Skip to content
Advertisement

Error Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in.. (path)

Iam getting values from HTML inputs and using ajax to send data from javascript to php and validate them with mysql but i get this error:

<br />n<b>Fatal error</b>:  Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens in C:\Program Files\xampp\htdocs\pruebaLogin\ajax\procesar_registro.php:12nStack trace:n#0 C:\Program Files\xampp\htdocs\pruebaLogin\ajax\procesar_registro.php(12): PDOStatement-&gt;execute()n#1 {main}n  thrown in <b>C:\Program Files\xampp\htdocs\pruebaLogin\ajax\procesar_registro.php</b> on line <b>12</b><br />n"

I notice on status is: 200 so i think the problem is maybe inside php file. I’m not sure, I am new with php.

Javascript:

$(document).on("submit", ".form_registro", function(event){
    event.preventDefault();
    var $form = $(this);
   
    var data_form = {
        nickname: $("#nickname",$form).val(),
        password: $("#password", $form).val() 
    }
    if(data_form.nickname.length < 4 ){
        $("#msg_error").text("Tu usuario no puede ser menor a 4 letras").show();
        return false;        
    }else if(data_form.password.length < 5){
        $("#msg_error").text("Tu password debe ser minimo de 8 caracteres.").show();
        return false;   
    }
    $("#msg_error").hide();
    var url_php = 'http://localhost:8077/pruebalogin/ajax/procesar_registro.php';

    $.ajax({
        type:'POST',
        url: url_php,
        data: data_form,
        dataType: 'json',
        async: true,
    })
    .done(function ajaxDone(res){
       console.log(res); 
        if(res.error !== undefined){
            $("#msg_error").text(res.error).show();
            return false;
       } 

       if(res.redirect !== undefined){
        window.location = res.redirect;
    } 
    })
    .fail(function ajaxError(e){
        console.log(e);
    })
    .always(function ajaxSiempre(){
        console.log('Final de la llamada ajax.');
    })
    return false;
});

I have this php file to check if user exists and create a new one if not

<?php
require_once "../inc/config.php";

if($_SERVER['REQUEST_METHOD'] == 'POST'){
    header("Content-Type: application/json");
    $return_array=[];
    $nickname = strtolower($_POST['nickname']);

     /* Checking if user exists */
    $find_user = $con->prepare("SELECT * FROM usuarios WHERE nickname = '$nickname' LIMIT 1");
    $find_user->bindParam(':nickname', $nickname, PDO::PARAM_STR);
    $find_user->execute();

        /* if exists */
    if($find_user->rowCount() == 1){
        $return_array['error'] = "Este usuario ya está registrado";
        $return_array['is_login']= false;
    }else{
        $password =password_hash($_POST['password'],PASSWORD_DEFAULT);
        
        $new_user = $con->prepare("INSERT INTO usuarios (nickname, password) VALUES(:nickname, :password)");
        $new_user->bindParam(':nickname', $nickname, PDO::PARAM_STR);
        $new_user->bindParam(':password', $password, PDO::PARAM_STR);
        $new_user->execute();

        $user_id = $con->lastInsertId();
        $_SESSION['user_id']= (int) $user_id;
        $return_array['redirect']= ''; 
        $return_array['is_login']= true;
    }

    echo json_encode($return_array);

}else{
    exit("Refused");
}


?>

Advertisement

Answer

This line

 $find_user = $con->prepare("SELECT * FROM usuarios WHERE nickname = '$nickname' LIMIT 1");
    $find_user->bindParam(':nickname', $nickname, PDO::PARAM_STR);

Should read

 $find_user = $con->prepare("SELECT * FROM usuarios WHERE nickname = :nickname LIMIT 1");
    $find_user->bindParam(':nickname', $nickname, PDO::PARAM_STR);

When you’re using bindParam, you don’t put the data into the prepare statement you put the place holder, which in this case is :nickname

Advertisement