i am trying to use this PHP PDO prepared statement to run an SQL Query:
$stmt = $pdo_conn->prepare("SELECT *, LEAST(:col_list) as num FROM callplandata WHERE number LIKE :number HAVING num != 0 ");
$stmt->execute(array(':col_list' => implode(',',$column_list), ':number' => '%'.$_POST["prefix"].'%'));
but its showing this error message:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1582 Incorrect parameter count in the call to native function 'LEAST'' in /home/integra/public_html/included_pages/call_tarrif_search.php:62 Stack trace: #0 /home/integra/public_html/included_pages/call_tarrif_search.php(62): PDOStatement->execute(Array) #1 /home/integra/public_html/index.php(119): include('/home/integra/p...') #2 {main} thrown in /home/integra/public_html/included_pages/call_tarrif_search.php on line 62
what am i doing wrong?
LEAST accepts 2 or more values and returns the least one.
You're passing a single value, that is the roots of the error.
PS: and as soon as you haven't explained the original issue - there is nothing to add here. Please don't ask "how to fix it" because we have no idea what you're trying to achieve.
Related
// Check for existence - don't add a duplicate
$sqlQuery = $pdo->prepare('SELECT campaign_id FROM campaigns WHERE (customer_id=:customerId) AND (title=:campaignTitle) AND (description=:campaignDescription) AND (start_time=:startTimeStamp) AND (end_time=:endTimeStamp)');
$sqlQuery->bindParam(':customerId', $customerId); // , PDO::PARAM_INT
$sqlQuery->bindParam(':campaignTitle', $campaignTitle);
$sqlQuery->bindParam(':campaignDescription', $campaignDescription);
$sqlQuery->bindParam(':startTimeStamp', $campaignTitle);
$sqlQuery->bindParam(':endTimeStamp', $endTimeStamp);
$sqlResult = DatabaseCommand($sqlQuery);
results in
Fatal error: Uncaught exception 'PDOException' with message
'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an
error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near ':customerId)
AND (title=:campaignTitle) AND (description=:campaignDescription) A'
at line 1' in E:\coding\Web
Development\Xampp\htdocs\api\addCampaign.php:42 Stack trace: #0
E:\coding\Web Development\Xampp\htdocs\api\addCampaign.php(42):
PDO->query('SELECT campaign...') #1 {main} thrown in E:\coding\Web
Development\Xampp\htdocs\api\addCampaign.php on line 42
but I can't see why
[Update] for those who wanted to see the code of DatabaseCommand() this is pretty much it.
function DatabaseCommand($sqlCommand)
{
$result = $sqlCommand->execute();
return $result;
}
There is some additional code, but that just logs the command for debugging porpoises, checks for errors, logs those, catches exception & emails me.
update: seems like this isn't the solution, only improves readability
put a space between = and the parameter:
$sqlQuery = $pdo->prepare('SELECT campaign_id FROM campaigns WHERE (customer_id= :customerId) AND (title= :campaignTitle) AND (description= :campaignDescription) AND (start_time= :startTimeStamp) AND (end_time= :endTimeStamp)');
This code you posted here has nothing to do with error message you get.
You have to check addCampaign.php file, line 42 where you are using query() method instead of execute(). And of course you have to check the actual file that being executed.
I'll take the opportunity to direct all the enthusiast programmers' attention to the extreme helpfulness of reading error messages. Despite of the common belief, it is not just a reproach, reading "You've done something wrong!", leaving you to guess the reason, but precise and detailed explanation. And it only takes to read the error message to get the clue.
I'll also take the opportunity to direct all the enthusiast programmers' attention to the fact that if common practice of echoing only error message, leaving stack trace behind, were used, the information on the real cause of error were omitted.
I am trying to make a PDO query to be searchable not only by the whole string but also by first letter or last letter anything like this. My question is what approach I have to take to achieve this goal.
My original idea was to use wildcard symbol and something like the following:
SELECT * FROM idname WHERE field LIKE CONCAT('%', :field , '%')
but this option for me is not working since I am getting an error:
Warning: Division by zero in**
Warning: Division by zero in E:\xampp\htdocs\search-contact.php on line 111
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIMIT 0, 30' at line 1' in E:\xampp\htdocs\dolche\admin\class\pagination.php:451 Stack trace: #0 E:\xampp\htdocs\dolche\admin\class\pagination.php(451): PDOStatement->execute() #1 E:\xampp\htdocs\search-contact.php(125): pagination->execute() #2 {main} thrown in E:\xampp\htdocs\class\pagination.php on line 451
My code ad the moment is the following:
try
{
$paginate = new pagination($page, 'SELECT * FROM idname WHERE field LIKE :field', $options);
}
catch(paginationException $e)
{
echo $e;
exit();
}
$paginate->bindValue(':field', $_POST['field'] , PDO::PARAM_STR);
$paginate->execute();
Any suggestions are welcome ?
