Im having an invalid parameter error but I guess that I have the right number of parameter.
Does anyone see the opposite here?
Im getting this error:
PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in $readNews->execute();
if(isset($_POST['search']))
{
$search = $_POST['search'];
$readNews = $pdo->prepare("SELECT * FROM news WHERE title LIKE ? ORDER BY date DESC LIMIT ?, ?");
$readNews->bindValue(1, $search);
$readNews->bindValue(1, $begin,PDO::PARAM_INT);
$readNews->bindValue(2, $max,PDO::PARAM_INT);
}
else
{
$readNews = $pdo->prepare("SELECT * FROM news ORDER BY date DESC LIMIT ?, ?");
$readNews->bindValue(1, $begin,PDO::PARAM_INT);
$readNews->bindValue(2, $max,PDO::PARAM_INT);
}
$readNews->execute();
You have three parameters yet you assign a value to index 1 twice. Try this...
$readNews->bindValue(1, $search);
$readNews->bindValue(2, $begin,PDO::PARAM_INT);
$readNews->bindValue(3, $max,PDO::PARAM_INT);
I'm guessing you may want to wrap some wildcard characters around the $search value too. Try this...
$readNews->bindValue(1, "%$search%");
... or use CONCAT in your query...
WHERE title LIKE CONCAT('%', ?, '%')
Your query should also use WHERE instead of AND...
SELECT * FROM news WHERE title LIKE ? ORDER BY date DESC LIMIT ?, ?"
I would probably simplify this by using named placeholders to remove some of the duplication. In total, this...
if (isset($_POST['search'])) {
$stmt = $pdo->prepare("SELECT * FROM news WHERE title LIKE CONCAT('%', :search, '%') ORDER BY date DESC LIMIT :begin, :max");
$stmt->bindParam(':search', $_POST['search']);
} else {
$stmt = $pdo->prepare('SELECT * FROM news ORDER BY date DESC LIMIT :begin, :max');
}
$stmt->bindParam(':begin', $begin, PDO::PARAM_INT);
$stmt->bindParam(':max', $max, PDO::PARAM_INT);
$stmt->execute();
Related
I am trying to return a search term with PDO, some of the strings are wrapped in () and when searching they don't show up.
Take for example Strawberry (Ripe) it shows when I use the (r
But when I don't:
Is there any way to match the string within the parentheses for a fuller more efficient search.
My Current Code:
public function getAllFlavoursSearch($search) {
$query = "SELECT flavour_name, flavour_company_name FROM flavours WHERE flavour_name LIKE :search OR flavour_name LIKE :search2 OR flavour_name LIKE :search3 OR flavour_company_name LIKE :search4 LIMIT 0,100";
$stmt = $this->queryIt($query);
$stmt = $this->bind(':search', $search. '%', PDO::PARAM_STR);
$stmt = $this->bind(':search2', '%' .$search, PDO::PARAM_STR);
$stmt = $this->bind(':search3', '%('.$search.')%', PDO::PARAM_STR);
$stmt = $this->bind(':search4', '%('.$search.')%', PDO::PARAM_STR);
return $this->resultset();
there is a shortcut. MATCH() function. change your query to this.
$query = "SELECT flavour_name, flavour_company_name FROM flavours WHERE MATCH(`flavour_name`, `flavour_name`, `flavour_company_name`) AGAINST (:search) LIMIT 0,100";
i want to use orderby clause in the prepared statement.
following is my query
$stmt = $connect->prepare("SELECT send_stamp,id,receiverid, message, time, status,sentby FROM `chat` WHERE cust_id=?");
$stmt->bind_param('i', $cust_id);
$result=$stmt->execute();
Now where do i add order by(asc) in this query to sort it by date or id.
Please help
You do it like this:
$stmt = $connect->prepare("SELECT send_stamp,id,receiverid, message, time, status,sentby FROM `chat` WHERE cust_id = ? ORDER BY id ASC");
$stmt->bind_param('i', $cust_id);
$result=$stmt->execute();
As in normal SQL query: at the end of query:
$stmt = $connect->prepare(
"SELECT
send_stamp,id,receiverid, message, time, status, sentby
FROM `chat`
WHERE cust_id=?
ORDER BY id DESC"
);
$stmt->bind_param('i', $cust_id);
$result=$stmt->execute();
You just need to add at the end of query, following is an example in which I added ascending order clause.
$stmt = $connect->prepare(
"SELECT
send_stamp,id,receiverid, message, time, status, sentby
FROM `chat`
WHERE cust_id=?
ORDER BY id ASC"
);
$stmt->bind_param('i', $cust_id);
$result=$stmt->execute();
The above query will return the record with ascending order of id, since we are using order clause on id.
Normally in mysql order by is used at the end of the statement. like
SELECT send_stamp,id,receiverid, message, time, status,sentby FROM `chat` WHERE cust_id=? order by id
you can order by id,name or anything you want just write the name of that field.
