I'm doing a login window and when I count the number of rows affected by the SELECT statement to validate the account and the password I have a problem.
Error: SQLSTATE[HY000]: General error: 1008 OCIStmtExecute: ORA-01008: not all variables bound (ext\pdo_oci\oci_statement.c:159)
Here is the problem (I did this because I need count number of rows when i do SELECT. All this is to login.)
I found this piece of code in Official page of PHP: Page PHP link (Example number 2)
$resultado = $base->query($sql);
if ($resultado) {
/* Comprobar el número de filas que coinciden con la sentencia SELECT */
if ($resultado->fetchColumn() > 0) {
/* Ejecutar la sentencia SELECT real y trabajar con los resultados */
echo "<h2>Adelante!!</h2>";
}
/* No coincide ningua fila -- hacer algo en consecuencia */
else {
print "Ninguna fila coincide con la consulta.";
}
}
CODE:
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<?php
try
{
$base = new PDO('oci:dbname=localhost', 'hr', 'hr');
$base->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql= "SELECT * FROM DEPARTMENTS WHERE DEPARTMENT_ID=:login AND MANAGER_ID=:password";
$resultado = $base->prepare($sql);
$login = htmlentities(addslashes($_POST["login"]));
$password = htmlentities(addslashes($_POST["password"]));
$resultado->bindValue(":login", $login);
$resultado->bindValue(":password", $password);
$resultado->execute();
$resultado = $base->query($sql);
if ($resultado) {
if ($resultado->fetchColumn() > 0) {
echo "<h2>Adelante!!</h2>";
}
else {
print "Ninguna fila coincide con la consulta.";
}
}
}
catch(Exception $e)
{
die("Error: " .$e->getMessage());
}
?>
</body>
</html>
Try
<?php
$did = 70;
$mid = 204;
try
{
$base = new PDO('oci:dbname=localhost', 'hr', 'hr');
$base->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql= "SELECT * FROM DEPARTMENTS WHERE DEPARTMENT_ID = :did AND MANAGER_ID = :mid";
$resultado = $base->prepare($sql);
$resultado->bindParam(":did", $did);
$resultado->bindParam(":mid", $mid);
$resultado->execute();
while ($row = $resultado->fetch(PDO::FETCH_ASSOC)) {
foreach ($row as $item) {
echo "$item ";
}
echo "
";
}
}
catch(Exception $e)
{
die("Error: " .$e->getMessage());
}
?>
The key thing is not using query() since you already call prepare() & execute(). It was the query() that was giving the ORA-1008 since it didn't have values for the bind variables.
Another thing is don't use addslashes etc with Oracle bind variables. The bind data is always separate from code and should be left as the user submitted.
Also note I used bindParam.
Check out the PDO and PDO_OCI examples and tests in the doc and on GitHub. There are some general concepts that may be useful in The Underground PHP & Oracle Manual.
Finally, use the OCI8 extension, not PDO_OCI. OCI8 is better and has more features.