php - Writing to Database with MySQLI -


i'm working on project buddy of mine , want write our database calls in mysqli. i'm new , i've used mysql commands know out of date @ point. keep getting call member function query() on non-object on line 30 if ($mysqli->query($sql)) { command. please point me in right direction this? i've tried looking in w3 schools. here entire code:

// if form submitted, insert table. if (isset($_post["submit"])) {      // define $username , $password.     $username = $_post['user_username'];     $password = $_post['user_password'];      // protect them mysql injection.     $username = stripslashes($username);     $password = stripslashes($password);     $username = mysqli_real_escape_string($db, $username);     $password = mysqli_real_escape_string($db, $password);     $password = md5($password);      // run queries.         if ($_files["user_image"]["error"] > 0) {              //bad output form results red text             echo "<font size = '5'><font color=\"#e31919\">error: no chosen file <br />";             echo"<p><font size = '5'><font color=\"#e31919\">insert database failed";          } else {              move_uploaded_file($_files["user_image"]["tmp_name"],"uploads/" . $_files["user_image"]);             $file="uploads/".$_files["user_image"];             $image_title = addslashes($_request['user_image']);             $sql="insert users (user_fname, user_lname, user_image, user_phone, user_cell, user_email, user_username, user_password) values ('$_post[user_fname]', '$_post[user_lname]', '$_post[user_image]', '$_post[user_phone]', '$_post[user_cell]', '$_post[user_email]', '$username', '$password')";             if ($mysqli->query($sql)) {                 die('error: ' . $mysqli->error);             }              //good output form results green text                echo '              <form enctype="multipart/form-data" action="insert_image.php" method="post" name="changer">                 <div style="padding:10px;">                     <h2 style="font-size: 28px;">success!</h2>                     <p style="font-size: 18px;">your file has been uploaded!</p>                 </div>                  </form>';         } } 

thanks!

here's non-object $_post[user_image] in values, used $_files["user_image"] everywhere else there's no input anywhere in posted code. we're dealing file here , not text input.

i.e.: <input type="file" name="user_image">

  • only you know that.

plus, need use connection variable you're using, if it's $db, or $mysqli , if connected database, or chose right database , table.

  • again, you know that.

then this:

$image_title = addslashes($_request['user_image']); 

you should use $_files , not $_request, since implies may using method in unshown "other" form.

reference:

references:

and use error handling fits connection. consult edit below.

also make sure folder you're wanting upload to, has right permissions write it.

add error reporting top of file(s) find errors.

<?php  error_reporting(e_all); ini_set('display_errors', 1);  // rest of code 

sidenote: displaying errors should done in staging, , never production.

also use var_dump();, echo , viewing html source additional tools during debugging process.


additional notes:

if you're wanting upload data binary data in table, make sure you're using correct type.

such tinyblob, blob, mediumblob, , longblob.

another "only know that".

reference:


as stated matt in comments:

and $file="uploads/".$_files["user_image"]; should changed $file="uploads/".$_files["user_image"]['name'];

changing both instances of "uploads/" . $_files["user_image"] "uploads/".$_files["user_image"]['name']

consult manual on move_uploaded_file():


passwords.

i noticed using md5 password hashing function. function no longer considered safe use.

use 1 of following:

other links:

important sidenote column length:

if , when decide use password_hash() or crypt, important note if present password column's length lower 60, need changed (or higher). manual suggests length of 255.

you need alter column's length , start on new hash in order take effect. otherwise, mysql fail silently.


edit:

seeing 1 of questions:

i noticed pdo syntax $row = $stmt->fetch(pdo::fetch_assoc); , mixing mysql_ functions $image = mysql_query....

this tells me may still mixing mysql apis. if connection pdo, cannot intermix different apis. must use same 1 connecting query.

consult following on stack:

pdo mysql_ - invalid
pdo mysqli_ - invalid
mysql_ mysqli_ - invalid


Comments