rvdveen27 Posted July 26, 2015 Share Posted July 26, 2015 (edited) Hello all, I'm trying to modify the code for denying a job, by also giving the option to put in a comment as to why the job was denied. I changed the query to how I think it is right, however, this gives me the following error: Failed to run query: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens I compared it to other similar queries but I can't figure out why I'm receiving this error. Here is the full query: $id = $_GET['id']; $id = intval($id); if(!is_numeric($id)) { header("Location: index.php"); exit; } if(!empty($_POST)) $query = " UPDATE drive_routes SET ( status = 1 ,comments ,handledby = ". $_SESSION['userid'] ." ) VALUES ( :comments ) "; $query_params = array( ':id' => $id, ':comments' => $_POST['comments'] ); $query .= " WHERE id = :id "; try { $stmt = $db->prepare($query); $result = $stmt->execute($query_params); } catch(PDOException $ex) { die("Failed to run query: " . $ex->getMessage()); } header("Location: pendjobs.php"); exit; } If anyone could explain me what's going wrong here, that would be greatly appreciated. Thanks in advance. Edited July 26, 2015 by rvdveen27 Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted July 26, 2015 Share Posted July 26, 2015 Your update query is slightly incorrect it should be $query = " UPDATE drive_routes SET status = 1, comments = :comments, handledby = :handleby WHERE id = :id "; $query_params = array( ':comments' => $_POST['comments'], ':handleby' => $_SESSION['userid'], ':id' => $id ); Quote Link to comment Share on other sites More sharing options...
rvdveen27 Posted July 26, 2015 Author Share Posted July 26, 2015 I currently have this: // Check if the user is logged in, otherwise re-direct to the login page. if(empty($_SESSION['user'])) { header("Location: login.php"); exit; } // Check if the user is an admin, otherwise re-direct to the dashboard. if($_SESSION['adminlevel'] == 0) { header("Location: dashboard.php"); exit; } else { if(empty($_GET['id'])) { header("Location: index.php"); exit; } $id = $_GET['id']; $id = intval($id); if(!is_numeric($id)) { header("Location: index.php"); exit; } $query = " UPDATE drive_routes SET status = 1 ,comments = :comments ,handledby = ". $_SESSION['userid'] ." "; $query_params = array( ':id' => $id, ':comments' => $_POST['comments'] ); $query .= " WHERE id = :id "; try { $stmt = $db->prepare($query); $result = $stmt->execute($query_params); } catch(PDOException $ex) { die("Failed to run query: " . $ex->getMessage()); } header("Location: pendjobs.php"); exit; } ?> <div class="container" style="width:450px;"> <form class="form-signin" role="form" action="denyjob.php" method="post"> <h2 class="form-signin-heading">Please leave a comment as to why the job was denied.</h2> <textarea name="comments"></textarea><br /> <button class="btn btn-lg btn-primary btn-block" type="submit">Submit</button> </form> </div> Which works, except it runs the query immediately, without allowing to enter a comment first. Now if I replace the else { on line 21, with else if(!empty($_POST)) { then it fails on: if(empty($_GET['id'])) { header("Location: index.php"); exit; } Meaning it's not getting the id for some reason? Quote Link to comment Share on other sites More sharing options...
Solution Ch0cu3r Posted July 26, 2015 Solution Share Posted July 26, 2015 The id in the url is being removed when the form is submitted. Either leave the form action blank or pass the id as a hidden input field <input type="hidden" name="id" value="<?php echo intval($_GET['id']); ?>" /> You will have to use $_POST['id'] rather than $_GET['id'] in your code. 1 Quote Link to comment Share on other sites More sharing options...
rvdveen27 Posted August 4, 2015 Author Share Posted August 4, 2015 Thanks, managed to solve the problem! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.