PHP - PDO Invalid parameter number

Question

There are a lot of questions about this, but still I can't find a question which answers my question.

I got some code (obviously), which does a query to the database, and for some reason it is returning an error.

// ^ somewhere in the top session_start();
require("rw_conx.php");
try {
    // Get answers from database 
    $db = new PDO ("mysql:host=$host;dbname=$dbname", $username, $pass);
    $db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
    $stmt = $db->prepare("SELECT antwoorden, commentaar
                        FROM antwoorden
                        WHERE vragenlijst = :vragenlijst
                        AND meting = :meting
                        AND behandeltraject = :behandeltraject
                        AND onderzoeksNR = :onderzoeksnummer");
    $vragenlijst = "1";
    $meting = "1";
    $onderzoeksNR = trim(preg_replace('#[^0-9]#', '', $_SESSION["onderzoeksnummer"]));
    $behandeltraject = trim(preg_replace('#[^0-9]#', '', $_SESSION["behandeltraject"]));        
    $stmt->execute(array('vragenlijst'=>$vragenlijst,'meting'=>$meting,'behandeltraject'=>$behandeltraject,'onderzoeksnummer'=>$onderzoeksNR));
    // Render all questions (check if 5's should be hidden), input disabled, no answer categories.          
    $num_rows = $stmt->rowCount();
    $row = $stmt->fetch(PDO::FETCH_NUM, PDO::FETCH_ORI_NEXT);

    // What this does is create a string like: 1=2,2=4,3=5|||COMMENTS|||1=blabla,2=blabla
    if ($num_rows > 0) {
        echo $row[0];
        echo "|||COMMENTS|||";
        echo $row[1];
    } else {
        echo "no data";
    }
} catch(PDOException $e) {
    echo "I'm sorry, I'm afraid I can't do that. (1)";
    file_put_contents('../debug.log', $e->getMessage(), FILE_APPEND);
    exit();
}   

$stmt->execute(array('vragenlijst'=>$vragenlijst,'meting'=>$meting,'behandeltraject'=>$behandeltraject,'onderzoeksnummer'=>$onderzoeksNR));

--- EDIT ---

Just to make this clear, I will explain.

1. I mentioned in my question above, that the sessions were no problem.

What I meant by this was the fact, that the error that occured (SQLSTATE[HY093]) was not thrown because the sessions were empty.

2. The problem still occurs.

Even though the session_start() fixed the query (It now returns the row it should), I am still getting the same error, which is (of course) not supposed to happen.

I hope this clears things up a bit, because everybody is getting mad at me. I did indeed mention the sessions were no problem, and they are no problem for the error that occurs. For some reason the catch function still gives me an error, even though the query succesfully runs.

So, if there are still people who would like to help me out, I would really appreciate it.

--- END EDIT ---

Does anyone see the (probably obvious) flaw?

