0

I'm trying to use PDO to insert data into my database but I'm getting this error

Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' at line 1 in C:\xampp\htdocs\pfe\users\execute.php:21 Stack trace: #0 C:\xampp\htdocs\pfe\users\execute.php(21): PDOStatement->execute() #1 {main} thrown in C:\xampp\htdocs\pfe\users\execute.php on line 21'

this is my code :

<?php

session_start();

require_once("database.php");

$req = $dbh ->prepare('INSERT INTO idad
                                (etat, description, image, localisation, 
                                statut, categorie, author_num, created_at) 
                        VALUES(:etat, :description, :image, :localisation, 
                                :statut, :categorie, :author_num, NOW() ');

$req ->bindParam(':etat' , $_POST["etat"]);
$req ->bindParam(":description" , $_POST["description"]);
$req ->bindParam(":image" , $_POST["image"]);
$req ->bindParam(":localisation" , $_POST["localisation"]);
$req ->bindParam(":statut" , $config['STATUS'][0]);
$req ->bindParam(":categorie" , $_POST["categorie"]);
$req ->bindParam(":author_num" , $_SESSION["id"]);

$req ->execute();

var_dump($_POST);
var_dump($_SESSION);
var_dump($config);

?>
RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
nada
  • 11
  • 1
  • 1
    You are missing a close `)` for the values in `, NOW() ');` – Nigel Ren Jun 02 '21 at 10:12
  • So `NOW() )');` – RiggsFolly Jun 02 '21 at 10:16
  • thank u this problem is solved but there is another one Can I Get Some Help this is the problem `atal error: Uncaught PDOException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'author_num' cannot be null in C:\xampp\htdocs\pfe\users\execute.php:21 Stack trace: #0 C:\xampp\htdocs\pfe\users\execute.php(21): PDOStatement->execute() #1 {main} thrown in C:\xampp\htdocs\pfe\users\execute.php on line 21` – nada Jun 02 '21 at 10:28
  • That suggests that `$_SESSION["id"]` was null, don't you think – ADyson Jun 02 '21 at 11:53
  • n no it's not null, but it's import from another table i don't know why it doesn't work – nada Jun 02 '21 at 12:41
  • `no it's not null`...it must be null, that's what the error is telling you - it's saying you can't leave that field null when inserting. Debug your code and make sure that the ID value in the Session is set correctly before you execute the query. `it's import from another table`...we don't really know what that means, out of context. All we can see is that you tried to put a value from the Session into the `author_num` column, but that the SQL is complaining that you can't put `null` values into that column. – ADyson Jun 02 '21 at 13:06

1 Answers1

-1

Instead of having multiple lines of bindParam, did you try :

$req -> execute(array(
        ':param1' => $my_param1,
        ':param2' => $my_param2,
        ':param3' => $my_param3,
    ));

I'm not sure your solution work or not, it's just I always did it my way because got recommended to do it this way, for security purposes if I'm right (still learning).

Also my code may be clearer and if I'm right about it, your code doesn't verify your $_POST variables aren't undefined nor empty so maybe it will lead to problems one day.

Brice Joosten
  • 104
  • 2
  • 13
  • There's no difference between your way and bindParam, it's just different syntax, the result is identical – ADyson Jun 02 '21 at 11:52