0

I am trying to create an insert form where the user can insert the details of a new product (sweet) into a MYSQL database.

The product image is inserted into the specified directory item_images/$product_image.

However, that item is not inserted into the database and following error is produced:

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: 
Invalid parameter number: parameter was not defined' in /home/k1335948/www/loginregister-master/insert_product.php:168 
Stack trace: #0 /home/k1335948/www/loginregister-master/insert_product.php(168): PDOStatement->execute(Array) #1 {main} 
thrown in /home/k1335948/www/loginregister-master/insert_product.php on line 168

Database connection is fine as my other statements work for other elements.

I don't have much experience with PDO and I have been looking for solutions both here and online.

if(isset($_POST['insert_post'])) {

    $product_title = $_POST['title'];
    $product_cat = $_POST['item_cat'];
    $product_brand = $_POST['item_brand'];
    $product_price = $_POST['price'];
    $product_desc = $_POST['description'];
    $product_keywords = $_POST['keyword'];

    // retrieving image 
    $product_image  = $_FILES['product_image']['name'];
    $product_image_tmp  = $_FILES['product_image']['tmp_name'];

    move_uploaded_file($product_image_tmp,"item_images/$product_image");

    $insert_product = "INSERT INTO items(photo, title, description, keyword, price, item_category, item_brand) VALUES (:product_image, :product_title, :product_desc, :product_keywords, :product_price, :product_cat, :product_brand)";

    $insert_pro = $db->prepare($insert_product); 
    $results = $insert_pro->execute(array(
    ":product_image" => $product_image,
    ":title" => $product_title,
    ":product_desc" => $product_desc,
    ":product_keywords" => $product_keywords,
    ":product_price" => $product_price,
    ":product_cat" => $product_cat,
    ":product_brand" => $product_brand));

    if($insert_pro){

    echo "<script>alert('Product has been added sucessfully')</script>";
    echo "<script>window.open('insert_product.php','_self')</script>";
    }
}

(Edited) Here is my form:

    <form action ="insert_product.php" name="insert_form" method="post" enctype = "multipart/form-data">

    <table align="center" width="100%" border="2" bgcolor="pink">

    <tr>
        <td align="right"><b>Product Title: </b></td>
        <td>
        <input type="text" name="product_title" /></td>
    </tr>

    <tr>
        <td align="right"><b>Product Category: </b></td>
        <td>
        <select name="product_cat" />
        <option>Select Category: <option>

        <?php getCat(); ?>

        </select>
        </td>
    </tr>

    <tr>
        <td align="right"><b>Product Brand: </b></td>
        <td>
        <select name="product_brand" />
        <option>Choose Brand: <option>

        <?php getBrand(); ?>

        </select>
        </td>
    </tr>

    <tr>
        <td align="right"><b>Product Image: </b></td>
        <td>
        <input type="file" name="product_image" /></td>
    </tr>

    <tr>
        <td align="right"><b>Product Price: </b></td>
        <td>
        <input type="text" name="product_price" /></td>
    </tr>

    <tr>
        <td align="right"><b>Product Description: </b></td>
        <td>
        <textarea name="product_desc" cols="20" rows="10"></textarea></td>
    </tr>

    <tr>
        <td align="right"><b>Product Keywords: </b></td>
        <td>
        <input type="text" name="product_keywords" /></td>
    </tr>

    <tr align="center">
        <td colspan="8"><input type="submit" name="insert_post" value="Insert New Product" /></td>
    </tr>

    </form>
Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
Mani
  • 21
  • 5

2 Answers2

0

The error is in preparing the SQL or at least on the execute function. You don't bind all the requested values to the defined params in your SQL string.

Specifically the :product_title in the SQL and :title in your execute method.

$insert_pro->execute(array(
  ":product_image" => $product_image,
  ":product_title" => $product_title,
  ":product_desc" => $product_desc,
  ":product_keywords" => $product_keywords,
  ":product_price" => $product_price,
  ":product_cat" => $product_cat,
  ":product_brand" => $product_brand
));

And it should be:

if($results){
  // product has been successfully added.
}
Xorifelse
  • 7,878
  • 1
  • 27
  • 38
  • I've made the changes to the code where specified, however i'm receiving this new error now: Parse error: syntax error, unexpected '[', expecting ')' – Mani Mar 01 '16 at 22:30
  • Perhaps you're using an older version of PHP. Change `[arraydata]` to `array(arraydata)` – Xorifelse Mar 01 '16 at 22:38
  • This is the version i'm using: Current PHP version: 5.2.5. I've also made the changes but the error is still there. – Mani Mar 01 '16 at 22:44
  • The only thing you need to do is change `:title` to `:product_title` but I've updated my code for you now too. – Xorifelse Mar 01 '16 at 22:51
  • your new suggested code has removed the "parse error", however there is a new error similar to the first one: Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'title' cannot be null' in /home/k1335948/www/loginregister-master/insert_product.php:169 Stack trace: #0 /home/k1335948/www/loginregister-master/insert_product.php(169): PDOStatement->execute(Array) #1 {main} thrown in /home/k1335948/www/loginregister-master/insert_product.php on line 169 – Mani Mar 01 '16 at 22:59
  • That means `$_POST['title']` is not submitting correctly through the form, check the name attribute of the title input? – Xorifelse Mar 01 '16 at 23:17
  • I adjusted the constraint for the 'title' column to accept null values, but now i am receiving the same error message for the description column which means that none of the '$_POST''s are submitting correctly. Any ideas why that might be? – Mani Mar 01 '16 at 23:44
0

My form names were not matching the names in my database table -items-. All I needed to do was adjust the names to match the ones in the -items- table. Crazy errors but simple solution. :) Thanks for the help anyway @Xorifelse.

Mani
  • 21
  • 5
  • I really don't understand this, **html form names** not matching the **column names in the database**? These two languages don't even communicate with each other. The correct issue is that `$_POST['title']` is null because your HTML form input uses a different name `name="product_title"` so `$_POST['product_title']` would have been the solution. – Xorifelse Mar 02 '16 at 18:32