kalster Posted January 3, 2015 Share Posted January 3, 2015 with php pdo, the bindParam is not working. The query outputs :words and instead of the $words value. How can i get this code working? $sql = "SELECT count(*) FROM posts WHERE MATCH (comments) AGAINST (':words' IN BOOLEAN MODE)"; $stmt = $db->prepare($sql); $stmt->bindParam(':words', $words); $stmt->execute(); which code example is more safe? The code below now has $words instead of :words but is missing bindParam. $stmt = $db->prepare(SELECT count(*) FROM posts WHERE MATCH (comments) AGAINST ('$words' IN BOOLEAN MODE)"); $stmt->execute(); $words is passed through both php $_get and $_post Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/ Share on other sites More sharing options...
mac_gyver Posted January 3, 2015 Share Posted January 3, 2015 the place-holder in the sql statement should not have single-quotes around it - $sql = "SELECT count(*) FROM posts WHERE MATCH (comments) AGAINST (:words IN BOOLEAN MODE)"; Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501567 Share on other sites More sharing options...
kalster Posted January 3, 2015 Author Share Posted January 3, 2015 I already tried that but it's still not working. Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501568 Share on other sites More sharing options...
mac_gyver Posted January 3, 2015 Share Posted January 3, 2015 define 'not working'? what symptom or error are you getting the leads you to believe it doesn't work? also, there may be a mysql version dependency that will prevent using any bound parameter in this type of comparison in a query statement and it may even be related to using emulated prepares (which is the default, unless you have specifically turned them off.) Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501569 Share on other sites More sharing options...
kalster Posted January 3, 2015 Author Share Posted January 3, 2015 (edited) PDO::ATTR_EMULATE_PREPARES, i tried 'true' and still the same error. SQLSTATE[HY093]: Invalid parameter number $sql = "SELECT count(*) FROM posts WHERE MATCH (comments) AGAINST (:words IN BOOLEAN MODE)"; $stmt = $db->prepare($sql); $stmt->bindParam(':words', $words); $stmt->execute(); Edited January 3, 2015 by kalster Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501570 Share on other sites More sharing options...
mac_gyver Posted January 3, 2015 Share Posted January 3, 2015 i tried your query/code on my development system and it doesn't throw that error. are you sure the error isn't coming from some other query? if you are using exceptions and are not echoing the $sql statement and/or the line and file where the exception was thrown at, it could be from a completely different query statement. the error is typically when you have a different number of place-holders in the query than what you have bound. also, there's a slight chance that the actual value in $words could be causing such an error. what value are you testing with in $words? Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501571 Share on other sites More sharing options...
kalster Posted January 3, 2015 Author Share Posted January 3, 2015 (edited) the variable $words could contain any one word and without numbers in it. Also, the full query has more than one :words in it. the query with many $words in it gives no errors Edited January 3, 2015 by kalster Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501573 Share on other sites More sharing options...
Solution mac_gyver Posted January 3, 2015 Solution Share Posted January 3, 2015 Also, the full query has more than one :words in it. a) you cannot do that. each place-holder can only appear once in a query, with a bind statement for each. you would need to use something like :words1, :words2 but bind the same variable to each. b) when you don't post the actual code/query that is causing a problem, you just waste everyone's time. Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501574 Share on other sites More sharing options...
kalster Posted January 3, 2015 Author Share Posted January 3, 2015 thank you. and also, at first i thought that was the actual code. I made a mistake and copied the wrong $sql. i have four $sql, each going to the same pdo code and based on a condition. Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501576 Share on other sites More sharing options...
mac_gyver Posted January 3, 2015 Share Posted January 3, 2015 that would be why your error handling should tell you everything possible about the error - if you are using exceptions and are not echoing the $sql statement and/or the line and file where the exception was thrown at, it could be from a completely different query statement. Quote Link to comment https://forums.phpfreaks.com/topic/293609-bindparam-not-working-with-preparesql/#findComment-1501577 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.