i am struggling with the code to insert into multiple rows.
but ended up getting warnings
$rows = array(1,2,3,4,5,6)
$stmt = $connect->prepare("INSERT INTO t_worker_history (uid) VALUES (?)");
foreach($rows as $insert) {
$stmt->execute($insert);
}
Warning: PDOStatement::execute() expects parameter 1 to be array, string given in
As the message says, the first parameter needs to be an array, so just put the $insert value into one:
$stmt->execute(array($insert));
See the manual. The reason the parameter needs to be an array is to allow for multiple parameters to be bound to placeholders.
Related
This is my code
I tried replacing SELECT * with SELECT booktitle. If I do fetch(PDO::FETCH_BOTH) , that is the default, I get Warning: mysqli_stmt::fetch() expects exactly 0 parameters, 1 given in C:\Apache24\htdocs\phpprepared.php on line 89. I guess I dont have to bind_param, since there are no params here.
$query3 = 'SELECT * FROM books';
$stmt = $db->prepare($query3);
$stmt->execute();
while ($row = $stmt->fetch()) {
echo 'booktitle: '.$row['booktitle'].'<br>';
}
The problem
I get the booktitle string echoed 9 times, but no actual data. I am confused on how to use the fetch, the results and/or the associative (?) array so I can get the data. Thanks
Edit
Wondering if there is a way to simply get everything from a table without having to use bind_result or the combination get_result - fetch_assoc.
Thanks
hello i've got a question about bind_param every code is works but not this one...probably dumb question..
$key = "`".implode("`, `",array_keys($notifikasi))."`";
echo $value = "'".implode("', '",array_values($notifikasi))."'";
$query = $dbcon->prepare("INSERT INTO `notifikasi` ($key) VALUES ($value)");
$query->bind_param("iiiis",$value);
$query->execute();
i've echo the value :
'1','1','2','3','profile.php?confirm=33'
i've put any number on bind_param still got this error:
mysqli_stmt::bind_param(): Number of elements in type definition string doesn't match number of bind variables
anyone can answer my misunderstanding?
[EDIT]
nevermind, i've found the solution :
use call_user_func_array()
mysqli bind_param for array of strings
thanks
The problem is you are trying to bind parameters when you didn't add any placeholder for them.
You should never trust user's input so I would suggest you not to populate column names from the input. I would fix column names in query:
$notifikasi = [1, 2, 'profile'];
$query = $dbcon->prepare("INSERT INTO `notifikasi` (col1, col2, col3) VALUES (?, ?, ?)");
$query->bind_param("iis", $notifikasi);
I can convert the echo'ed output in to an SQL statement that executes in phpMyAdmin going...
From this:
INSERT INTO crumbs (ip_address,ip_address_2,device_info,user_id,connections) VALUES(?,?,?,?,?)Value:'00.000.000.000', '00.000.000.000', 0,0000, 1
Into this:
INSERT INTO crumbs (ip_address,ip_address_2,device_info,user_id,connections) VALUES('00.000.000.000', '00.000.000.000', 0,0000, 1)
It inserts the data in to the DB, no errors, however it executes through PHP-PDO...
With:
SQLSTATE[HY093]: Invalid parameter number
The code:
$columns = '('.implode(',', array_keys($user_connection)).''.",user_id,connections)";
$inserts="(".implode(',',array_fill(0,count($user_connection)+2, '?')).")";
$values = implode(', ',($user_connection)).",$user_id, 1";
$sql_insert = "INSERT INTO crumbs ".$columns." VALUES".$inserts;
$stmt = $this->_db->prepare($sql_insert);
$stmt->execute(array($values));
Edit-Adding $user_connection
$user_connection [ 'ip_address'] = "'".$_SERVER['REMOTE_ADDR']."'";
$user_connection [ 'ip_address_2']="'".$_SERVER['HTTP_X_FORWARDED_FOR']."'";
$user_connection ['device_info']=0;
The error occurs during the execution of the SQL code. I've gone over all the examples and found nothing that's equivalent, I'm thinking it's something simple I'm missing (a rule?) since the code executes locally.
