I have this query that without the inner join it works:
$sql = 'SELECT prodotti.nome, prodotti.prezzo, prodotti.sku, prodotti.produttore, fornitori.nome
FROM prodotti INNER JOIN fornitori
ON prodotti.fornitori_id = fornitori.id
WHERE prodotti.id = :prodotti.id';
$id = 1; // for example
// $this->db-> (is connection)
$stmt = $this->db->prepare($sql);
$stmt->bindParam(':prodotti.id', $id, PDO::PARAM_INT);
$stmt->execute();
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
$prodlist[$id] = $results;
var_dump($prodlist);
If I run it I get this error:
Fatal error: Uncaught PDOException: SQLSTATE [HY093]: Invalid parameter number: parameter was not defined in ........
It seems that the error lies is in the WHERE and in a particular way, reading online, I discovered that it could be a problem to do this: WHERE prodotti.id = prodotti.id;
suggest to do for example: WHERE prodotti.id =: id '; and then in the bindparam the same thing $stmt->bindParam(': id', $ id, PDO :: PARAM_INT);
in fact, doing so works halfway, in the sense that it gives me back the data called the first 'products' table ignoring the second 'suppliers'.
Can anyone tell me where am I wrong? Thanks
if I run this query on the SQL section of DB it works.
SELECT prodotti.nome, prodotti.prezzo, prodotti.sku, prodotti.produttore, fornitori.nome
FROM prodotti INNER JOIN fornitori
ON prodotti.fornitori_id = fornitori.id
WHERE prodotti.id = 1
as some users have pointed out to me elsewhere, and in fact it partially solves the problem, the point cannot be used in the binding, as reported in the guide at this link:
https://phpdelusions.net/pdo
"Note that PDO supports positional (?) and named (:email) placeholders, the latter always begins from a colon and can be written using letters, digits and underscores only. Also note that no quotes have to be ever used around placeholders."
now it works correctly! Thanks
Related
I am getting mysqli_stmt::execute(): invalid object or resource mysqli_stmt error for database3 when I am trying connect with three databases,Here is my code
global $db;
$stmt = $db->stmt_init();
global $db2;
$stmt2 = $db2->stmt_init();
global $db3;
$stmt3 = $db3->stmt_init();
/*****************Database3************/
/*** Icube ***/
$stmt->prepare( "SELECT n.offer_id, n.name, n.net_provider ,s.description,p.payout,q.categories FROM affilate_offer_findall_icube n
LEFT OUTER JOIN affiliate_offe_findbyid_icube s ON s.offer_id = n.offer_id
LEFT OUTER JOIN affiliate_offer_getpayoutdetails_icube p ON p.offer_id = s.offer_id
LEFT OUTER JOIN affiliate_offer_get_categories_icube q ON q.offer_id = p.offer_id WHERE
n.visible='1'
");
$stmt->execute();
mysqli_stmt_execute($stmt); // <--------- currently missing!!!
mysqli_stmt_store_result($stmt);
$rows = mysqli_stmt_num_rows($stmt);
$stmt->bind_result($offer_id, $name, $net_provider, $description, $payout, $categories);
$storeid = 0;
while($info = $stmt->fetch())
{
$storeid+=1;
$values3_icube[] = '("'.$storeid.'", "'.$offer_id.'", "'.$name.'", "'.$net_provider.'", "'.$description.'", "'.$notes.'", "'.$payout.'", "'.$categories.'")';
}
$stmt3->prepare("REPLACE INTO main_vendor_db(store_id, offer_id, name, net_provider, description, cashback, categories) VALUES".implode(',', $values3_icube));
$stmt3->execute();
**I am getting error here **
$stmt3->prepare("REPLACE INTO main_vendor_db(store_id,offer_id, name,net_provider,description,cashback,categories) VALUES".implode(',', $values3_icube));
There are so much inconsistency in your code, that it's no wonder it fails somewhere.
First of all, you aren't actually using prepared statements, sending raw SQL instead. So, all the hassle in vain.
Second, all these things like / <--------- currently missing!!! remarks makes it positively impossible to answer. How do we expected to regard this comment?
Third, mysqli_stmt::execute(): clearly says that error occurred with execute, while you are indicating the line with prepare. And, judging by the error message, mysqli_stmt::execute() in question is likely about that commented line from above
Fourth, this is apparently incomplete code and incomplete error message.
Fifth, you are implementing auto_increment mysql's feature by hand.
Sixth, three databases, taken with all the above, seems very peculiar.
Let me advise you to ask a completely different question, regarding the task you are trying to solve and get the proper way to do so.
According to mysqli_stmt::execute documentation
Any subsequent calls to any mysqli_stmt function will fail until mysqli_stmt_prepare() was called.
