CODEWITHSUNDEEP
phpmysqlpdo
Mr.Smithyyy
Mr.Smithyyy

Reputation: 1329

Stuck Invalid parameter number: number of bound variables does not match number of tokens

I've been stuck on this for quite a while and I can't seem to find another answer that matches my situation.

In my User Class:

public function register($uFirstName,$uLastName,$uCompany,$uEmail,$uPassword,$uAccess)
{
        try
        {
            $newPassword = password_hash($uPassword, PASSWORD_DEFAULT);

            $stmt = $this->db->prepare("INSERT INTO users(FirstName,LastName,Company,Email,Password,Access) VALUES (:uFirstName,uLastName,uCompany,uEmail,uPassword,uAccess)");

            $stmt->bindparam("uFirstName", $uFirstName);
            $stmt->bindparam("uLastName", $uLastName);
            $stmt->bindparam("uCompany", $uCompany);
            $stmt->bindparam("uEmail", $uEmail);
            $stmt->bindparam("uPassword", $uPassword);
            $stmt->bindparam("uAccess", $uAccess);

            $stmt->execute();

            return $stmt;
        }
        catch(PDOException $e)
        {
            echo $e->getMessage();
        }
}

In my form page:

if(isset($_POST['btn-signup']))
{
    $uFirstName = trim($_POST['regFirstName']);
    $uLastName = trim($_POST['regLastName']);
    $uCompany = trim($_POST['regCompany']);
    $uEmail = trim($_POST['regEmail']);
    $uEmailVerify = trim($_POST['regEmailVerify']);
    $uPassword = trim($_POST['regPassword']);
    $uAccess = 0;

    if ($uEmail != $uEmailVerify) {
        $error = "Emails Don't Match";
    }
    else if (!filter_var($uEmail, FILTER_VALIDATE_EMAIL)) {
        $error = "Please Enter a Valid Email";
    }
    else if (strlen($uPassword) < 6) {
        $error = "Password must be at least 6 characters";
    }
    else {
        try
        {
            $stmt = $DB_con->prepare("SELECT Email FROM users WHERE Email=:uEmail");
            $stmt->execute(array(':uEmail' => $uEmail));

            $row = $stmt->fetch(PDO::FETCH_ASSOC);

            if ($row['Email'] == $uEmail) {
                $error = "Email is Already Registered, Log In Instead";
            }
            else {
                if ($user->register($uFirstName,$uLastName,$uCompany,$uEmail,$uPassword,$uAccess)) {
                    $user->redirect('http://facebook.com');
                }
            }
        }
        catch (PDOException $e)
        {
            echo $e->getMessage();
        }
    }
}

Upvotes: 3

Views: 503

Answers (1)

Funk Forty Niner
Funk Forty Niner

Reputation: 74217

Here look at your values

VALUES (:uFirstName,uLastName,uCompany,uEmail,uPassword,uAccess)

you only binded the first one and not the others.

Edit:

I see that you are not using password_verify() in your second piece of code, but only checking if the email exists.

If you have any problems with that, visit one of ircmaxell's answers https://stackoverflow.com/a/29778421/1415724

Pulled from that answer:

And on login:

$sql = "SELECT * FROM users WHERE username = ?";
$stmt = $dbh->prepare($sql);
$result = $stmt->execute([$_POST['username']]);
$users = $result->fetchAll();
if (isset($users[0]) {
    if (password_verify($_POST['password'], $users[0]->password) {
        // valid login
    } else {
        // invalid password
    }
} else {
    // invalid username
}

Upvotes: 3

Related Questions