3

Hopefully a quick and obvious error on my part, I had a peek through previous questions but could not find question directly related to my question, so forgive me for opening what should be considered a fairly simple question, but after years of working with mysql the PDO switch is not coming easily

What I want to do

Simply insert entered form data to a new row of my table

Code

HTML

<form name="animals" id="animals" method="post">
    <label for="animalType">Animal Type: </label>
    <input type="text" required="required" name="animalType" />
    <br />
    <br />
    <label for="animalName">Animal Name:</label>
    <input type="text" required="required" name="animalName" />
    <br />    
    <button type="submit" name="submit">Add</button>
</form>

PHP

if(isset($_POST['submit'])){
    //here we get the data submitted in form and assign to vars
    $type = $_POST['animalType'];
    $name = $_POST['animalName'];
    //here we are preparing our SQL statment
    $sql = "INSERT INTO animals
            (animal_type, animal_name)
             VALUES
             (?,?)";
    //prepare DB as per above        
    $statement = $db->prepare($sql);
    $statement->bindParam("ss", $type, $name);
    $success = $statement->execute();
    if($success){
        echo'Welldone Chuck, Successfully Updated'; 
    }
    else{
        $error = $db->error;
        echo'Whoopsy Doopsy someone made a boopsy, ERROR INFO: $error'; 
    }
    $statement->close();
}

Error:

PDOStatement::bindParam() expects parameter 3 to be long, string given

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: no parameters were bound'

Possible Reason For Error?

Dreamweaver as I am typing brings up a help function, as it often does (paramNo, Param, ParamType) should I specify that I am binding 2 parameters here? (which I tried but same error as above though.)

Table

enter image description here

Thanks a million

Community
  • 1
  • 1
Timothy Coetzee
  • 5,626
  • 9
  • 34
  • 97
  • 3
    PDO's `bindParam` does NOT have `ss` and is mysqli_ prepared statements syntax. Did you not read the manual?? – Funk Forty Niner May 16 '16 at 12:37
  • @Fred-ii- Sorry when I remove that I get error `Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens` – Timothy Coetzee May 16 '16 at 12:41
  • @Fred-ii- and no I did NOT as I am working as per my university handbook, which is horribly confusing – Timothy Coetzee May 16 '16 at 12:42
  • @Fred-ii- The thing with the manual is it can be very hard for novices to understand sometimes, but thanks for comment – Timothy Coetzee May 16 '16 at 12:44
  • Well that handbook either has errors or you're using mysqli_ to connect with and didn't notice the underscore between `bind` and `param`, should that be the case. Either way, you can't mix MySQL APIs. – Funk Forty Niner May 16 '16 at 12:47
  • @Fred-ii- YES, I was just messaging you to ask about that, it has an underscore in my book, which I overlooked – Timothy Coetzee May 16 '16 at 12:48
  • 1
    and there we have it. Problem solved. Use `bind_param` and you'll be good to go ;-) – Funk Forty Niner May 16 '16 at 12:49
  • I'll also bet my last dollar that the person who gave you an answer, might notice my comments here and will change their answer *lol* and should, because it's wrong. – Funk Forty Niner May 16 '16 at 12:50
  • @Fred-ii- U prob would have won..Is that why I am getting the ` Call to undefined method PDOStatement::bind_param()` error now? :-( (crying out loud) I am using PDO to connect.... `$dsn ='mysql:host=localhost;dbname=tim'; $uName = 'root'; $pWord= ''; $options= array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);` – Timothy Coetzee May 16 '16 at 12:54
  • ok now I don't know where to throw myself *lol* - You say the book contains the underscore but does that book also tell you to use the same API to connect with? It seems I have to delete my comments in the answer below now, as you're connecting with PDO but now using mysqli_ syntax. Replace it with what the guy gave you below. The duplicate though, still stands. – Funk Forty Niner May 16 '16 at 12:56
  • @Fred-ii- No kidding mate ill upload you a GIF of the example code in book, gimmie a second – Timothy Coetzee May 16 '16 at 12:57
  • 1
    Better place: the manual on prepared statements http://php.net/pdo.prepared-statements and error checking http://php.net/manual/en/pdo.error-handling.php – Funk Forty Niner May 16 '16 at 13:00
  • @Fred-ii- no offence First check and then comment :) it would be nice. Read the post it is mentioned clearly `"PDOStatement::bindParam()" & "Fatal error: Uncaught exception 'PDOException"` If the statement was was having mysqli connection it might have thrown some things else instead of PDO error (y) – Naresh Kumar May 16 '16 at 13:05
  • 1
    @NareshKumar given the unknown API that the OP was using from the start, my comments were relevant. When I found out what he was using, I removed my comments. So had I known from the start and knew exactly which animal(s) we were dealing with, I wouldn't have posted those comments. I feel I wasn't in the wrong from the start. – Funk Forty Niner May 16 '16 at 13:07
  • ok I'm out of this question. Sorry Timothy. – Funk Forty Niner May 16 '16 at 13:08

1 Answers1

4

Replace 

$statement = $db->prepare($sql);
$statement->bindParam("ss", $type, $name);

with

$statement = $db->prepare($sql);
$statement->bindParam(1, $type, PDO::PARAM_STR);
$statement->bindParam(2, $name, PDO::PARAM_STR);

For more information, refer to the manual PDO Bind Param

Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
Naresh Kumar
  • 561
  • 2
  • 15