The insert statement using PDO displays the following errors
Fatal error: Call to undefined function NOW() in C:\xampp\htdocs\copytimeline\timeline1\insert.php
it seems that NOW() belongs in sql statements not in the array. can someone help me to fix that.
thanks
$statement = $db->prepare('INSERT INTO tb ( session_id,timing)
values
( :session_id,:timing)');
$statement->execute(array(
':session_id' => $session_id,
':timing'=> NOW()
));
The MySQL function NOW() can't be passed as a variable. You need to include it in your query.
$statement = $db->prepare('INSERT INTO tb (session_id, timing)
values
(:session_id, NOW())');
$statement->execute(array(
':session_id' => $session_id
));
See MySQL PDO NOW() as assigned value - is it possible?
Related
I have connected to the db and able to update a record.
I have a variable named "action" that is either "update" or "add".
I use it in a switch statement to set my query to either "SELECT" or "INSERT".
SELECT statement works.
INSERT statement does not.
I get this error on $pdo->execute($data).
PHP Fatal error: Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number: parameter was not defined in ...
PDOStatement->execute(Array)
The error is thrown by the PDOStatement
Here is what I have tried, seems pretty straight-forward, but i'm struggling with it.
$data = [
'firstName'=> $firstName,
'lastName'=> $lastName,
'badge'=> $badge,
'department'=> $department,
'image'=> $image,
'active'=> $active,
'stars'=> $stars,
'email'=> $email,
'primary_key'=> $primaryKey,
];
$sql = "INSERT INTO `team`
(`primary_key`,`firstName`, `lastName`, `badge`, `department`, `image`, `active`, `stars`, `email`)
VALUES
(NULL, :firstName, :lastName, :badge, :department, :image, :active, :stars, :email)";
$pdo->prepare($sql);
$pdo->execute($data); <- error is here
When I simply echo my $data array to see if there is something odd. I don't see anything based off all the sites, I've read.
//$data array DATA
primary_key =
firstName = test
lastName = test
badge = 9000
department = marketing
image = 9000.jpg
active = 1
stars = 0
email = tester#test.com
primary_key in db is auto-increment
primary_key is $_post[] on update query and NULL insert query (auto increment db column)
Any errors that would prevent this INSERT query from working that you can see? I'm stuck. I know it the array has 9 variables, there are 9 fields to insert, and 9 values listed.
I know it the array has 9 variables, there are 9 fields to insert, and 9 values listed.
Count the parameters. There are 8 of them. The array includes a value called primary_key for which there is no parameter in the query.
primary_key in db is auto-increment
Then don't insert a value for it:
$sql = "INSERT INTO `team`
(`firstName`, `lastName`, `badge`, `department`, `image`, `active`, `stars`, `email`)
VALUES
(:firstName, :lastName, :badge, :department, :image, :active, :stars, :email)";
And remove primary_key from the $data array.
I am trying to insert timestamp to my MySQL database using PHP. But there is shown an error off
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter
number: parameter was not defined in
/opt/lampp/htdocs/e-exam/user.message.php on line 22
But
Here line 22 is ':sent_at' => $timestamp
$timestamp = date('Y-m-d G:i:s');
//message sending
$sql3 = "INSERT INTO message(title, content, sender_id, sent_at ) VALUES (:title, :content, :sender_id, :sent_at)";
$stmt3 = $pdo->prepare($sql3);
$stmt3->execute(array(
':title' => $_POST['title'],
':content' => $_POST['content'],
':email' => $_SESSION['active_user'],
':sent_at' => $timestamp
));
Please help me to solve this error
If you only want to insert the sent_at ( current time ) , there is easier way, by using NOW() at first you create the table.
the other way is by change the line into this
"INSERT INTO message(title, content, sender_id, sent_at ) VALUES (:title, :content, :sender_id, NOW())";
take a lot at NOW() in the query.
you can try the query
select NOW()
it will result something like this 2018-07-04 18:17:49
in mysql you can use data type datetime
I'm getting the error "SQLSTATE[HY093]: Invalid parameter number" when I try to run the below function:
function add_persist($db, $user_id) {
$hash = md5("per11".$user_id."sist11".time());
$future = time()+(60*60*24*14);
$sql = "INSERT INTO persist (user_id, hash, expire) VALUES (:user_id, :hash, :expire) ON DUPLICATE KEY UPDATE hash=:hash";
$stm = $db->prepare($sql);
$stm->execute(array(":user_id" => $user_id, ":hash" => $hash, ":expire" => $future));
return $hash;
}
I feel like it's something simple that I'm just not catching. Any ideas?
