameter needs to be equal to 1 and or  Invalid parameter number: number of bound variables does not match number of tokens

 

​i read that parameters start at 1 but i want the root folder to be set to 0 is there a way round this

if(isset($_FILES['files'])){
    $query = "INSERT into files(`filename`,`fsize`,`ftype`,`usid`,`subfolder`)
             VALUES(:filename,:fsize,:ftype,:usid,0)";
    $stmt  = $db->prepare($query);
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $error ){
        if ($error != UPLOAD_ERR_OK) {
            $errors[] = $_FILES['files']['name'][$key] . ' the file was not uploaded.';
            continue;
        }
        $filename = $key.$_FILES['files']['name'][$key];
        $fsize = $_FILES['files']['size'][$key];
        $file_tmp  = $_FILES['files']['tmp_name'][$key];
        $ftype = $_FILES['files']['type'][$key];  
        if($fsize > 2097152){
            $errors[] = 'File size must be less than 2 MB';
            continue;
        }
        try{       
            $stmt->bindParam( ':filename', $filename , PDO::PARAM_STR );
            $stmt->bindParam( ':fsize', $fsize, PDO::PARAM_STR );
            $stmt->bindParam( ':ftype', $ftype, PDO::PARAM_STR );
            $stmt->bindParam( ':usid', $usid, PDO::PARAM_STR );
            $stmt->bindParam( ':0', $subfolder, PDO::PARAM_STR );
            $stmt->execute();
Link to comment
Share on other sites
Jacques1 Prolific Member

Jacques1

Posted
Posted

C'mon, it shouldn't be so hard to pass four values to four parameters.

 

You have four parameters:

  • filename
  • fsize
  • ftype
  • usid

Now you need to pass exactly one value to each of those parameters. You're still trying to access your weird “:0” parameter which you've just deleted.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.