CODEWITHSUNDEEP
phpmysqli
user1490145
user1490145

Reputation: 153

data is not inserting in mysqli

I have an old mysql code where it successfully inserts the name of an image file into the database. But since old mysql is being decapitated, I have attempted doing the same in mysqli (can't use PDO because of version of PHP I have). The problem is that I cannot get the image file name to be inserted into the database in mysqli. What am I doing wrong?

Below is the mysqli code:

    <?php

    session_start();


    $username="xxx";
    $password="xxx";
    $database="mobile_app";

      $mysqli = new mysqli("localhost", $username, $password, $database);

      /* check connection */
      if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
        die();
      }

    $result = 0;

if(getimagesize($_FILES['fileImage']['tmp_name'])){

    if( is_file("ImageFiles/".$_FILES['fileImage']['name'])) {
        $parts = explode(".",$_FILES['fileImage']['name']);
        $ext = array_pop($parts);
        $base = implode(".",$parts);
        $n = 2;

        while( is_file("ImageFiles/".$base."_".$n.".".$ext)) $n++;
        $_FILES['fileImage']['name'] = $base."_".$n.".".$ext;

        move_uploaded_file($_FILES["fileImage"]["tmp_name"],
        "ImageFiles/" . $_FILES["fileImage"]["name"]);
        $result = 1;

        $imagesql = "INSERT INTO Image (ImageFile) 
        VALUES (?)";

                if (!$insert = $mysqli->prepare($imagesql)) {
          // Handle errors with prepare operation here
        }

        $insert->bind_param("s",'ImageFiles/' . $_FILES['fileImage']['name']);

     $insert->execute();

            if ($insert->errno) {
              // Handle query error here
            }

            $insert->close();


    }
        else
          {
          move_uploaded_file($_FILES["fileImage"]["tmp_name"],
          "ImageFiles/" . $_FILES["fileImage"]["name"]);
          $result = 1;

        $imagesql = "INSERT INTO Image (ImageFile) 
        VALUES (?)";

                if (!$insert = $mysqli->prepare($imagesql)) {
          // Handle errors with prepare operation here
        }

        $insert->bind_param("s",'ImageFiles/' . $_FILES['fileImage']['name']);

     $insert->execute();

            if ($insert->errno) {
              // Handle query error here
            }

            $insert->close();


          }
    }
    ?>

Below is the old mysql code where the insert did work:

    <?php

    session_start();


    $username="xxx";
    $password="xxx";
    $database="mobile_app";

    mysql_connect('localhost',$username,$password);

    mysql_select_db($database) or die( "Unable to select database");

    $result = 0;

if(getimagesize($_FILES['fileImage']['tmp_name'])){

    if( is_file("ImageFiles/".$_FILES['fileImage']['name'])) {
        $parts = explode(".",$_FILES['fileImage']['name']);
        $ext = array_pop($parts);
        $base = implode(".",$parts);
        $n = 2;

        while( is_file("ImageFiles/".$base."_".$n.".".$ext)) $n++;
        $_FILES['fileImage']['name'] = $base."_".$n.".".$ext;

        move_uploaded_file($_FILES["fileImage"]["tmp_name"],
        "ImageFiles/" . $_FILES["fileImage"]["name"]);
        $result = 1;

        $imagesql = "INSERT INTO Image (ImageFile) 
        VALUES ('ImageFiles/".mysql_real_escape_string($_FILES['fileImage']['name'])."')";

        mysql_query($imagesql);

    }
        else
          {
          move_uploaded_file($_FILES["fileImage"]["tmp_name"],
          "ImageFiles/" . $_FILES["fileImage"]["name"]);
          $result = 1;

            $imagesql = "INSERT INTO Image (ImageFile) 
            VALUES ('ImageFiles/".mysql_real_escape_string($_FILES['fileImage']['name'])."')";

    mysql_query($imagesql);

          }

}
          mysql_close();

    ?>

      <script language="javascript" type="text/javascript">
      window.top.stopImageUpload(<?php echo $result ? 'true' : 'false'; ?>, '<?php echo $_FILES['fileImage']['name'] ?>');
      </script>

Upvotes: 0

Views: 693

Answers (1)

Lawrence Cherone
Lawrence Cherone

Reputation: 46602

Try this, assign the value to a variable first and then bind it, dont build the data within the bind_param:

    <?php 
    $imagesql = "INSERT 
                  INTO Image (ImageFile)
                  VALUES (?)";

    $insert = $mysqli->prepare($imagesql);

    //Dont pass data directly to bind_param store it in a variable
    $insert->bind_param("s",$img);

    //Assign the variable
    $img = 'ImageFiles/'.$_FILES['fileImage']['name'];

    $insert->execute();
    ?>

Also you should check if the file is uploaded and if any errors have occurred with the upload before doing any db stuff:

<?php 
//If POST
if($_SERVER['REQUEST_METHOD']=='POST'){
    //Check no errors on upload
    if($_FILES['fileImage']['error']==0){

        if(isset($_FILES['fileImage']['tmp_name'])){
            $imgSize = getimagesize($_FILES['fileImage']['tmp_name']);
            ...
            ...
        }

    }else{
        //get error code and display error
    }

}else{
    //No POST
}
?>

Upvotes: 1

Related Questions