Also check-
Problem with multiple prepared statements
Warning: mysqli_stmt::close() [mysqli-stmt.close]: invalid object or resource mysqli_stmt... why?
Below is my code, I am not able to resolve this error. Any help is appreciated. I am trying to update a table in my database.
public function updateUnit($params){
$user = 'monil';
$password = 'Masters123';
$dbh = new \PDO('mysql:host=127.0.0.1;dbname=tcsdb', $user, $password);
$task=array(':UnitCode'=>$params['UnitCode'],':UnitDescription'=>$params['UnitDescription'] ,
':UnitName'=>$params['UnitName'], ':UnitID'=>$params['UnitID']);
echo $params['UnitID'];
$sth = $dbh->prepare('UPDATE unit SET UnitCode = :UnitCode,'
. 'UnitDescription = :UnitDescription,UnitName = :UnitName WHERE UnitId=:UnitId');
$sth->execute($task);
return true;
}
Parameter names used in execute()/binding should be exact match for the parameter names used in the SQL query. That's the point of named parameters.
You need to check every placeholder in SQL, whether its name matches the name used in execute(), bindParam() or bindValue().
In your case, :UnitID is not the same as :UnitId, there is a difference in the letter case.
In a rare case, the error can be caused by improper placeholder name. The only characters allowed are [a-zA-Z0-9_].
The same error arise when you missed : colon while creating statement.
ex:
Below statement throws invalid parameter error as password in VALUES is missing : colon.
$stmt = $db->prepare('INSERT INTO members (username,password) VALUES (:username, password)');
same errors may occur if you use a "." dot in bindParam
ex.
$query = "select * from t where t1 = :foo.bar";
$stmt = $pdo->prepare($query);
$stmt->execute([':foo.bar' => 'blah']);
I've consulted this question for this problem, but couldn't seem to see the answer.
I have a prepared statement with a ? placeholder for a param I'm binding. Problem is, MySQL doesn't seem to like this because it's inside a REGEX block, like so:
$sql = 'SELECT id FROM teams WHERE name REGEXP "^(?)"';
$stmt = $db->prepare($sql);
$stmt->bind_param('s', implode('|', $letters));
This throws:
"Got error 'repetition-operator operand invalid' from regexp"
Is there a way of escaping the ? or something?
[EDIT]
Based on the comment below, I tried:
$sql = 'SELECT id FROM teams WHERE name REGEXP "^(:letters)"';
$stmt = $db->prepare($sql);
$stmt->bind_param(':letters', implode('|', $letters));
Now I get the error
"Warning: mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables"
Interestingly, I note I'm using bind_param() but the PHP docs say bindParam(). For me, the latter is an undefined method.
I used PDO hundreds of times but now I'm very frustrated - everything seems ok for me, I must be missing something... I use PGSql and PDO. Passing query to PgAdmin 3 and running it - no problem! But calling it from PDO is a different story.
My code:
(...checking if $name is null and so on...)
$query = "SELECT
*
FROM
out.city
WHERE
city_name ILIKE ?";
$stmt = $this->db->prepare($query);
try{
$res = $stmt->execute(array("'".$name."'"));
$ret = $res->fetchAll(PDO::FETCH_ASSOC);
(... rest of try-catch block...)
Problem is that $res returns boolean (true) instead of object. It results in error:
PHP Fatal error: Call to a member function fetchAll() on a non-object
I've tried few methods of how to put $name inside query - using question mark, bind or just joining the strings (I know, bad way). None of them work.
Should be prepare handle (object) only, replace $res-> with $stmt->,
$stmt->fetchAll(PDO::FETCH_ASSOC);
I am preventing content to some unauthorized users, my condition works well, but while accessing this own controller i am getting error.
Please help me out.
$offer = new Application_Model_DbTable_Offers();
$query = $offer->fetchAll($offer->select()
->from('vs_offers')
->where('id =?',$o_id)
->where('campaign_id IN (SELECT id from vs_campaign WHERE advertiser_id = ?)', $this->sessiondata->id));
if(count($query) < 1){
$this->_helper->flashMessenger->addMessage('Unauthorize access');
$this->_redirect('offers/');
exit;
}
Use of IN clause is bit different in Zend. One way is use Zend_Db_Expr to perform IN clause operation like,
->where(new Zend_Db_Expr(sprintf('campaign_id IN
(SELECT id from vs_campaign WHERE advertiser_id = %1$d)',
$this->sessiondata->id)));
Another way is using subquery.
Highly likely that one of your parameters are null
$o_id or $this->sessiondata->id
Reference to an old answer - ZF: Invalid parameter number: no parameters were bound Error