I'm trying to get an image file to send to a file I have in my host server called productpics/ and then send the file's name into my database with all of my other data in my form. I'm getting the image file to send to the productpics folder, but then my prepared statement breaks and nothing else happens. Nothing is sent to the db. I believe it is because of the way I'm trying to send the image file to the db.
The line I believe is breaking this is....
I'm getting this error with it when I submit the form, but regardless I'm not sure if I am trying to send this to the db correctly. Am I doing this the proper way or based on what I have, how can I structure this?
Fatal error: Function name must be a string in /home4/pfarley1/public_html/addproduct.php on line 110
//Create
$filename = $_FILES['file']['name'];
//$filesize = $_FILES['file']['size'];
//$filetype = $_FILES['file']['type'];
$tmp_name = $_FILES['file']['tmp_name'];
$file_error = $_FILES['file']['error'];
if (isset($filename )) {
if (!empty($filename)) {
$destinationFolder = 'productpics/';
if (move_uploaded_file($tmp_name, $destinationFolder.$filename)) {
echo 'Uploaded!';
} else {
echo 'There was an error!';
}
} else {
echo 'Please choose a file.';
}
}
if($validation->passed()) {
if(isset($_POST['create'])){
$product_id = trim( $_POST['product_id'] );
$product_name = trim( $_POST['product_name'] );
$price = trim( $_POST['price'] );
$saleprice = trim( $_POST['saleprice'] );
$final_price = trim( $_POST['final_price'] );
$shippingprice = trim( $_POST['shippingprice'] );
$category = trim( $_POST['category'] );
$item_details = trim( $_POST['item_details'] );
$item_details2 = trim( $_POST['item_details2'] );
$description = trim( $_POST['description'] );
$viewproduct_type = trim( $_POST['viewproduct_type'] );
$file = $_POST ($filename['img']);
}else {
foreach($validation->errors() as $error) {
echo $error, '<br>';
}
//Connection
$con = mysqli_connect("localhost","root","","bfb");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
/* create a prepared statement */
if ($stmt = mysqli_prepare($con, "INSERT INTO products (product_id, product_name, price, saleprice, final_price, shippingprice, category, item_details, item_details2, description, viewproduct_type, date_created, img) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?)")) {
/* bind parameters for markers */
$stmt->bind_param('isiiiissssss', $product_id, $product_name, $price, $saleprice, $final_price, $shippingprice, $category, $item_details, $item_details2, $description, $viewproduct_type, $file);
/* execute query */
$stmt->execute();
//if(!$stmt->execute()){trigger_error("there was an error....".$con->error, E_USER_WARNING);}
/* close statement */
mysqli_stmt_close($stmt);
echo "Success!";
} else {
echo "Failed!";
}
}
With all of that said, I am not getting anything to echo with my else statement for my prepared statement's query. I am not getting a 'Success!' or 'Failed!'. Why aren't any results of that showing?
My form for this(the img file part is at the bottom of it...
