Yeremia Danang Yeremia Danang - 24 days ago 5
PHP Question

PDO and PHP help... SQLSTATE[HY093]: Invalid parameter number: no parameters were bound

really need help for my project. I get this error. Working for 2 hours and still no clue... :


SQLSTATE[HY093]: Invalid parameter number: no parameters were bound


I'm trying to create new object from Form and put into database.
Here's my codes...

This one is my form.

<form role="form" method="POST" enctype='multipart/form-data' action="Action/CreateAdmin.php">
<fieldset>
<table>
<tr>
<td><div class="form-group">Username</div></td>
<td><div class="form-group">:</div></td>
<td>
<div class="form-group">
<input class="form-control" placeholder="Username" name="username" type="text" autofocus>
</div>
</td>

</tr>
<tr>
<td><div class="form-group">Password</div></td>
<td><div class="form-group">:</div></td>
<td>
<div class="form-group">
<input class="form-control" placeholder="Password" name="password" type="password" value="">
</div>
</td>

</tr>
<tr>
<td><div class="form-group">Nama Depan</div></td>
<td><div class="form-group">:</div></td>
<td>
<div class="form-group">
<input class="form-control" placeholder="Nama Depan" name="NamaDpn" type="text" value="">
</div>
</td>

</tr>
<tr>
<td><div class="form-group">Nama Belakang</div></td>
<td><div class="form-group">:</div></td>
<td>
<div class="form-group">
<input class="form-control" placeholder="Nama Belakang" name="NamaBlkng" type="text" value="">
</div>
</td>

</tr>
<tr>
<td><div class="form-group">No. Telepon</div></td>
<td><div class="form-group">:</div></td>
<td>
<div class="form-group">
<input class="form-control" placeholder="No. Telepon" name="no_telp" type="text" value="">
</div>
</td>

</tr>
<tr>
<td><div class="form-group">Previlage</div></td>
<td><div class="form-group">:</div></td>
<td>
<div class="form-group">
<?php
$dataRole=$RoleObject -> getAllRole() -> getIterator();
echo "<select class='form-control' name='role'>";
while($dataRole -> valid()){
echo "<option value='".$dataRole -> current()->getIdRole()."'>".$dataRole->current()->getRoleName()."</option>";
$dataRole->next();
}
echo"</select>";
?>

</div>
</td>
</tr>
<tr>
<td><div class="form-group">Kategori</div></td>
<td><div class="form-group">:</div></td>
<td>
<div class="form-group">
<?php
$dataKategori=$kategoriObject -> getAllKategori() -> getIterator();
echo "<select class='form-control' name='kategori'>";
while($dataKategori -> valid()){
echo "<option value='".$dataKategori -> current()->getIdKategori()."'>".$dataKategori->current()->getNamaKategori()."</option>";
$dataKategori->next();
}
echo"</select>";
?>

</div>
</td>
</tr>

<tr>
<td><div class="form-group">Foto</div></td>
<td><div class="form-group">:</div></td>
<td>
<div class="form-group">
<input class="form-control" placeholder="Foto" name="foto" type="file" value="">
</div>
</td>
</tr>
<br/>
<?php

if(isset($_GET["pesan"]))
{
if($_GET["pesan"] == MD5("kosong"))
{
?>
<p style ="color:red;"> Username atau Password kosong. </p>
<?php

}
else if($_GET["pesan"] == MD5("none"))
{
?>
<p style ="color:red;"> Username atau Password salah. </p>
<?php

}
}

?>
<!-- Change this to a button or input when using this as a form -->
<tr>
<td colspan="3"> <button class="btn btn-lg btn-success btn-block" name="btnSubmitAdmin">Submit Admin</button> </td>
</tr>

</table>
</fieldset>
</form>


This One is my UserObject function for insert

<?php
function insertUser (user $user)
{
$result=FALSE;

try{
$iduser= $user -> getIdUser();
$username= $user -> getUsername();
$password= $user -> getPassword();
$namadpn= $user -> getNamaDpn();
$namablkng= $user -> getNamaBlkng();
$notelp= $user -> getNoTelp();
$role=$user->getRoleId();
$kategori= $user -> getKategori();
$foto=$user->getFoto();


$koneksi=Connection::getConnection();
$koneksi->beginTransaction();
$query="INSERT INTO User(id_user, username, password, nama_dpn, nama_blkng, no_telp, id_role, id_kategori,foto) VALUES(?,?,?,?,?,?,?,?,?)";

$stmt=$koneksi->prepare($query);
$stmt -> execute();

$stmt -> bindParam(1, $user->id_user());
$stmt -> bindParam(2,$user->username());
$stmt -> bindParam(3, $user->password());
$stmt -> bindParam(4,$user->nama_dpn());
$stmt -> bindParam(5, $user->nama_blkng());
$stmt -> bindParam(6,$user->no_telp());
$stmt -> bindParam(7,$user->id_role());
$stmt -> bindParam(8, $user->id_kategori());
$stmt -> bindParam(9,$user->foto());

$result=$stmt -> execute();
$koneksi -> commit();
}catch(PDOexception $ex){
echo $ex -> getmessage();
die();
}
$conn = null;
return $user;
}
}
?>


And this one is my action page for form.

<?php
include "../Utility/koneksi.php";
include "../Entity/User.php";
include "../Dao/UserObject.php";
include "../Entity/Role.php";
include "../Dao/RoleObject.php";
$UserObject=new UserObject();
if(isset($_POST["btnSubmitAdmin"]))
{

$uname = $_POST['username'];
$pwd = $_POST['password'];
$nama_dpn = $_POST['NamaDpn'];
$nama_blkng = $_POST['NamaBlkng'];
$notelp=$_POST['no_telp'];
$role=$_POST['role'];
$kategori=$_POST['kategori'];

$tipeFile=$_FILES['foto']['type'];
$lokasiFile=$_FILES['foto']['tmp_name'];
$namaFile=$_FILES['foto']['name'];
$ukuranFile=$_FILES['foto']['size'];
$location="";
if($tipeFile == "image/jpg" or $tipeFile == "image/jpeg" or $tipeFile== "image/png"){
$location = "../img/".$namaFile;
move_uploaded_file($lokasiFile,$location);
}
if($namaFile==""){
$namaFile = "default.jpeg";
}

$uname = TRIM($uname); //untuk hapus spasi di depan/ belakang
$pwd = TRIM($pwd);



$user=new User();
$user->setUsername($uname);
$user->setPassword($pwd);
$user->setNamaDpn($nama_dpn);
$user->setNamaBlkng($nama_blkng);
$user->setNoTelp($notelp);
$user->setRoleId($role);
$user->setKategori($kategori);
$user->setFoto($namaFile);

if($UserObject->insertUser($user)){
echo "<script>alert('Success')</script>";
}
}
?>


Any Idea?? thanks before

Answer

You're trying to execute the statement before you've bound any of the parameters:

$stmt = $koneksi->prepare($query);
$stmt->execute();

First prepare the query, then bind the parameters, then execute the query.

Note: You also execute the statement again after binding the parameters:

$result = $stmt->execute();

I suspect you need only execute the statement once, so you can probably just remove that first execution attempt entirely.

Comments