vijrox vijrox - 5 months ago 9
PHP Question

PHP PDOException: "SQLSTATE[HY093]: Invalid parameter number"

I'm getting the error "SQLSTATE[HY093]: Invalid parameter number" when I try to run the below function:

function add_persist($db, $user_id) {
$hash = md5("per11".$user_id."sist11".time());
$future = time()+(60*60*24*14);
$sql = "INSERT INTO persist (user_id, hash, expire) VALUES (:user_id, :hash, :expire) ON DUPLICATE KEY UPDATE hash=:hash";
$stm = $db->prepare($sql);
$stm->execute(array(":user_id" => $user_id, ":hash" => $hash, ":expire" => $future));
return $hash;
}


I feel like it's something simple that I'm just not catching. Any ideas?

vee vee
Answer

Try:

$sql = "INSERT INTO persist (user_id, hash, expire) VALUES (:user_id, :hash, :expire) ON DUPLICATE KEY UPDATE hash=:hash2";

and

$stm->execute(array(":user_id" => $user_id, ":hash" => $hash, ":expire" => $future, ":hash2" => $hash));

Excerpt from the documentation (http://php.net/manual/en/pdo.prepare.php):

You must include a unique parameter marker for each value you wish to pass in to the statement when you call PDOStatement::execute(). You cannot use a named parameter marker of the same name twice in a prepared statement. You cannot bind multiple values to a single named parameter in, for example, the IN() clause of an SQL statement.