$stmt = $connect->prepare("SELECT send_stamp,id,receiverid, message, time, status,sentby FROM `chat` WHERE cust_id=? ORDER BY date ASC");
This is my PHP PDO Code
$stmt = $conn->prepare("SELECT * FROM TABLE
WHERE tag1 IN ('$tag1','$tag2') $andor tag2 IN ('$tag1','$tag2 ') ORDER BY $sort DESC LIMIT $limit OFFSET $start");
// Then fire it up
$stmt->execute();
// Pick up the result as an array
$result = $stmt->fetchAll();
// Now you run through this array in many ways, for example
I am trying to convert it into prepared statements, but I really don't understand, how it will work. I tried a lot of things from Google, but nothing worked.
$stmt = $conn->prepare("SELECT * FROM table WHERE tag1=? OR tag1=? AND tag2=? OR tag2=? ORDER BY id DESC LIMIT 15,10");
$stmt->execute(array($tag1, $tag2, $tag1, $tag2));
$result = $stmt->fetch(PDO::FETCH_ASSOC);
I hope it works.
I'm testing a small search feature:
But I've come across an error that I cannot seem to solve. You can see the PDO query here:
$search = "test1"; //later to be changes to $_POST ['search'];
$sql = "SELECT id, name FROM clients WHEE name like %:name% order by id LIMIT 5";
$stm = $db->prepare ( $sql );
$stm->bindParam ( ":name" , $search);
$result = $stm->execute ();
As you can see, I'm trying to bind the parameter %:name% from my query, but I don't know if that's actually possible?
I receive the error:
Uncaught exception 'PDOException' with message 'SQLSTATE[42000]:.....
And I can see in the error that '' has been put around test1 %'test1'%
Is what I'm trying possible, or do I need to do something like this?
$query = "SELECT id, name FROM clients WHEE name like :name order by id LIMIT 5";
$sql->execute(array(":name" => "%" .$search . "%"));
Use
LIKE CONCAT('%', :name, '%')
This question already has an answer here:
Invalid Parameter Number. Parameter not defined
(1 answer)
Closed 8 years ago.
Here is my code
$sql3= "select *
from comments
where status=:status
limit=:limit
offset=:offset
order by time desc";
$query3= $pdo->prepare($sql3);
$query3->bindValue(":status",'n');
$query3->bindValue(":limit",$per_page);
$query3->bindValue(":offest",$offset);
$query3->execute();
$comments=$query3->fetchall();
Here comments is my table name status and time is two column in my table . Whenever I run this code , It shows a warning
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: parameter was not defined in E:\XAMPP\htdocs\parlament\user\logged_in_area.php
What does this mean ?
The answer depends of what are limit and offset.
If they're columns names...
You can't use these reserved keywords for column names without backticks
You need to add a AND / OR operator between your lines
$sql3= "select *
from comments
where status=:status
and `limit`=:limit
and `offset`=:offset
order by time desc";
$query3= $pdo->prepare($sql3);
$query3->bindValue(":status", 'n');
$query3->bindValue(":limit", $per_page);
$query3->bindValue(":offest", $offset);
$query3->execute();
$comments=$query3->fetchall();
If they're keywords...
The syntax is LIMIT <n>, not LIMIT = <n> (same for OFFSET)
It better to specify their type with PDO::PARAM_INT (same for OFFSET)
ORDER BY must be added before LIMIT and OFFSET
$sql3= "select *
from comments
where status=:status
order by time desc
limit :limit
offset :offset";
$query3= $pdo->prepare($sql3);
$query3->bindValue(":status", 'n');
$query3->bindValue(":limit", (int)$per_page, PDO::PARAM_INT);
$query3->bindValue(":offset", (int)$offset, PDO::PARAM_INT);
$query3->execute();
$comments=$query3->fetchall();
Adding my answer because nobody has mentioned this specific part yet...
MySQL is very picky about the data type of LIMIT parameters. You pretty much need to use bindParam(':limit', $per_page, PDO::PARAM_INT). I assume the same for OFFSET.
So, in summary
// because E_WARNING level errors are insufficient
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $pdo->prepare('SELECT * FROM `comments` WHERE `status` = :status ORDER BY `time` DESC LIMIT :limit OFFSET :offset');
$stmt->bindValue(':status', 'n');
$stmt->bindParam(':limit', $per_page, PDO::PARAM_INT);
$stmt->bindParam(':offset', $offset, PDO::PARAM_INT); // spelt "offset"
$stmt->execute();
$comments = $stmt->fetchAll(PDO::FETCH_ASSOC);
Try this->
$sql3= "select *
from comments
where status = ?
limit ?
offset ?
order by time desc";
$query3= $pdo->prepare($sql3);
$query3->execute(array('n',$per_page,$offset));
$comments=$query3->fetchall();
Not sure about that but I think that PDO::bindValue / bindParam works with variable references. You cannot set a static value as parameter.
Try to replace
$query3->bindValue(":status",'n');
by
$n_value = 'n';
$query3->bindValue(":status",$n_value);
You also forgot the "AND" Keyword between your conditions
You're missing the AND or OR keyword in statement. Also, LIMIT is a reserved keyword, you'll need to backtick it or rename it to something else if you don't want to do that.
$sql3= "select *
from comments
where status = ?
limit= ?
offset= ?
order by time desc";
$query3= $pdo->prepare($sql3);
$query3->bindValue(1,'n');
$query3->bindValue(2,$per_page);
$query3->bindValue(3,$offset);
$query3->execute();
$comments=$query3->fetchall();