Check your column names in your table and make sure the types are correct. — Funk Forty Niner, Dec 29 '14 at 12:49
As a test, can you try using `?` instead of `:name` for your parameters in the query, and use `array($vragenlijst, $meting, ...)` in the `execute` call? — Niet the Dark Absol, Dec 29 '14 at 12:50
@NiettheDarkAbsol When I do as you say, it still gives me the same error ... but why? — JiFus, Dec 29 '14 at 12:53
@Fred-ii- the column names are correct, and what do you mean with the types? — JiFus, Dec 29 '14 at 12:55
Hmm, that is quite strange, then. I must admit that at this point I am stumped. — Niet the Dark Absol, Dec 29 '14 at 12:55
@NiettheDarkAbsol so am I, when I run this query in DirectAdmin (so without the placeholders but just with the values `1` it returns a row... — JiFus, Dec 29 '14 at 12:56
Maybe if the column type is a VARCHAR and should be an `int`, it might make a difference. Also check if your column(s) does not contain a space or other hidden character. I've seen that happen before. — Funk Forty Niner, Dec 29 '14 at 12:56
Are all your column's data set to `1` though? Your query might be failing because of the `AND` for all of them. Can you try an `OR` instead? See what that says. At this point, I too am stumped. — Funk Forty Niner, Dec 29 '14 at 13:03
Oh... wait a minute. You mention sessions. Did you start the session? Is `session_start();` included? You mention in a comment below something about `var_dump($_SESSION);` — Funk Forty Niner, Dec 29 '14 at 13:05
@Fred-ii- No, I don't need `OR` because all of them need to be true. If that were true what you say, it wouldn't throw this error. — JiFus, Dec 29 '14 at 13:06
Did you see [this comment](http://stackoverflow.com/questions/27689049/php-pdo-invalid-parameter-number#comment43792155_27689049) just above, about sessions? — Funk Forty Niner, Dec 29 '14 at 13:08
Your code is correct, you should show us the original code with session — Abdallah Arffak, Dec 29 '14 at 13:08
@Fred-ii- LOL turns out you're right, because I was sending a request to a page, instead of including it... You're da MAN! I thought I was including the page. Thank you so much :P — JiFus, Dec 29 '14 at 13:08
Ahhhh great! So, shall I make it an answer after all this? lol — Funk Forty Niner, Dec 29 '14 at 13:09
I have undeleted my original answer and made an edit to it. Glad we solved it, *cheers* - Reload it to see it. — Funk Forty Niner, Dec 29 '14 at 13:11
@NiettheDarkAbsol In case you may not have seen it, the mystery has been solved ;-) — Funk Forty Niner, Dec 29 '14 at 13:23
How is it possible that your code doesn't work with the hard-coded values? — GuyT, Dec 29 '14 at 14:03
@JiFus It seems like there's some sour grapes being thrown around here. I suggest you make an **edit** under your original question and post your actual code with what you're now using including `session_start();` etc. (and not your hard-code values), in order to clear this matter up 100% and not 99%. Having people sore about something isn't right and there's no reason to have any bad blood flowing here. — Funk Forty Niner, Dec 29 '14 at 14:36
@Fred-ii- You miss the point completely. It's not about who is wrong or wright. I just waste some time while I was willing to help the OP. After I saw the solution the whole question wasn't even valid and seems untested(hard-coded values should work). Or am I missing something? — GuyT, Dec 29 '14 at 14:47
@GuyT This whole thing is a genuine fiasco if you ask me. I don't even know which way to throw myself at this point. It's a he-said he-says. Had I known before gotten all this flack about it, I'd of never put in an answer. I asked the OP questions and during that process, the solution was found. The OP accepted my answer, so that's their business, not mine. Why I'm being dragged into all this, heck if I know. I didn't "start" this, it's not my problem and shouldn't be dragged in the mud for it. Far as I'm concerned, this matter is closed. — Funk Forty Niner, Dec 29 '14 at 14:53
I think it is fair to also notify @Fred-ii- . Your edit 2 seems impossible to me. After you have added `session_start()` you got the expected result. The only thing that has changed by adding the `session_start()` is that your variables are set. — GuyT, Dec 30 '14 at 11:25
@GuyT I know it seems impossible. I'll now paste in my real code. — JiFus, Dec 30 '14 at 11:27
Could you execute following command before the execute: `print_r(array('vragenlijst'=>$vragenlijst,'meting'=>$meting,'behandeltraject'=>$behandeltraject,'onderzoeksnummer'=>$onderzoeksNR));` and post the results? — GuyT, Dec 30 '14 at 11:47
`syntax error, unexpected T_VARIABLE, expecting ')'` On the line with the `print_r` code... — JiFus, Dec 30 '14 at 11:53
Ahaaaa.. This could clear some things up. When I paste that code in: http://writecodeonline.com/php/ . You will see that the variable `$behandeltraject` is malformed after you run the code. A space will solve this issue. Probably an encoding error or something? When you look at the online compiler I have also noticed that all variables are blue, except the `$behandeltraject` one. **I have found it** You have a zero width space in your file()! — GuyT, Dec 30 '14 at 11:57
That's why the input parameters doesn't match(`$behandeltraject is not defined)` — GuyT, Dec 30 '14 at 12:03

score 2 · Answer 1 · edited May 23 '17 at 12:28

2

Seeing that the mystery has been solved by GuyT <=(edit), am posting the following as per a comment I left under OP's question:

You mention sessions. Did you start the session?

Is session_start(); included?

You mentioned in a comment in another answer about var_dump($_SESSION);

session_start(); is required to be inside all files using sessions.

