I am not able to enter data in the bank

2

I am not able to enter data into the database, I was using PDO , but now I started to use MySql , because I was only able to list database data with MySql , I am able to list the data, but I am not able to insert.

<?php
$host = "localhost";
$usuario = "root";
$senha = "";
$bd = "nise";

$mysqli = new mysqli($host, $usuario, $senha, $bd);
if($mysqli->connect_errno)
    echo"Falha na conexão: (".$mysqli->connect_errno.")".$mysqli->connect_error;

?>

Here is the file PHP

<?php 
include("includes/conexao.php");//conexão com o banco

$consulta = "SELECT id, data, descricao, imagem, id_bloco, qual_descricao, id_denuncia_oque FROM denuncia";
$con = $mysqli->query($consulta) or die ($mysqli->error);

if(!empty($_FILES['uploaded_file'])){
    $query = "INSERT INTO resposta_denuncia (descricao_resposta, imagem, id_usuario) 
        VALUES (:descricao_resposta, :imagem, :id_usuario)";

    $statement = $mysqli->prepare($query);

    $path = "img_denuncia/";
    $path = $path . basename( $_FILES['uploaded_file']['name']);
    if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $path))

    $valores = array();
    $valores[':descricao_resposta'] = $_POST['descricao_resposta'];
    $valores[':imagem'] = $_FILES['uploaded_file']['name'];
    $valores[':id_usuario'] = 2;

    if(!isset($_POST['descricao_resposta']) or empty($_POST['descricao_resposta'])) {
        echo 0;
    }elseif($result = $statement->execute($valores)) {
        echo 1; // dados enviados com sucesso
    } else {
        echo 0; // erro ao tentar enviar dados 
    }

}

? >

    
asked by anonymous 17.10.2018 / 21:53

1 answer

2

The code has two problems, the first is the failure to associate the values with the placeholders the function bind_param() does this. The second a lib MySQLi does not support named placeholders (only%) only positional parameters the queries.

The code should look like this:

$query = "INSERT INTO resposta_denuncia (descricao_resposta, imagem, id_usuario) VALUES (?, ?, ?)";

$statement = $mysqli->prepare($query);
$statement->bind_param('ssi', $valores[':descricao_resposta'], $valores[':imagem'], $valores[':id_usuario']);

I did a refactoring to simplify the logic of the code:

if(empty($_POST['descricao_resposta'])){
    exit('0 - descrição vazia');
}

if(!empty($_FILES['uploaded_file'])){

    $path = "img_denuncia/";
    $path = $path . basename( $_FILES['uploaded_file']['name']);

    if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $path)){

        $valores[':descricao_resposta'] = $_POST['descricao_resposta'];
        $valores[':imagem'] = $_FILES['uploaded_file']['name'];
        $valores[':id_usuario'] = 2;        

        $query = "INSERT INTO resposta_denuncia (descricao_resposta, imagem, id_usuario) VALUES (?, ?, ?)";
        $statement = $mysqli->prepare($query);
        $statement->bind_param('ssi', $valores[':descricao_resposta'], $valores[':imagem'], $valores[':id_usuario']);

        $msg = $statement->execute() ? '1 - sucesso' : 'erro no banco: '. $statement->error;

        exit($msg);
    }
}else{
    exit('0 - arquivo vazio');
}

If you are using php5.6 or higher you can optimize :nome as follows:

$valores = [$_POST['descricao_resposta'], $_FILES['uploaded_file']['name'], 2];     

$query = "INSERT INTO resposta_denuncia (descricao_resposta, imagem, id_usuario) VALUES (?, ?, ?)";
$statement = $mysqli->prepare($query);
$statement->bind_param('ssi', ...$valores);

Remember that the array values must be in the same positions as the columns described because the association is by the position.

    
17.10.2018 / 22:10