I'm making an IS and I have a problem with updating mysql table. I'm using PHP 5.3 and PDO.
$query_update = $this->db_connection->prepare('UPDATE Client SET name =: name, surname=:surname WHERE id=:id');
$query_update->bindValue(':id', $id, PDO::PARAM_INT);
$query_update->bindValue(':name', $name, PDO::PARAM_STR);
$query_update->bindValue(':surname', $surname, PDO::PARAM_STR);
$query_update->execute();
Warning: PDOStatement::execute() [pdostatement.execute]: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in file on line X.
The Warning is referencing line with execute().
Thanks for help.
EDIT: It's working now, again thanks for help.
You have a space too much. Correct you query to this:
$this->db_connection->prepare('UPDATE Client SET name =:name, surname=:surname WHERE id=:id');
// -----------------------------------------------------^
This lead to only two variables being used in the query, which didn't match the 3 variables you provided.
(Your query in the current form should throw an error anyways at the same position.)
Related
I'm getting this annoying error and although I have an idea of why I'm getting it, I can't for the life of me find a solution to it.
if ($limit) {
$sth->bindValue(':page', $page - 1, PDO::PARAM_INT);
$sth->bindValue(':entries_per_page', $page * $entries_per_page, PDO::PARAM_INT);
}
$sth->execute($criteria);
Query contains placeholders (:placeholder). But to add those LIMIT placeholders, I need to use the manual method (bindValue) because otherwise the engine will turn them into strings.
I'm not getting the Invalid number of parameters error, so all placeholders have been bound correctly (I assume).
Query:
SELECT `articles`.*, `regional_municipalities`.`name` AS `regional_municipality_name`,
`_atc_codes`.`code` AS `atc_code`, `_atc_codes`.`name` AS `substance`
FROM `articles`
LEFT JOIN `_atc_codes`
ON (`_atc_codes`.`id` = `articles`.`atc_code`)
JOIN `regional_municipalities`
ON (`regional_municipalities`.`id` = `articles`.`regional_municipality`)
WHERE TRUE AND `articles`.`strength` = :strength
GROUP BY `articles`.`id`
ORDER BY `articles`.`id`
LIMIT :page, :entries_per_page
All placeholder values reside in $criteria, except for the last two LIMIT, which I manually bind with bindValue().
This same error 2031 can be issued when one bind two values with the same parameter name, like in:
$sth->bindValue(':colour', 'blue');
$sth->bindValue(':colour', 'red');
..so, beware.
You cannot use ->bind* and ->execute($params). Use either or; if you pass parameters to execute(), those will make PDO forget the parameters already bound via ->bind*.
This exception also appears if you try to run a query with placeholders instead of preparing a statment such as
$stmt = $db->query('SELECT * FROM tbl WHERE ID > ?');
instead of
$stmt = $db->prepare('SELECT * FROM tbl WHERE ID > ?');
From the manual:
public bool PDOStatement::execute ([ array $input_parameters ] )
Execute the prepared statement. If the prepared statement included
parameter markers, you must either:
call PDOStatement::bindParam() to bind PHP variables to the parameter markers: bound variables pass their value as input and
receive the output value, if any, of their associated parameter
markers
or pass an array of input-only parameter values
You need to pick a method. You cannot mix both.
It's not exactly an answer, but this error also happens if you try to use a word with a hyphen as placeholders, for example:
$sth->bindValue(':page-1', $page1);
So better use
$sth->bindValue(':page_1', $page1);
This happens if you have mismatching parameters. For example:
$q = $db->prepare("select :a, :b");
$q->execute([":a"=>"a"]);
The exception also happens (at least in MySQL/PDO) when your SQL tries to UPDATE an AUTO_INCREMENT field.
I don't know why this is happening and I keep getting this error Warning:
mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement
$stmt = $conn->prepare("SELECT clicks FROM affiliate WHERE ID ='$ID'");
$stmt->bind_param("i", $ID);
$stmt->execute();
$stmt->bind_result($clicks); // Store the result in the $clicks variable
Replace '$ID' in the query with ?. The question mark is used to mark variables that need to be bound.
I am learning php and trying to make the following work:
<?php
require_once("db_connect.php");
// TODO - Check that connection was successful.
