PHP 警告:PDOStatement::execute(): SQLSTATE[HY093]: 无效的参数号:没有绑定参数

2021-12-26 00:00:00 php pdo

我正在尝试创建一个表单,提交时将更新包含用户信息的数据库.我正在使用 PDO 和事务,但在提交表单时不断收到以下错误

I'm trying to create a form that when submitted will update a database that contains user's information. I am using PDO and transactions but keep getting the following error when the form is submitted

PHP Warning:  PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: no parameters were bound in /var/www/html/resources/memfuncs.php on line 75

这是我的代码:

Settings.php

if(isset($_POST['username'])){
    $id = $_SESSION['id'];
    $username = $_POST['username'];
    $first_name = $_POST['first_name'];
    $last_name = $_POST['last_name'];
    $email = $_POST['email'];
    $password1 = $_POST['password1'];
    $password2 = $_POST['password2'];

    if ($password1 === $password2){
    updatesettings($id, $username, $first_name, $last_name, $email, $password);
    }
}

我没有包含表单的 HTML,尽管它也在上面的文件中.

I haven't included the HTML for the form, although it is also in the above file.

memfuncs.php

function updatesettings($id, $username, $first_name, $last_name, $email){
    global $db;

    $db->beginTransaction();

    try {
        // UPDATE USERNAME
        $st2 = $db->prepare("UPDATE users SET username = :username WHERE id = :id");
        $st2->execute();
        $st2->bindParam (":username", $username, PDO::PARAM_STR);
        $st2->bindParam (":id", $id, PDO::PARAM_INT);
        //UPDATE FIRST + LAST NAME
        $st = $db->prepare("UPDATE users SET first_name = :first_name AND last_name = :last_name WHERE id = :id");
        $st->execute();
        $st->bindParam (":first_name", $first_name, PDO::PARAM_STR);
        $st->bindParam (":last_name", $last_name, PDO::PARAM_STR);
        $st->bindParam (":id", $id, PDO::PARAM_INT);
        // UPDATE Email
        $st3 = $db->prepare("UPDATE users SET email = :email WHERE id = :id");
        $st3->execute();
        $st3->bindParam(":email", $email, PDO::PARAM_STR);
        $st3->bindParam(":id", $id, PDO::PARAM_INT);
        // COMMIT CHANGES
        $db->commit();
    } catch (Exception $error){
        $db->rollBack();
        echo "Failed: " . $error->getMessage();
    }

}   

我做错了什么?

推荐答案

你执行得早,execute()应该是你准备和绑定后做的最后一件事:

You executed to early, execute() should be the last thing you do after preparing and binding:

$st3 = $db->prepare("UPDATE users SET email = :email WHERE id = :id");
$st3->bindParam(":email", $email, PDO::PARAM_STR);
$st3->bindParam(":id", $id, PDO::PARAM_INT);
$st3->execute();

因此,当您 execute() 时,请在 3 个地方修复此问题,如果您要捕获异常,请捕获 PDOException 并放入 $db->beginTransaction(); 在 try 块中,因为这可能会失败!

So fix this in the 3 places when you execute(), also if you're going to catch exceptions catch PDOException and put $db->beginTransaction(); in the try block because that can fail!

相关文章