Home>

After checking the input contents, I want to reflect it in the database normally.

Please write your question in detail here.
I am making an inventory management application with PHP.
After inputting the inventory information correction screen, an error occurred when checking the input contents and reflecting it in the database.
When I checked the error, it was said that the arguments were different, but as far as I checked, I could not find any mistakes in the arguments.
If there is any other suspicious part, please let me know.

SQLSTATE [HY093]: Invalid parameter number: number of bound variables does not match number of tokens
Corresponding source code

"Stock_edit_check.php Input content check"

<? php
session_start ();
session_regenerate_id (true);
if (isset ($_SESSION ['login']) == false)
{
    print'You will not be logged in.<br />';
    print' Go to login screen ';
    exit ();
}
else else
{
    print $_SESSION ['user_name'];
    print'san logged in<br />';
    print'<br />';
}
?><! DOCTYPE html><html><head><meta charset = "UTF-8"><title>Inventory correction</title></head><body><? php
require_once ('../ common/common.php');
$post = sanitize ($_ POST);
if (! empty ($_POST ['stock_id']))
{
    $stock_id = $_POST ['stock_id'];
}
$stock_purchase_date = $_POST ['purchase_date'];
$stock_deadline = $_POST ['deadline'];
$stock_name = $_POST ['stock_name'];
$stock_price = $_POST ['price'];
$stock_number = $_POST ['number'];
$stock_gazou_name_old = $_POST ['gazou_name_old'];
$stock_gazou = $_FILES ['gazou'];
if ($stock_gazou ['size']>0)
{
    if ($stock_gazou ['size']>1000000)
    {
        print'The image is too large. ';
    }
    else else
    {
        move_uploaded_file ($stock_gazou ['tmp_name'],

'./gazou/'. $stock_gazou ['name']);
        print'';
        print'<br />';
    }
}
if ($stock_purchase_date =='')
{
    print'The purchase date has not been entered.<br />';
}
else else
{
    print'Purchase date:';
    print $stock_purchase_date;
    print'<br />';
}
if ($stock_deadline =='')
{
    print'The expiration date has not been entered.<br />';
}
else else
{
    print'Expiration date:';
    print $stock_deadline;
    print'<br />';}
if ($stock_name =='')
{
    print'The product name has not been entered.<br />';
}
else else
{
    print'Product name:';
    print $stock_name;
    print'<br />';
}
if (preg_match ('/ \ A [0-9] + \ z /', $stock_price) == 0)
{
    print'Please enter the price properly.<br />';
}
else else
{
    print'Price:';
    print $stock_price;
    print'yen<br />';
}
if ($stock_number =='')
{
    print'The quantity has not been entered.<br />';
}
else else
{
    print'quantity:';
    print $stock_number;
    print'<br />';
}
if ($stock_name =='' || preg_match ('/ \ A [0-9] + \ z /', $stock_price) == 0 || $stock_gazou ['size']>1000000)
{
    print'<form>';
    print'<input type = "button" onclick = "history.back ()" value = "back">';
    print'</form>';
}
else else
{
    print'Change as above.<br />';
    print'<form method = "post" action = "stock_edit_done.php">';
    if (isset ($stock_id))
    {
        print'<input type = "hidden" name = "stock_id" value = "'. $Stock_id.'">';
    }
    print'<input type = "hidden" name = "purchase_date" value = "'. $Stock_purchase_date.'">';
    print'<input type = "hidden" name = "deadline" value = "'. $Stock_deadline.'">';
    print'<input type = "hidden" name = "stock_name" value = "'. $Stock_name.'">';
    print'<input type = "hidden" name = "price" value = "'. $Stock_price.'">';
    print'<input type = "hidden" name = "number" value = "'. $Stock_number.'">';
    print'<input type = "hidden" name = "gazou_name_old" value = "'. $Stock_gazou_name_old.'">';
    print'<input type = "hidden" name = "gazou_name" value = "'. $Stock_gazou ['name'].'">';
    print'<br />';
    print'<input type = "button" onclick = "history.back ()" value = "back">';
    print'<input type = "submit" value = "OK">';
    print'</form>';
}
?></body></html>