When using PDO you have to put the wildcards in the parameter, so it would look like:
$paginate->bindValue(':field', '%'.$_POST['field'].'%' , PDO::PARAM_STR);
When I run this code:
$addUniverseColumn = $db->prepare("ALTER TABLE spaceships ADD :universe int");
$addUniverseColumn->bindParam(":universe", $name);
$addUniverseColumn->execute();
I get the following error:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''asfa' int' at line 1' in D:\XAMPP\htdocs\php\locationconfig.php:63 Stack trace: #0 D:\XAMPP\htdocs\php\locationconfig.php(63): PDOStatement->execute() #1 {main} thrown in D:\XAMPP\htdocs\php\locationconfig.php on line 63
Note: $addUniverseColumn->execute(); is the line 63.
I have little to no idea as to what the problem is. I've searched for an answer to the problem but I can't find anything. Any help would be appreciated. :)
Placeholders can only work for VALUES, never field/table names. You cannot use a placeholder for the field name in an ALTER query. You'll have to use good old string interpolation for it:
$db->prepare("ALTER TABLE spaceships ADD $name int");
I am using PDO, and am thrown an error when using the following code:
$stmt = $pdo->prepare("SELECT username FROM users WHERE
WHERE INSTR(`games`, '{$gameid}') > 0
");
$gameid = $gamedata['id'];
$stmt->execute(array(
':gameid'=>$gameid
));
$players = $stmt->fetch(PDO::FETCH_ASSOC);
Through looking at past answers this is supposed to work, however I am met with the following error:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]: Syntax
error or access violation: 1064 You have an error in your SQL syntax; check the manual
that corresponds to your MySQL server version for the right syntax to use near 'WHERE
INSTR(`games`, 'crysis') > 0' at line 2' in C:\xampp\htdocs\gs\gamepage.php:19 Stack
trace: #0 C:\xampp\htdocs\gs\gamepage.php(19): PDOStatement->execute(Array) #1 {main}
thrown in C:\xampp\htdocs\gs\gamepage.php on line 19
It also appears it's grabbing 'games' as a literal and not the column
What am I doing wrong?
You have a double WHERE:
SELECT username FROM users WHERE
WHERE
You're also doing some funny things with $gameid, namely setting the variable after substitution, and binding an unused :gameid parameter. You also have a SQL injection vulnerability and should really use a parameter to pass $gameid instead of creating dynamic SQL.
You have the word games encased in "back quotes" and not "single quotes" like the {$gameid} variable is using. They are probably making the db engine assume it is a column name instead of text.
$stmt = $pdo->prepare('SELECT `username` FROM `users`
WHERE INSTR(`games`, :gameid) > 0;');
And you should use $stmt->bindValue() or $stmt->bindParameter() before executing the query.
This won't work if gameid is an ... INTEGER ! ? ! ?
At work we are using Zend 1.10.7 and were getting a weird error:
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[08P01]: <<Unknown error>>: 7 ERROR: bind message supplies 0 parameters, but prepared statement "pdo_stmt_00000015" requires 1' in /var/www/ZendFramework-1.10.7/library/Zend/Db/Statement/Pdo.php:228
Stack trace:
#0 /var/www/ZendFramework-1.10.7/library/Zend/Db/Statement/Pdo.php(228): PDOStatement->execute(Array)
#1 /var/www/ZendFramework-1.10.7/library/Zend/Db/Statement.php(300): Zend_Db_Statement_Pdo->_execute(Array)
#2 /var/www/ZendFramework-1.10.7/library/Zend/Db/Adapter/Abstract.php(468): Zend_Db_Statement->execute(Array)
#3 /var/www/ZendFramework-1.10.7/library/Zend/Db/Adapter/Pdo/Abstract.php(238): Zend_Db_Adapter_Abstract->query(Object(Zend_Db_Table_Select), Array)
#4 /var/www/ZendFramework-1.10.7/library/Zend/Db/Table/Abstract.php(1505): Zend_Db_Adapter_Pdo_Abstract->query(Object(Zend_Db_Table_Select))
#5 /var/www/ZendFramework-1.10.7/library/Zend/Db/Table/Abstract.php(1321): Zend_Db_Table_Abstract->_fetch(Object(Zend_Db_Table_Select))
#6 /var/w in /var/www/ZendFramework-1.10.7/library/Zend/Db/Statement/Pdo.php on line 234
Has any one ever seen this before? and if so what's the cause? it only does this in Firefox and IE 9. But chrome is fine, the site works.
Any thoughts? Too me, and my Google mind its one of my inserts or select statements, but again in chrome it works, selects, inserts and updates information in the database.
we are using PostgreSQL as a database
The PDO query is looking for a bound parameter, with this said there should be no reason why different browsers are giving different results unless the values passed to this query are dynamically generated -
If your query looks like this:
SELECT * FROM users WHERE id = ?
You need to ensure you bind one parameter.
$stmt->bindParam(1, $idValue);
If $idValue is the result of a function that for some reason returns NULL or the bindParam method call itself is wrapped in a conditional statement that only evaluate true on Christmas day you will have an exception like yours. This is because the value is missing when the statement is executed.
Edit: My guess is that the Array value here PDOStatement->execute(Array) is empty.