<form action="" method="POST" enctype="multipart/form-data">
<div class="field">
<label for="product_id">Product ID</label>
<input type="text" name="product_id" class="smallinputbar" required>
</div>
<div class="field">
<label for="product_name">Product Name</label>
<input type="text" class="inputbar" name="product_name" required>
</div>
<div class="field">
<label for="price">Product Price</label>
<input type="text" class="smallinputbar" name="price" required>
</div>
<div class="field">
<label for="saleprice">Sale Price</label>
<input type="text" class="smallinputbar" name="saleprice">
</div>
<div class="field">
<label for="final_price">Final Price</label>
<input type="text" class="smallinputbar" name="final_price" required>
</div>
<div class="field">
<label for="shippingprice">Shipping Price</label>
<input type="text" class="smallinputbar" name="shippingprice" required>
</div>
<div class="field">
<label for="category">Category</label>
<input type="text" class="inputbar" name="category" required>
</div>
<div class="field">
<label for="item_details">Item Details</label>
<input type="message" class="messageinput" name="item_details" required>
</div>
<div class="field">
<label for="item_details2">Item Details 2</label>
<input type="message" class="messageinput" name="item_details2">
</div>
<div class="field">
<label for="description">Description</label>
<input type="message" class="messageinput" name="description" required>
</div>
<div class="field">
<label for="viewproduct_type">View Product Type</label>
<select class="optionbar" name="viewproduct_type">
<option value="Not Selected">Not Selected</option>
<option value="a href='./viewProduct.php?view_product=$id">Standard</option>
<option value="Option">Option</option>
</select>
</div>
<span class="floatright">
<input type="file" name="file" class="inputbarfile">
<!--<input type="submit" name="create" id="signinButton" value="Upload">-->
</span>
<input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
<label for="button">
<input type="submit" id="button" name="create" value="Create New Product">
</label>
</form>
UPDATE:
//Create
$filename = $_FILES['file']['name'];
//$filesize = $_FILES['file']['size'];
//$filetype = $_FILES['file']['type'];
$tmp_name = $_FILES['file']['tmp_name'];
$file_error = $_FILES['file']['error'];
if (isset($filename )) {
if (!empty($filename)) {
$destinationFolder = 'productpics/';
if (move_uploaded_file($tmp_name, $destinationFolder.$filename)) {
echo 'Uploaded!';
} else {
echo 'There was an error!';
}
} else {
echo 'Please choose a file.';
}
}
if($validation->passed()) {
if(isset($_POST['create'])){
$product_id = trim( $_POST['product_id'] );
$product_name = trim( $_POST['product_name'] );
$price = trim( $_POST['price'] );
$saleprice = trim( $_POST['saleprice'] );
$final_price = trim( $_POST['final_price'] );
$shippingprice = trim( $_POST['shippingprice'] );
$category = trim( $_POST['category'] );
$item_details = trim( $_POST['item_details'] );
$item_details2 = trim( $_POST['item_details2'] );
$description = trim( $_POST['description'] );
$viewproduct_type = trim( $_POST['viewproduct_type'] );
$file = $filename;
FULL PHP code for this question.
//Validation
if(Input::exists()) {
if(Token::check(Input::get('token'))) {
$validate = new Validate();
$validation = $validate->check($_POST, array(
'product_id' => array(
'required' => true,
'min' => 1,
'max' => 50,
'unique' => 'products'
),
'product_name' => array (
'required' => true,
'min' => 2,
'max' => 50
),
'price' => array (
'required' => true,
'min' => 1,
'max' => 50
),
'saleprice' => array (
'min' => 1,
'max' => 50
),
'final_price' => array (
'required' => true,
'min' => 1,
'max' => 50
),
'shippingprice' => array (
'max' => 50
),
'category' => array (
'required' => true,
'min' => 2,
'max' => 50
),
'item_details' => array (
'required' => true,
'min' => 2,
'max' => 1550
),
'item_details2' => array (
'max' => 1550
),
'description' => array (
'required' => true,
'min' => 2,
'max' => 1550
)
)
);
//Create
if($validation->passed()) {
$filename = $_FILES['file']['name'];
//$filesize = $_FILES['file']['size'];
//$filetype = $_FILES['file']['type'];
$tmp_name = $_FILES['file']['tmp_name'];
$file_error = $_FILES['file']['error'];
if (isset($filename )) {
if (!empty($filename)) {
$destinationFolder = 'productpics/';
if (move_uploaded_file($tmp_name, $destinationFolder.$filename)) {
echo 'Uploaded!';
} else {
echo 'There was an error!';
}
} else {
echo 'Please choose a file.';
}
}
if(isset($_POST['create'])){
$product_id = trim( $_POST['product_id'] );
$product_name = trim( $_POST['product_name'] );
$price = trim( $_POST['price'] );
$saleprice = trim( $_POST['saleprice'] );
