I'm trying to make a query function as follow :
public function Query( $sql, $params = array() ) {
$this->error = false;
if ( $this->query = $this->pdo->prepare( $sql ) ) {
for ( $i = 0, $size = count( $params ); $i < $size; $i ++ ) {
echo $i;
$this->query->bindValue( $i, $params[ $i ] );
}
if ( $this->query->execute() ) {
echo 'suc';
}
}
}
and call it like this :
$mysql->Query( "SELECT * FROM `client_info` WHERE `name` = ? AND `password`= ?", array(
'test',
'test'
) );
and the result is :
Warning: PDOStatement::bindValue(): SQLSTATE[HY093]: Invalid parameter number: Columns/Parameters are 1-based
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens
I have no clue what's wrong here , everything supposed to be fine and it should work!!
$i = 0
And
Warning: PDOStatement::bindValue(): SQLSTATE[HY093]: Invalid parameter number: Columns/Parameters are 1-based
Compare those two things, you will notice that your $i has to start at 1, not 0.
This can also be confirmed from the PHP Manual
parameter
Parameter identifier. For a prepared statement using named placeholders, this will be a parameter name of the form :name. For a prepared statement using question mark placeholders, this will be the 1-indexed position of the parameter.
You can also get this issue when you do something as simple as having a messed up abstraction function and you end up passing an array to the bindValue() when it should be a string, as in:
$a = array(':slug','mickey1');
$st = $PDO->prepare($sSQL);
$st->bindValue(':slug',$a); // the bug!
In my case, I should have made $a as array(':slug' => 'mickey1') and should have iterated my array so that I could bindValue() by each string key of the associative array.