"Reflect in stock_edit_done.php database"

<? php
session_start ();
session_regenerate_id (true);
if (isset ($_SESSION ['login']) == false)
{
    print'You will not be logged in.<br />';
    print' Go to login screen ';
    exit ();
}
else else
{
    print $_SESSION ['user_name'];
    print'san logged in<br />';
    print'<br />';
}
?><! DOCTYPE html><html><head><meta charset = "UTF-8"><title>Inventory correction</title></head><body><? php
try
{
require_once ('../ common/common.php');
$post = sanitize ($_ POST);
if (! empty ($_POST ['stock_id']))
{
    $stock_id = $_POST ['stock_id'];
}
if (! empty ($_POST ['purchase_date']))
{
    $stock_purchase_date = $_POST ['purchase_date'];
}
if (! empty ($_POST ['deadline']))
{
    $stock_deadline = $_POST ['deadline'];
}
$stock_name = $_POST ['stock_name'];
$stock_price = $_POST ['price'];
if (! empty ($_ POST ['number']))
{
    $stock_number = $_POST ['number'];
}
$stock_gazou_name_old = $_POST ['gazou_name_old'];
$stock_gazou_name = $_POST ['gazou_name'];
$dsn ='mysql: dbname = user;host = localhost;charset = utf8';
$user ='yusei';
$password ='rogin1111';
$dbh = new PDO ($dsn, $user, $password);
$dbh->setAttribute (PDO :: ATTR_ERRMODE, PDO :: ERRMODE_EXCEPTION);
$sql ='UPDATE stocks SET purchase_date = ?, deadline = ?, stock_name = ?, price = ?, number = ?, gazou =? WHERE stock_id =?';
$stmt = $dbh->prepare ($sql);
if (isset ($stock_purchase_date))
{
   $data [] = $stock_purchase_date;
}
if (isset ($stock_deadline))
{
    $data [] = $stock_deadline;
}
$data [] = $stock_name;
$data [] = $stock_price;
if (isset ($stock_number))
{
    $data [] = $stock_number;
}
if (isset ($stock_id))
{
    $data [] = $stock_id;
}
$data [] = $stock_gazou_name;
$stmt->execute ($data);
$dbh = null;
if ($stock_gazou_name_old! = $stock_gazou_name)
{
    if ($stock_gazou_name_old! ='')
    {
    unlink ('./ gazou /'. $Stock_gazou_name_old);
    }
}
print'fixed.<br />';
}
catch (Exception $e)
{
    echo "Error occurred:". Htmlspecialchars ($e->getMessage (), ENT_QUOTES,'UTF-8'). "<br>";
    print'We are sorry for the inconvenience caused by the failure. ';
    exit ();
}
?><form action = "list.php"><input type = "submit" value = "back"></form></body></html>
What I tried

Check if the arguments are correct in stock_edit_check.php and stock_edit_done.php.

Supplementary information (FW/tool version, etc.)

Please provide more detailed information here.

  • Answer # 1

    SQLSTATE [HY093]: Invalid parameter number: number of bound variables does not match number of tokens

    Because there is

    $stmt->execute ($data);


    Just before$dataMake sure that is the intended array.

    I've only skimmed the code, but the SQL for prepared statements is fixed and the input parameters
    isset ($parameter)After,$data [] = $parameterTherefore, if isset determines false, an error will occur.

  • Answer # 2

    I'm sorry, I misunderstood the meaning of the error.

    ?? It seems to be an error that occurs when the number of variables and the number of variables are different.
    SQLSTATE: HY093

    As te2ji answered, please check the contents of the $data array just before executing SQL.

    With this code, even in one place, if isset () becomes false, the numbers will not match.

    The wrong answer is as follows.

    I'm guessing because the structure of the stocks table is unknown.

    Isn't the number column of the stocks table a numeric type?
    If you try to assign a string to a numeric type, you will probably get this error.

    $data [] = $stock_number;

    At this point, the required type is unknown, so it seems that it will be stored as a character string, so please set it after setting it to an appropriate type.