Original answer, added one above:

You forgot the $ sign for onderzoeksNR in

'onderzoeksnummer'=> onderzoeksNR
                    ^ right there

in regards to

$onderzoeksNR = "1";

change it to

'onderzoeksnummer'=>$onderzoeksNR

edited May 23 '17 at 12:28

Community

1
1

answered Dec 29 '14 at 12:40

Funk Forty Niner

74,450
15
68
141

Good job, I was sure it had to be something obvious, but this? Cheers! – JiFus Dec 29 '14 at 13:13
@JiFus Yeah, sometimes it's those little wee-things that makes it harder to figure out why something fails. I'm so glad that we were able to solve it :) *Cheers* and you're very much welcome. – Funk Forty Niner Dec 29 '14 at 13:14
Exactly what my guess was, first but OP said "noh I checked, it is correct, session not problem" – Daniel W. Dec 29 '14 at 13:36
@DanFromGermany The `// Normally this are sessions...` in OP's code had me raise a brow from the start and I should have questioned it originally. This one was a tricky one. – Funk Forty Niner Dec 29 '14 at 13:38
@DanFromGermany Btw, is that your DV? If it is then it's uncalled for, don't be sore, you've no reason to attack me. Your answer wasn't the solution. I earned mine and asked the right questions. – Funk Forty Niner Dec 29 '14 at 13:38
I did answer this, 42 minutes ago "... one of the values is an array or null" ... without a session beeing started, the values are nulls... – Daniel W. Dec 29 '14 at 13:42
@DanFromGermany You never made the mention about if the session was started. Go over your own answer again. You included about doing it a different way, which doesn't matter. Either methods work. So, don't be sore about it, you've no reason to be. I could have easily DV'd yours, but I didn't. I had "no reason" to really. I'm not like that. I'll post a comment about it when I do. ;-) – Funk Forty Niner Dec 29 '14 at 13:43
@Fred-ii- However guys, the code still throws an error, but It returns the row succesfully – JiFus Dec 29 '14 at 14:14

score 2 · Accepted Answer · edited May 23 '17 at 10:26

2

The problem you are facing is due to a zero width space( in unicode). This might be automatically added in the editor that you are using. jQuery will also insert zero width space characters as you can read here.

But why is it giving me the `SQLSTATE[HY093]` error?

This is because $behandeltraject is not defined(there is a zero width space in front of it) so the parameters will not match.

edited May 23 '17 at 10:26

Community

1
1

answered Dec 30 '14 at 12:21

GuyT

4,316
2
16
30

Way to go Guy. I have seen that before (unicode), but inside jQuery scripts that would break the OP's code, but never like this. I have modified my answer slightly. – Funk Forty Niner Dec 30 '14 at 13:05
@Fred-ii- Yeah, it's a strange issue. I guess the OP copied the code from somewhere else(probably a Dutch PHP lesson). I am glad we have solved it together(session + zero width space). – GuyT Dec 30 '14 at 13:57
Indeed strange Guy. First time I got wind of a unicode character in OP's code some time back, pasted the whole thing in strangely enough (Notepad, then MS Frontpage). Frontpage displayed the hidden character as `` where I started Googling it, having found what it was. There are other hidden characters that find their way into code, as to how they get there is sometimes a mystery; type of editor used or done online(?). I now use a proper IDE, but those that I've mention still serve me well (to a certain extent). *Cheers* and glad this matter was resolved; *finally*. – Funk Forty Niner Dec 30 '14 at 14:04

score 0 · Answer 3 · answered Dec 29 '14 at 12:57

0

My guess is, that either the error is coming from a different statement, or one of the values is an array or null in your code using the session variables

// Normally this are sessions, I checked them, and they contain a value.

You should be using the bindParam member,

$sth->bindParam(':calories', $calories, PDO::PARAM_INT);

...because

it doesn't throw strange errors
using execute(), all params are converted to string.

http://php.net/manual/en/pdostatement.execute.php

answered Dec 29 '14 at 12:57

Daniel W.

31,164
13
93
151

at your link (http://php.net/manual/en/pdostatement.execute.php) it says the following: "you must either: call PDOStatement::bindParam() to bind PHP variables..." OR "pass an array of input-only parameter values" So why then does the array part not work? – JiFus Dec 29 '14 at 13:00
I think the error is somewhere else. For me, `execute(array())`-style works. I guess your original code is different from the one above. – Daniel W. Dec 29 '14 at 13:02
OP should just accept yours then, if it'll make you feel any better. Btw, both methods work in PDO, so you're partly wrong. – Funk Forty Niner Dec 29 '14 at 13:47
@Fred-ii- You are correct that Dan is partly wrong, but his first thoughts were right. In my opinion this is a bad question. Certainly after the OP wrote *Normally this are sessions, I checked them, and they contain a value.* and at the end the values were empty. – GuyT Dec 29 '14 at 14:19

PHP - PDO Invalid parameter number

3 Answers3

But why is it giving me the SQLSTATE[HY093] error?

But why is it giving me the `SQLSTATE[HY093]` error?