You have to do something like this:
// ..code..
$values = $user_connection;
$values[] = $user_id;
$values[] = 1;
// ..code..
$stmt->execute($values);
Explanation of the problem:
When you have multiple ? placeholders, you can pass each value to be bounded as the values of an array (See Example #3 from the manual).
Now, since you are using implode, $values will be a single string, something like
'192.168.0.1', '8.8.8.8', 0, 'userid', 1
That means that when you call execute(array($values)), it will, in fact, bound it like this (representation-only, it's not really like this)
INSERT INTO crumbs (ip_address,ip_address_2,device_info,user_id,connections) VALUES ("'192.168.0.1', '8.8.8.8', 0, 'userid', 1", ?, ?, ?, ?)
because you only sent and array that has one value: the implosion of the other array. Since you didn't provide the same amount of values (1) as you have placeholders (5), you end up with
Invalid parameter number
I have been coding for a few hours on this thing, so I think I am missing something very simple here, but I can't seem to find it.
I am getting these 2 errors
Warning: PDOStatement::execute() [pdostatement.execute]: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens on line 77
Warning: PDOStatement::execute() [pdostatement.execute]: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens on line 79
public function resetPassword($password, $email){
$rst = $this->db->prepare("insert into users (password) values (?) where email=? ");
$rst->bindParam('?', $password);
$rst->bindParam('?', $email);
$rst->execute();
if($rst->execute()){
return "Password changed!";
}
else echo "Could not change password.";
}
Am I forgetting something?
When using questions marks as placeholders, you send an array to the execute method, like so: $rst->execute(array('placeholder1value', 'placeohlder2value'));
However, if you want to use named placeholders, you would bindParam/bindValue them, like so:
$stmt = $pdo->prepare('INSERT INTO table (key1, key2) VALUES (:key1, :key2)');
$stmt->bindValue(':key1', 'somevalue', PDO::PARAM_STR);
$stmt->bindValue(':key1', 3532, PDO::PARAM_INT);
$stmt->execute();
Please read about the difference between bindParam and bindValue
And another note, your SQL query doesn't make sense, do you mean to do an UPDATE?
I am having an error in mysql and php My code:
$stmt->prepare("INSERT `tablename` (col1,col2,col3) VALUES (?,?,?)");
$stmt->bind_param('sss',$_POST['data'],$sub,$yaxis);
$stmt->execute();
My errors:
Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of variables doesn't match number of parameters in prepared statement.
But I have passed 3s and 3 arguments in bind_param. Why is this error occuring?
use the index of parameter since you did not specify it by name.
$data = $_POST['data'];
$stmt->prepare("INSERT `tablename` (col1,col2,col3) VALUES (?,?,?)");
$stmt->bind_param(1,$data);
$stmt->bind_param(2,$sub);
$stmt->bind_param(3,$yaxis);
$stmt->execute();
but if you want it by name then you have to specify its parameter name instead of using question mark
$data = $_POST['data'];
$stmt->prepare("INSERT `tablename` (col1,col2,col3) VALUES (:sss,:par1,:par2)");
$stmt->bind_param(":sss",$data);
$stmt->bind_param(":par1",$sub);
$stmt->bind_param(":par2",$yaxis);
$stmt->execute();
Are you sure you have value in your $_POST['data'] , Instead of directly passing form values to bind_param you can check if it is null or not.Also i noticed your insert query is wrong
if(!empty($_POST['data'])){
$mydata=$_POST['data'];
}else{
$mydata='No values';
}
$stmt->prepare("INSERT into `tablename` (col1,col2,col3) VALUES (?,?,?)");//Query wrong
$stmt->bind_param('sss',$mydata,$sub,$yaxis);
$stmt->execute();
Well, either $_POST has more than one variable assigned to it, or it has none.
This will print the contents of the entire $_POST array:
print_r($_POST);
Okay, I know this makes me sound stupid but the error was caused by an undefined variable farther up in the script, which I have now fixed. I thought it would not affect this part of the script, but it did. All the answers posted are great, but because of my fault they do not answer the question.