Try:
$sql = "INSERT INTO persist (user_id, hash, expire)
VALUES (:user_id, :hash, :expire)
ON DUPLICATE KEY UPDATE hash=:hash2";
and
$stm->execute(
array(":user_id" => $user_id,
":hash" => $hash,
":expire" => $future,
":hash2" => $hash)
);
Excerpt from the documentation (http://php.net/manual/en/pdo.prepare.php):
You must include a unique parameter marker for each value you wish to pass in to the statement when you call PDOStatement::execute(). You cannot use a named parameter marker of the same name twice in a prepared statement. You cannot bind multiple values to a single named parameter in, for example, the IN() clause of an SQL statement.
This is one limitation to using PDO. PDO simply acknowledges the number of parameters in the query and the execution and throws an error on any mismatch. If you need to use parameter repetition in your queries, you have to go about it using a workaround
$sql = "insert into persist(user_id, hash, expire) values
(:user_id, :hash, :value) on duplicate key update
hash = :hash2";
$stm->execute(array(':user_id' => $user_id, ':hash' => $hash, ':hash2' => $hash,
':expire' => $expire));
You can refer to this for a more elaborate workaround - https://stackoverflow.com/a/7604080/1957346
I know this is an old question, however I think it's worth noting that a more appropriate solution would be to avoid clunky workarounds in PHP by leveraging SQL appropriately:
INSERT INTO `persist` (`user_id`, `hash`, `expire`)
VALUES (:user_id, :hash, :expire)
ON DUPLICATE KEY UPDATE `hash`=VALUES(`hash`)
This way, you only need to send the value once.
$stmt = $con->prepare("INSERT INTO items(Name, Description, Price, Country_Made, Status, Add_Date) VALUES( :zname, :zdesc, :zprice, :zcountry, zstatus, now())");
$stmt-> execute(array(
"zname" => $name,
"zdesc" => $desc,
"zprice" => $price,
"zcountry" => $country,
"zstatus" => $status
));
I don't really know MySQL but I try.
I have this script in PHP
$sql = $DB->prepare("INSERT INTO `users`(`id`, `firstname`, `lastname`, `email`, `password`) VALUES ($this->firstname, $this->lastname, $this->email, $this->password))");
and when I use
print_r($sql->errorInfo());
It is giving me this error
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter
number: no parameters were bound in
C:\Bitnami\wampstack-5.5.27-0\apache2\htdocs\OOPLogin\register.php on
line 115 Array ( [0] => HY093 [1] => [2] => )
If anyone could help me, I would appreciate it very much.
Thank you.
EDIT: I changed it to
$sql = $DB->prepare("INSERT INTO `users`(`firstname`, `lastname`, `email`, `password`) VALUES ($this->firstname, $this->lastname, $this->email, $this->password))");
And now it's giving me
Array ( [0] => 42000 [1] => 1064 [2] => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '#gmail.com, ff0b80f26259f9c0178aeed5198bac48))' at line 1 )
Assuming your using PDO, you need to bind parameters with a prepared statement.
Here's an example, using the PDO::prepare documentation for reference:
$statement = $DB->prepare("INSERT INTO `table` (`id`) VALUES (?)");
$statement->execute(array($user_id));
Additional example using mysqli as an alternative...
$statement = $DB->prepare("INSERT INTO `table` (`id`) VALUES (?)");
$statement->bind_param("i", $user_id);
$statement->execute();
You need to bind each of your parameters instead of putting them inline your prepared statement.
