scuttzz Posted September 22, 2014 Share Posted September 22, 2014 hey all, I've finally took a leap towards the brighter side of coding.. and Ive started to convert my code from php to opp pdo ect.. However the errors Ive been through my cms's and well anything to do with inserting into a database is rather confusing.. ERRORS such as invalid parameter number,. What does this mean? Here's the code that im getting the error from: <?php //if form has been submitted process it if(isset($_POST['submit'])){ $_POST = array_map( 'stripslashes', $_POST ); //collect form data extract($_POST); //very basic validation if($title ==''){ $error[] = 'Please enter the title.'; } if($short_desc ==''){ $error[] = 'Please enter a short description.'; } if($full_desc ==''){ $error[] = 'Please enter a full description.'; } if(!isset($error)){ try { //insert into database $stmt = $handler->prepare('INSERT INTO calendar_event (title,short_desc,full_desc,date) VALUES (:title, :short_desc, :full_desc, :date)') ; $stmt->execute(array( ':title' => $title, ':short_desc' => $short_desc, ':ful_desc' => $full_desc, ':date' => date('Y-m-d') )); //redirect to index page header('Location: index.php?action=added'); exit; } catch(PDOException $e) { echo $e->getMessage(); } } } //check for any errors if(isset($error)){ foreach($error as $error){ echo '<p class="error">'.$error.'</p>'; } } ?> <form action='' method='post'> <table class="admin_table_defaults"> <tr> <th width="10px">Title</th> <th width="200px">Date</th> <th width="200px"> </th> <th></th> </tr> <tr> <td><input type='text' name='title' value='<?php if(isset($error)){ echo $_POST['title'];}?>'></td> <td><input type='date' name='date' value='<?php if(isset($error)){ echo $_POST['date'];}?>'></td> <td><td> </tr> </table> <table class="admin_table_defaults"> <tr> <th style="text-align:left;"> Short Description <span class="small_text"> : NB - Please avoid using images, align properties, stick to text format. <br/><b style="background:#fff;font-size:14px;">Note : There's a character max of 100 characters for this field</b></span></th> </tr> <tr> <td><textarea name='short_desc' cols='60' rows='10' ><?php if(isset($error)){ echo $_POST['short_desc'];}?></textarea></td> </tr> <tr> </table> <table class="admin_table_defaults"> <tr> <th style="text-align:left;"> Full Description: <span class="small_text"></th> </tr> <tr> <td><textarea name='full_desc' cols='60' rows='10'><?php if(isset($error)){ echo $_POST['full_desc'];}?></textarea></td> </tr> <tr> <td><input class="admin_submit_btn"type='submit' name='submit' value='Submit'></td> </tr> <tr> </table> </tr> </table> </form> Any help will be greatly appreciated Thanks in advance.. Quote Link to comment Share on other sites More sharing options...
requinix Posted September 22, 2014 Share Posted September 22, 2014 There's a typo in your code that does the query. Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted September 22, 2014 Share Posted September 22, 2014 “ful_desc” and “full_desc” are two different identifiers. You need to choose one and stick to it. Besides that, I have no idea why you catch all PDO exceptions and print the message on the screen. Do you really want all users to see your database issues on their screen? Do you realize that the default behaviour of exceptions is much smarter? They send the message to the appropriate device according to your display_errors and your log_errors setting. In a development environment, you'll want the messages on the screen for easier debugging, so you turn display_errors on and log_errors off. On a live site, you want the messages in a log file and not on the screen, so you turn display_errors off and log_errors on. Quote Link to comment Share on other sites More sharing options...
ginerjm Posted September 22, 2014 Share Posted September 22, 2014 Try adding php error checking (in my signature) to see which lines are giving you errors and the messages. Quote Link to comment Share on other sites More sharing options...
mogosselin Posted September 22, 2014 Share Posted September 22, 2014 The error you get has to do with this code: $stmt = $handler->prepare('INSERT INTO calendar_event (title,short_desc,full_desc,date) VALUES (:title, :short_desc, :full_desc, :date)') ; $stmt->execute(array( ':title' => $title, ':short_desc' => $short_desc, ':ful_desc' => $full_desc, ':date' => date('Y-m-d') )); More specifically, the 'placeholders' like :title, :short_desc, etc... When you try to bind the parameters of your query with actual values, PDO/PHP will throw an error at you if you don't have the right amount of 'parameters' to replace the placeholders. For example, if you have a query like: 'SELECT * FROM user WHERE username = :username and title = :title' and you try to bind the parameters like this: $stmt->execute(array( ':title' => $title )) PHP won't be happy, because the :username is not there. It will then throw you this error: Invalid parameter number: number of bound variables does not match number of tokens Same thing if you make a mistake while typing your placehodlers VS the name that you pass in the array. If for the same request I would do: $stmt->execute(array( ':title' => $title, ':usernameWithATypo' => $username )) Notice how ':usernameWithATypo' is not the same as the ':username' we had in our query.... If you do this, PHP won't be happy and will throw you a similar error message: Invalid parameter number: parameter was not defined in We could argue that the 'Invalid parameter number' isn't technically OK, because we sent the right amount of parameters expected, only one that wasn't correctly spelled... but still, that's the error that PHP will throw. As for catching the errors that PDO sends, it's true that it's not a good practice. What you want to do in your 'live' website, is to display a nice error page to your users. To do this, you can use the method 'set_exception_handler' - Also, here's a post I wrote about it if you're interested to know more. So, in summary, you probably don't need the 'try catch' for PDO exception and you can just let them 'bubble up'. And, if you specify a function with set_exception_handler', this function will be called each time an exception is raised and not catch. Which makes it way easier Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted September 22, 2014 Share Posted September 22, 2014 What you want to do in your 'live' website, is to display a nice error page to your users. To do this, you can use the method 'set_exception_handler' No, you don't. It makes absolutely no sense whatsoever to create an error handler specifically for exceptions. What's so special about them? Should a “normal” fatal error get a different error page, or what? In fact, it's funny that people feverishly catch exceptions and write their own error handlers, but nobody seems to realize that PHP itself already has those functionalities: If a fatal error is triggered, display_errors is off and no output has been generated, PHP automatically emits a 500 response code. Now your webserver simply needs to deliver a custom 500 error page. No code required. There may be some edge cases where the standard error features are not accessible or not sufficient, but most of the time, custom error handlers are completely unnecesary and just repeat core features. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.