This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Why does this PDO statement silently fail?
(2 answers)
Closed 4 years ago.
Doing the query manually in PHPMyAdmin
INSERT INTO productimages (ImageURL, productID)
VALUES('http://test.jpg', (SELECT id
FROM products
WHERE products.MPN = 'test'));
Works just fine.
But trying to use PDO...
try {
$sql = "INSERT INTO productimages (ImageURL, productID)
VALUES(':image_url', (SELECT id
FROM products
WHERE products.MPN = ':mpn'));";
$data = [
'image_url' => $image_url,
'mpn' => $mpn
];
$stmt = $conn->prepare($sql);
$stmt->execute($data);
}
catch(PDOException $e)
{
echo '<h2 style="color:red;">' . $e->getMessage() . '</h2>';
}
I am always getting this error:
SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens
How do I properly form this INSERT query to perform with PDO?
Related
This question already has answers here:
Can PHP PDO Statements accept the table or column name as parameter?
(8 answers)
Can I use a PDO prepared statement to bind an identifier (a table or field name) or a syntax keyword?
(1 answer)
Closed 7 months ago.
My sql request doesn't work if I use a function paramater to choice the column.
My goal is to have one function for all request.
Thanks in advance.
$dbh = Connection::getPdo();
try {
$sth = $dbh->prepare('SELECT users_id, nom, prenom, password, role, email, users_login FROM users where ? = ? ');
$value="'".$value."'";
$sth->execute(array($parameter,$value));
$data = $sth->fetch(PDO::FETCH_ASSOC);
$user = new Users();
$user->setUserFromArray($data);
} catch (PDOException $e) {
die("ERROR: Could not able to execute query " . $e->getMessage());
}
return $user;
}
This question already has answers here:
Can PHP PDO Statements accept the table or column name as parameter?
(8 answers)
Closed 5 years ago.
I have this code to get a COUNT DISTINCT data:
$param = 'email';
$stmt = $conn->stmt_init();
$stmt = $conn->prepare("SELECT COUNT(DISTINCT(?)) FROM contatos");
$stmt->bind_param('s',$param);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($count);
while ($stmt->fetch()) {
echo $count;
}
But echo $count always returns 1, but i have dozens of records...
What is wrong?
Thanks
Binding is not allowed for column names (or table names). Your query is not executing correctly. You need to directly pass the name of the field.
$stmt = $conn->prepare("SELECT COUNT(DISTINCT(email)) FROM contatos");
This question already has answers here:
mysqli last insert id
(3 answers)
Closed 6 years ago.
How to get the id of the last inserted query using prepared statement ?
I wrote some PHP but I only get "0" as a result.
I tried to use the answer from this question : Similar question on SO
$locationName = $_GET['locationName'];
$locationResume = $_GET['locationResume'];
$sql = "INSERT INTO location (locationTitle, locationResume) VALUES (?,?);";
if ($locationName != null && $locationResume != null ) {
if ($stmt = $con->prepare($sql)) {
$stmt->bind_param("ss", $locationName, $locationResume);
$locationId = $con->insert_id;
#$locationId = $con->execute();
echo $locationId;
}
}
Thank you for your help.
You can get last_insert_id only after query execution.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 8 years ago.
I know the connection works as i have used this to insert data into the tables but i cant seem to pull it out. Any help would be greatly appreciated.
//Gets id from url
$projectid = $_GET['id'];
try{
// DB CONNECTION
$link = $database->connection;
$link->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Query for projects
$q = ("SELECT * FROM projects WHERE id=':pid'");
$prep = $link->prepare($q);
$array = array(
':pid' => $projectid
);
$prep->execute($array);
}catch(PDOException $pde){
echo $pde->getMessage();
die();
}
//Method to retrieve results
while ($r = $prep->fetch()) {
echo $r['projectname'];
}
When you are using PDO with prepared statements, you don't need the single quotes around the pid term. PDO automatically inserts those for you. Just do:
$q = ("SELECT * FROM projects WHERE id = :pid");
This question already has answers here:
How to include a PHP variable inside a MySQL statement
(5 answers)
Closed 3 years ago.
I have a mysqli query with the following code:
$db_usag->query("UPDATE Applicant SET phone_number ='$phone_number',
street_name='$street_name', city='$city', county='$county', zip_code='$zip_code', day_date='$day_date', month_date='$month_date',
year_date='$year_date' WHERE account_id='$account_id'");
However all the data is extracted from HTML documents so to avoid errors I would like to use a prepared statement. I found PHP documentation on bind_param() but there is no UPDATE example.
An UPDATE works the same as an insert or select. Just replace all the variables with ?.
$sql = "UPDATE Applicant SET phone_number=?, street_name=?, city=?, county=?, zip_code=?, day_date=?, month_date=?, year_date=? WHERE account_id=?";
$stmt = $db_usag->prepare($sql);
// This assumes the date and account_id parameters are integers `d` and the rest are strings `s`
// So that's 5 consecutive string params and then 4 integer params
$stmt->bind_param('sssssdddd', $phone_number, $street_name, $city, $county, $zip_code, $day_date, $month_date, $year_date, $account_id);
$stmt->execute();
if ($stmt->error) {
echo "FAILURE!!! " . $stmt->error;
}
else echo "Updated {$stmt->affected_rows} rows";
$stmt->close();