/    Sign up×
Community /Pin to ProfileBookmark

PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number

Copy linkTweet thisAlerts:
Nov 01.2021

So I’m trying to build a query string based on user input.

So if certain fields are filled out, additional conditions are added to the string.

Here’s what I’ve built up

[code]
SELECT * FROM `mytable` WHERE (rowID IN (:varA) OR row2ID IN (:varB)) AND DATE(:entryDate) BETWEEN ‘:startDate’ AND ‘:endDate’ ORDER BY DATE(entryDate) DESC
[/code]

I’m getting the follow error

>

**Warning**
> : PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in
> **/home2/public_html/mysite/search.php**
> on line
> **116**

When I log this

[code]
error_log($stmt->debugDumpParams() );
[/code]

I get this

>

SQL: [212] SELECT * FROM `table` g WHERE (rowID IN (:varA) OR row2ID IN (:varB)) AND DATE(entryDate) BETWEEN ‘:startDate’ AND ‘:endDate’ ORDER BY EntryDate DESC Params: 4 Key: Name: [7] :varA paramno=-1 name=[7] “:varB” is_param=1 param_type=2 Key: Name: [7] :varB paramno=-1 name=[7] “:hTeamB” is_param=1 param_type=2 Key: Name: [10] :startDate paramno=-1 name=[10] “:startDate” is_param=1 param_type=2 Key: Name: [8] :endDate paramno=-1 name=[8] “:endDate” is_param=1 param_type=2

I’m build the where clause, then entering into the rest of the $SQL string, doing the PDO prepare line and then adding in the params.

to post a comment
PHP

5 Comments(s)

Copy linkTweet thisAlerts:
@NogDogNov 01.2021 — First thing that jumps out at me: do _not_ quote your place-holders in the SQL. It's just treating them as string literals if you do.

(The PDO prepared statement processor will quote the replaced value if it determines it needs to be quoted.)
Copy linkTweet thisAlerts:
@kiwisauthorNov 01.2021 — @NogDog#1638927

Sorry what do you mean?
Copy linkTweet thisAlerts:
@ginerjmNov 01.2021 — PDO placeholders cannot be arrays - must be individual values.

AND - you don't do this:

'':arg"

Try this

$q = "SELECT * FROM mytable

WHERE (rowID IN (:varA) OR row2ID IN (:varB)) AND DATE(:entryDate) BETWEEN :startDate AND :endDate

ORDER BY DATE(entryDate) DESC";

But you must change from using the IN or come up with some code to translate your varA and varB arrays into multiple varnames to populate those 2 spots.

`
Copy linkTweet thisAlerts:
@NogDogNov 01.2021 — > @kiwis80#1638928 Sorry what do you mean?

**BETWEEN ':startDate' AND ':endDate'** should just be **BETWEEN :startDate AND :endDate** (no quotes around the place-holders).
Copy linkTweet thisAlerts:
@kiwisauthorNov 02.2021 — @NogDog#1638940

cheers, I did spot this and removed them but forgot to update my post.
×

Success!

Help @kiwis spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 4.25,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,

tipper: @Samric24,
tipped: article
amount: 1000 SATS,
)...