Stephen Adkins Stephen Adkins - 6 months ago 32
PHP Question

Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number'

I'm receiving an error whenever I attempt to insert into my database using PDO.

public function save($primaryKey = "") {
$validate = $this->rules();
if ($validate === true) {
$properties = '';
$values = '';
$bindings = array();
$update = '';
foreach ($this as $property => $value){
if ($property === "conn") {
continue;
}
$properties .= $property . ',';
$values .= ':' . $property . ',';
$update .= $property . ' = :' . $property . ',';
$bindings[':'.$property] = $value;
}
$sql_string = 'INSERT INTO ' . get_class($this) . ' (' . rtrim($properties, ',') . ') ';
$sql_string .= 'VALUES (' . rtrim($values, ',') . ') ON DUPLICATE KEY UPDATE ' . rtrim($update, ',') . ';';
$result = $this->executeQuery(NULL, $sql_string, $bindings);
$this->buildObject($result);
if (!empty($primaryKey)) {
$this->$primaryKey = $this->conn->lastInsertId();
}
return $result;
} else {
return $validate;
}
}

public function executeQuery($object, $sql_string, $bindings = null) {
$stmt = $this->conn->prepare($sql_string);
if (!empty($bindings)) {
if (!$stmt->execute($bindings)) {return false;}
} else {
if (!$stmt->execute()) {return false;}
}
$result = (!empty($object) ? $stmt->fetchAll(PDO::FETCH_CLASS, $object) : $stmt->fetchAll());
return (($stmt->rowCount() > 0) ? $result : false);
}


The save function generates both the query string and the bindings which both seem correct.

query = INSERT INTO am_administrator (firstName,lastName,username,password,email,isSuperUser,dateCreated,dateLastModified) VALUES (:firstName,:lastName,:username,:password,:email,:isSuperUser,:dateCreated,:dateLastModified) ON DUPLICATE KEY UPDATE firstName = :firstName,lastName = :lastName,username = :username,password = :password,email = :email,isSuperUser = :isSuperUser,dateCreated = :dateCreated,dateLastModified = :dateLastModified;

bindings = array(8) {
[":firstName"]=> string(5) "First"
[":lastName"]=> string(4) "Last"
[":username"]=> string(7) "cova-fl"
[":password"]=> string(8) "password"
[":email"]=> string(16) "test@testing.com"
[":isSuperUser"]=> int(1) "1"
[":dateCreated"]=> string(19) "2016-05-11 02:40:15"
[":dateLastModified"]=> string(19) "2016-05-11 02:40:15"
}


Whenever I put the query into workbench I have no problems, but when trying to run it in code I get Fatal Error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number' which confuses me since the number of bindings params matches the bindings keys and nummbers. Can anyone enlighten me on this issue?

Answer

I think this might be because you have decared each binding twice in the statement e.g. :firstname appears in the VALUES clause as well as the ON DUPLICATE KEY UPDATE clause.

You only pass 8 bindings to the $stmt->execute but PDO is looking for 16.

You could try naming them slightly different in the ON DUPLICATE KEY UPDATE clause giving you a query such as e.g.

INSERT INTO am_administrator (firstName,lastName,username,password,email,isSuperUser,dateCreated,dateLastModified) VALUES (:firstName,:lastName,:username,:password,:email,:isSuperUser,:dateCreated,:dateLastModified) ON DUPLICATE KEY UPDATE firstName = :update_firstName,lastName = :update_lastName,username = :update_username,password = :update_password,email = :update_email,isSuperUser = :update_isSuperUser,dateCreated = :update_dateCreated,dateLastModified = :update_dateLastModified;

Comments