Iam getting values from HTML inputs and using ajax to send data from javascript to php and validate them with mysql but i get this error:
<br />n<b>Fatal error</b>: Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in C:\Program Files\xampp\htdocs\pruebaLogin\ajax\procesar_registro.php:12nStack trace:n#0 C:\Program Files\xampp\htdocs\pruebaLogin\ajax\procesar_registro.php(12): PDOStatement->execute()n#1 {main}n thrown in <b>C:\Program Files\xampp\htdocs\pruebaLogin\ajax\procesar_registro.php</b> on line <b>12</b><br />n"
I notice on status is: 200 so i think the problem is maybe inside php file. I’m not sure, I am new with php.
Javascript:
$(document).on("submit", ".form_registro", function(event){ event.preventDefault(); var $form = $(this); var data_form = { nickname: $("#nickname",$form).val(), password: $("#password", $form).val() } if(data_form.nickname.length < 4 ){ $("#msg_error").text("Tu usuario no puede ser menor a 4 letras").show(); return false; }else if(data_form.password.length < 5){ $("#msg_error").text("Tu password debe ser minimo de 8 caracteres.").show(); return false; } $("#msg_error").hide(); var url_php = 'http://localhost:8077/pruebalogin/ajax/procesar_registro.php'; $.ajax({ type:'POST', url: url_php, data: data_form, dataType: 'json', async: true, }) .done(function ajaxDone(res){ console.log(res); if(res.error !== undefined){ $("#msg_error").text(res.error).show(); return false; } if(res.redirect !== undefined){ window.location = res.redirect; } }) .fail(function ajaxError(e){ console.log(e); }) .always(function ajaxSiempre(){ console.log('Final de la llamada ajax.'); }) return false; });
I have this php file to check if user exists and create a new one if not
<?php require_once "../inc/config.php"; if($_SERVER['REQUEST_METHOD'] == 'POST'){ header("Content-Type: application/json"); $return_array=[]; $nickname = strtolower($_POST['nickname']); /* Checking if user exists */ $find_user = $con->prepare("SELECT * FROM usuarios WHERE nickname = '$nickname' LIMIT 1"); $find_user->bindParam(':nickname', $nickname, PDO::PARAM_STR); $find_user->execute(); /* if exists */ if($find_user->rowCount() == 1){ $return_array['error'] = "Este usuario ya está registrado"; $return_array['is_login']= false; }else{ $password =password_hash($_POST['password'],PASSWORD_DEFAULT); $new_user = $con->prepare("INSERT INTO usuarios (nickname, password) VALUES(:nickname, :password)"); $new_user->bindParam(':nickname', $nickname, PDO::PARAM_STR); $new_user->bindParam(':password', $password, PDO::PARAM_STR); $new_user->execute(); $user_id = $con->lastInsertId(); $_SESSION['user_id']= (int) $user_id; $return_array['redirect']= ''; $return_array['is_login']= true; } echo json_encode($return_array); }else{ exit("Refused"); } ?>
Advertisement
Answer
This line
$find_user = $con->prepare("SELECT * FROM usuarios WHERE nickname = '$nickname' LIMIT 1"); $find_user->bindParam(':nickname', $nickname, PDO::PARAM_STR);
Should read
$find_user = $con->prepare("SELECT * FROM usuarios WHERE nickname = :nickname LIMIT 1"); $find_user->bindParam(':nickname', $nickname, PDO::PARAM_STR);
When you’re using bindParam, you don’t put the data into the prepare statement you put the place holder, which in this case is :nickname