$dname = $_POST["dname"];
$daddress = $_POST["daddress"];
$stmt = $mysqli->prepare("INSERT INTO test (dname, daddress) VALUES (?, ?)");
// TODO check that $stmt creation succeeded
// "s" means the database expects a string
$stmt->bind_param("s", $dname, $daddress);
$stmt->execute();
$stmt->close();
$mysqli->close();
?>
It works with just one bind_param but not 2. If $daddress was removed from the code then it posts. The form has 26 posts into database I am doing it with 2 at the moment to keep it minimal.
I get the following error when the form is submitted.
Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of elements in type definition string doesn't match number of bind variables in /home/mymotorsportco/public_html/entry/actions/entry.php on line 15
As per PHP manual:
types
A string that contains one or more characters which specify the types for the corresponding bind variables
i - corresponding variable has type integer
d - corresponding variable has type double
s - corresponding variable has type string
b - corresponding variable is a blob and will be sent in packets
You have to add types for all the parameters you are binding. So if the second parameter is a string, you have to do
$stmt->bind_param("ss", $dname, $daddress);
You need to pass in the same amount of characters into the first argument, as you have values to inject into your query. For example:
$stmt->bind_param("ss", $dname, $daddress);
Will say that the first param is a string, as well as the second. Additionally, the following will tell the database to expect a string, then an int:
$stmt->bind_param("si", $dname, $daddress);
Big props for using prepared statements, most newbies will throw in variables with absolutely no sanitation. You're on the right track!
You have 2 strings not 1.
$stmt->bind_param("ss", $dname, $daddress);
I use PDO to execute sql
"INSERT INTO zhushou_cost_uid
(uid,imei,wmac,imsi,channel,supplier,uuid,brand,device_model,os,os_version,app_version,promotion_method,log_source,takeup_date)
VALUES
('863207010118070','863207010118070','02037ff459cb','460025323359694','sc-hjcx_ins_cgq','','�ܟ*c�1�]�y�.���#���h���!�o ��z�!Y�~��t8�KOd�xd]���sm����n%$����H����[?�p���M����','KINGSUN','KINGSUN S6','Android','4.1.2','3.2','','1','2015-11-29 03:21:21')",
PHP code:
$db = $this->getWritableDB();
$stmt = $db->prepare($sql);
$exec = $stmt->execute();
the data of uuid is dirty data, and in our log it is
"uuid":"�ܟ*c�1�]�y�.���#��\u0015�h\u001a���!\u001c�\u0013o �\u0013�z�\u0000!Y�~��t8�KOd�xd]�\u0001��sm\u0016����\u0001n\u0013%$����H����[\u0003?�p���M��\u001a��"
I got the result
SQLSTATE[HY093]: Invalid parameter number: no parameters were bound.
When I try to copy the sql onto the terminator, exiting the mysql login status. I think there is something wrong in uuid. But I can not figure out it. Can anyone help me? Thank you very much!
$stmt = $db->prepare($sql);
Since you're preparing your statement, if there's anything in it that can be interpreted as a question mark or colon, it will be taken as a placeholder and you're expected to then pass values for it in the execute step. Since this is not actually what you're intending, don't prepare the statement if you don't intend to have placeholders in it. Instead:
$db->exec($sql);
Having said that, it's suspicious that you're passing a fully formed SQL query in $sql; perhaps you should be rewriting this whole thing so you do have actual placeholders in your query and are passing the actual values separately to execute.
i read few topics here but i dont find right answer.
I am getting this error:
Warning: PDOStatement::execute() [pdostatement.execute]: SQLSTATE[HY093]: Invalid
parameter number: number of bound variables does not match number of tokens in
....
PHP code:
$sarray[':item1'.$i] = $ws->getCell($item1.$i)->getValue();
$sarray[':item2'.$i] = $ws->getCell($item2.$i)->getValue();
$sarray[':item3'.$i] = $ws->getCell($item3.$i)->getValue();
$sql = update ...
$sql1 = $DB->prepare($sql);
$sql1->execute($sarray);
And after executing i am getting Error(it is at top).
Problem:
Problem is that, $sarray[':item1'.$i] and $sarray[':item2'.$i] have same definition and if add third $sarray[':item3'.$i] it makes fault, but i dont know how to fix it.
Thanks for any response.