Extending PHP SQL Query does not work

Question

i am using Blueimp jQuery File Upload script and have this part of code which is working:

protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
        $index = null, $content_range = null) {
    $file = parent::handle_file_upload(
        $uploaded_file, $name, $size, $type, $error, $index, $content_range
    );
    if (empty($file->error)) {
        $sql = 'INSERT INTO `'.$this->options['db_table']
            .'` (`name`, `size`, `type`, `title`, `description`)'
            .' VALUES (?, ?, ?, ?, ?)';
        $query = $this->db->prepare($sql);
        $query->bind_param(
            'sisss',
            $file->name,
            $file->size,
            $file->type,
            $file->title,
            $file->description
        );
        $query->execute();
        $file->id = $this->db->insert_id;
    }
    return $file;
 }    

Now i want to insert just one value which is Memberid. I extended the sql table succesfully with this column "usr_id" and modified the code like this:

     protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
        $index = null, $content_range = null) {
    $file = parent::handle_file_upload(
        $uploaded_file, $name, $size, $type, $error, $index, $content_range
    );
    if (empty($file->error)) {
        $sql = 'INSERT INTO `'.$this->options['db_table']
            .'` (`name`, `size`, `type`, `title`, `description`, `usr_id`)'
            .' VALUES (?, ?, ?, ?, ?, ';
        $sql = $sql. $_SESSION['Memberid'] .")";
        $query = $this->db->prepare($sql);
        $query->bind_param(
            'sisss',
            $file->name,
            $file->size,
            $file->type,
            $file->title,
            $file->description
        );
        $query->execute();
        $file->id = $this->db->insert_id;
    }
    return $file;
}

But it does not work. I never saw this way of inserting a sql query. I hope someone can help.

TIA :)

// EDIT

I also tried this now and it does not work too. What I am doing wrong?

     protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
        $index = null, $content_range = null) {
    $file = parent::handle_file_upload(
        $uploaded_file, $name, $size, $type, $error, $index, $content_range
    );
    if (empty($file->error)) {
        $sql = 'INSERT INTO `'.$this->options['db_table']
            .'` (`name`, `size`, `type`, `title`, `description`, `usr_id`)'
            .' VALUES (?, ?, ?, ?, ?, ?)';
        $query = $this->db->prepare($sql);
        $query->bind_param(
            'sisssi',
            $file->name,
            $file->size,
            $file->type,
            $file->title,
            $file->description,
            "2"
        );
        $query->execute();
        $file->id = $this->db->insert_id;
    }
    return $file;
}

Answer 1

According to the manual for 'bind_param' it must be passed variables. Alas, you passed a constant not a variable. i haven't tried the following code but it should do something sensible.

     protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
        $index = null, $content_range = null) {
    $file = parent::handle_file_upload(
        $uploaded_file, $name, $size, $type, $error, $index, $content_range
    );

    if (empty($file->error)) {
        $sql = 'INSERT INTO `'.$this->options['db_table']
            .'` (`name`, `size`, `type`, `title`, `description`, `usr_id`)'
            .' VALUES (?, ?, ?, ?, ?, ?)';
        $query = $this->db->prepare($sql);
        $usrId = 2; // temporary variable to store the usr_id
        $query->bind_param(
            'sisssi',
            $file->name,
            $file->size,
            $file->type,
            $file->title,
            $file->description,
            $usrId
        );
        $query->execute();
        $file->id = $this->db->insert_id;
    }
    return $file;
}