0

I know there are many questions out there that are like this one, but I can't seem to find what I am doing wrong. I've checked multiple times for typos in both my code and database. This is my PHP code I've written to submit my form details to the database:

<?php
require_once "connect.php";

if(!empty($_POST))

{

    if(isset($_POST["email"], $_POST["username"], $_POST["type"], $_POST["question"]))
    {
         $email = test_input($_POST["email"]);
         $username = test_input($_POST["username"]);
         $type = test_input($_POST["type"]);
         $question = test_input($_POST["question"]);
         $premium = ($_POST["premium"]);
         $member = ($_POST["member"]);
        if ($member != "NO") 
        {
             $member = "YES";
        }

    }
    if(!empty($email) && !empty($username) && !empty($type) && !empty($question))
    {

        $insert = $db->prepare("INSERT INTO Submissions (Email, Username, Type, Question, Member, Premium, Date) VALUES (?, ?, ?, ?, ?, ?, NOW())");

        $insert->bind_param("ssssss", $email, $username, $type, $question, $member, $premium);
        if($insert->execute())
        {
            header("Location: landing.php");
            die();
        }
    }
}
function test_input($data) 
{
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}
?>

When I var_dump error call, it returned NULL, but I don't understand what that means. The connection to my database is also a success. These are my database columns: "Email", "Username", "Type", "Question", "Member", "Premium", "Date" Everything is a varChar except Question and Date. Question is a text and Date is a datetime. Also, the form fields are as followed: email, username, and question...these are input fields. type is a drop down, member and premium are check boxes.

Razer
  • 55
  • 6

2 Answers2

2

As the error says, your $insert is not an object. This is most probably caused by the fact that you use mysql keywords as column names (very bad practice). If you must continue to use those names surround them in backticks. (Thanks u_mulder)

$insert = $db->prepare("INSERT INTO Submissions (Email, Username, `Type`, Question, Member, Premium, `Date`) VALUES (?, ?, ?, ?, ?, ?, NOW())");
Community
  • 1
  • 1
php_nub_qq
  • 15,199
  • 21
  • 74
  • 144
  • Hmm, I changed the Type and Date to something else, but I am still getting the same error for some reason... – Razer Aug 02 '15 at 07:31
  • @Razer Well check the error message, your query is failing for some reason. – php_nub_qq Aug 02 '15 at 07:32
  • When I use var_dump the error it's returning is: NULL – Razer Aug 02 '15 at 07:36
  • @Razer what is the exact output of `var_dump($insert)` after `$db->prepare`? Additionally, all examples in the documentation suggest the use of prepare like `if($stmt = $mysqli->prepare($sql))`, if you want to avoid the error you should do that. – php_nub_qq Aug 02 '15 at 07:40
  • The exact error of the output of var_dump is: NULL Fatal error: Call to a member function bind_param() on a non-object in..... – Razer Aug 02 '15 at 07:48
  • @Razer `$insert` can not be `NULL`, [the documentation](http://php.net/manual/en/mysqli.prepare.php) states that `mysqli::prepare()` will return either a statement or `false`. – php_nub_qq Aug 02 '15 at 07:51
0

I think something wrong in sql query. If the sql statement sent to it is invalid in the current DB, prepare() will then return false.

You can verify it by adding this.

if(!$insert){
  echo "Prepare statement failed";
}
Harikrishnan
  • 9,688
  • 11
  • 84
  • 127