You are misusing the prepare() function. When using prepared statements, you are supposed to use either ? or :name as placeholders for your values. This prevents you from constructing a malicious SQL query from user input.
Also, you are listing 5 fields, but only give 4 values. If id is an AUTO_INCREMENT field then it can just be omitted from the query.
Finally, you had too many ) in your query,
$sql = $DB->prepare("INSERT INTO `users`(`firstname`, `lastname`, `email`, `password`)
VALUES (:firstname, :lastname, :email, :password)");
Now you just pass an array of values to execute() to bind to the placeholders.
$sql->execute(array(
'firstname' => $this->firstname,
'lastname' => $this->lastname,
'email' => $this->email,
'password' => $this->password
));
P.S. Your original code didn't work because you forgot to put quotes around your strings.
INSERT INTO `users` (`email`) VALUE ('test#example.com');
Your ID-column does not have a corresponding value to insert, if that column is auto-incrementint you can skip it, like so:
$sql = $DB->prepare("INSERT INTO `users`(`firstname`, `lastname`, `email`, `password`) VALUES ($this->firstname, $this->lastname, $this->email, $this->password))");
you need as many values to insert, as you have columns
An Insert query need to have the same parameters in table fields and values in the same order.
So, if you have id, firstname, lastname, email, password
you need to have idValue, firstnameValue, lastnameValue, emailValue, passwordValue
A good way to try if query is well formed is do an echo $sql or a var_dump($sql) and paste the result on a sql ID query like Mysql Workbench or HeidiSql
I'm getting the error "SQLSTATE[HY093]: Invalid parameter number" when I try to run the below function:
function add_persist($db, $user_id) {
$hash = md5("per11".$user_id."sist11".time());
$future = time()+(60*60*24*14);
$sql = "INSERT INTO persist (user_id, hash, expire) VALUES (:user_id, :hash, :expire) ON DUPLICATE KEY UPDATE hash=:hash";
$stm = $db->prepare($sql);
$stm->execute(array(":user_id" => $user_id, ":hash" => $hash, ":expire" => $future));
return $hash;
}
I feel like it's something simple that I'm just not catching. Any ideas?
Try:
$sql = "INSERT INTO persist (user_id, hash, expire)
VALUES (:user_id, :hash, :expire)
ON DUPLICATE KEY UPDATE hash=:hash2";
and
$stm->execute(
array(":user_id" => $user_id,
":hash" => $hash,
":expire" => $future,
":hash2" => $hash)
);
Excerpt from the documentation (http://php.net/manual/en/pdo.prepare.php):
You must include a unique parameter marker for each value you wish to pass in to the statement when you call PDOStatement::execute(). You cannot use a named parameter marker of the same name twice in a prepared statement. You cannot bind multiple values to a single named parameter in, for example, the IN() clause of an SQL statement.
This is one limitation to using PDO. PDO simply acknowledges the number of parameters in the query and the execution and throws an error on any mismatch. If you need to use parameter repetition in your queries, you have to go about it using a workaround
$sql = "insert into persist(user_id, hash, expire) values
(:user_id, :hash, :value) on duplicate key update
hash = :hash2";
$stm->execute(array(':user_id' => $user_id, ':hash' => $hash, ':hash2' => $hash,
':expire' => $expire));
You can refer to this for a more elaborate workaround - https://stackoverflow.com/a/7604080/1957346
I know this is an old question, however I think it's worth noting that a more appropriate solution would be to avoid clunky workarounds in PHP by leveraging SQL appropriately:
INSERT INTO `persist` (`user_id`, `hash`, `expire`)
VALUES (:user_id, :hash, :expire)
ON DUPLICATE KEY UPDATE `hash`=VALUES(`hash`)
This way, you only need to send the value once.
$stmt = $con->prepare("INSERT INTO items(Name, Description, Price, Country_Made, Status, Add_Date) VALUES( :zname, :zdesc, :zprice, :zcountry, zstatus, now())");
$stmt-> execute(array(
"zname" => $name,
"zdesc" => $desc,
"zprice" => $price,
"zcountry" => $country,
"zstatus" => $status
));