$final_price = trim( $_POST['final_price'] );
$shippingprice = trim( $_POST['shippingprice'] );
$category = trim( $_POST['category'] );
$item_details = trim( $_POST['item_details'] );
$item_details2 = trim( $_POST['item_details2'] );
$description = trim( $_POST['description'] );
$viewproduct_type = trim( $_POST['viewproduct_type'] );
$file = $filename;
$file = $_POST['img'];
}else {
foreach($validation->errors() as $error) {
echo $error, '<br>';
}
//Connection
$con = mysqli_connect("localhost","root","","bfb");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
/* create a prepared statement */
if ($stmt = mysqli_prepare($con, "INSERT INTO products (product_id, product_name, price, saleprice, final_price, shippingprice, category, item_details, item_details2, description, viewproduct_type, date_created, img) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?)")) {
/* bind parameters for markers */
$stmt->bind_param('isiiiissssss', $product_id, $product_name, $price, $saleprice, $final_price, $shippingprice, $category, $item_details, $item_details2, $description, $viewproduct_type, $file);
/* execute query */
$stmt->execute();
//if(!$stmt->execute()){trigger_error("there was an error....".$con->error, E_USER_WARNING);}
/* close statement */
mysqli_stmt_close($stmt);
echo "Success!";
} else {
echo "Failed!";
}
}
}
}
}
Commenting back and forth is getting to be too long at this point and am submitting the following answer, since it is too long to be a comment.
Although this may not be a solution (or possibly could, or it may lead to one), is nonetheless an answer to the problem/error message you posted.
The problem is with this line
$file = $_POST ($filename['img']);and I have no idea what you're trying to do here. You told me earlier in comments "The column I have for 'img' is text".$_POST[]using square brackets, and not$_POST()with round brackets.That is why you're getting the following error:
$_POSTas a function.I don't know if you want to insert that uploaded file as a binary in your column, or a text-based pointer to that file, only you know the exact intention for it.
If you want to enter it as a binary, then you will need to set the associated column for it as a BLOB.
When using BLOB as a column type, then that data needs to be escaped, otherwise it will throw an error.
You will also want to check what your upload max size is set/allowed in your system files.
By default, PHP sets it to 2M. If the file exceeds that size, it will fail; increase it and anything else relative to it such as max timeout time.
You're also not doing anything with error checking in:
it's a stray/unused variable.
Consult:
to check for errors and to use it.
As far as I'm concerning, I would get rid of
$file = $_POST ($filename['img']);and use$filenamefor the variable you're wanting to enter in your database, since it is going inside theimgcolumn as you've set it in your query.TEXTtoVARCHARand set a long enough length for it. MySQL may be failing silently because of it.Another thing I suggest you do, is to place your
$filename = $_FILES['file']['name'];and other variables below that, inside your conditional statement.If you want to use similar syntax to replace
$file = $_POST ($filename['img']);, then you could add an additional input and give it theimgname attribute and then do:which would be valid.
Another thing I spotted in your first piece of code, and if that is your entire code, you're missing a closing brace
}for yourif($validation->passed()) {conditional statement.The final/last brace
}is associated with this block of code:Edit:
In this line that you added in an edit:
You're overwriting your first variable, and you stated in comments that you do not have a form element name
img.But that is a file not text. Use
$file = $_FILES['img'];or$file = $_FILES['file'];- at this point, I've no idea what your file input in the form is called.$file = $_FILES['file']['name'];MySQL and PHP are two different animals and do not know which column is to be used for insertion.
You cannot rely on a POST array to determine the column it is to be inserted in. You need to specify that in your query.
Make sure the
imgcolumn does in fact exist, and then use the$_FILESarray with its related variable as the value inVALUES, being$file.$filenamein your VALUES, instead of$file. Or, whatever variable; I am very confused at this point as to which variable and/or input name you're using.and you may need to add that parameter in your
$validation = $validate->check($_POST, array(...function/array.Add error reporting to the top of your file(s) which will help find errors.
Sidenote: Error reporting should only be done in staging, and never production.