0

I created a page that should add new entry in my database, I just get this message when I'm trying to upload the file saying:

Call to a member function bindParam() on null

I checked the my code and can't see any errors in my connection.

<?php

    error_reporting( ~E_NOTICE ); // avoid notice

    require_once 'dbconfig.php';

    if(isset($_POST['btnsave']))
    {
        $username = $_POST['user_name'];// user name
        $userjob = $_POST['user_job'];// user email

        $imgFile = $_FILES['user_image']['name'];
        $tmp_dir = $_FILES['user_image']['tmp_name'];
        $imgSize = $_FILES['user_image']['size'];


        if(empty($username)){
            $errMSG = "Please Enter Username.";
        }
        else if(empty($userjob)){
            $errMSG = "Please Enter Your Job Work.";
        }
        else if(empty($imgFile)){
            $errMSG = "Please Select Image File.";
        }
        else
        {

            $upload_dir = 'user_images/'; // upload directory

            $imgExt = strtolower(pathinfo($imgFile,PATHINFO_EXTENSION)); // get image extension

            // valid image extensions
            $valid_extensions = array('jpeg', 'jpg', 'png', 'gif', 'pdf', 'docx'); // valid extensions

            // rename uploading image
            $userpic = rand(1000,1000000).".".$imgExt;

            // allow valid image file formats
            if(in_array($imgExt, $valid_extensions)){           
                // Check file size '5MB'
                if($imgSize < 5000000)              {
                    move_uploaded_file($tmp_dir,$upload_dir.$userpic);
                }
                else{
                    $errMSG = "Sorry, your file is too large.";
                }
            }
            else{
                $errMSG = "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";        
            }
        }


        // if no error occured, continue ....
        if(!isset($errMSG))
        {

            $sql = "INSERT INTO user (fname, lname, memo, file) VALUES (:fname, :lname, :memo, :file) ON DUPLICATE KEY UPDATE memo=:memo2";
            $stmt->bindParam(':fname',$name);
            $stmt->bindParam(':lname',$lname);
            $stmt->bindParam(':memo',$memo);
            $stmt->bindParam(':file',$file);
            $stm->execute(array(":fname" => $fname, ":hash" => $hash, ":memo" => $memo, ":memo2" => $memo));

            if($stmt->execute())
            {
                $successMSG = "new record succesfully inserted ...";
                header("refresh:5;index.php"); // redirects image view page after 5 seconds.
            }
            else
            {
                $errMSG = "error while inserting....";
            }
        }
    }
?>
Ikhlak S.
  • 8,578
  • 10
  • 57
  • 77
Jay Doe
  • 49
  • 1
  • 1
  • 8

1 Answers1

0

You never prepared it. $stmt is never declared. This is the reason for null warning.

if($stmt=$conn->prepare(
      "INSERT INTO user (fname, lname, memo, file) VALUES (:fname, :lname, :memo, :file) ON DUPLICATE KEY UPDATE memo=:memo2"
    )
){
    // ... make sure you bind :memo2 as well.
    // don't load values into execute()
    // remove this line:  $stm->execute(array(":fname" => $fname, ":hash" => $hash, ":memo" => $memo, ":memo2" => $memo));
    // use if($stmt->execute()){...
}
mickmackusa
  • 43,625
  • 12
  • 83
  • 136
  • tried but you had said but it still doesnt work, sorry for asking so many questions, i just started learning php – Jay Doe May 17 '17 at 05:06
  • @JayDoe Please reread my comments in my code block. and reference the hyperlink to my related answer. You don't need to assign your query as $sql, just use it in the prepare call. Don't use that dodgy $stm line, use `if($stmt->execute()){...` You need to bind `$memo2` to `:memo2` – mickmackusa May 17 '17 at 05:20
  • Thanks for the help but i tried a different approach and it works but there is just one problem. I dont know if i can ask you this, i guess ill just post it on another thread. Thank you again – Jay Doe May 17 '17 at 05:33