PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: parameter was not defined in add_product.php on line 29

Question

Sorry very new to PHP and mySQL.

Here is the code there error is referring to.

$query = 'INSERT INTO movies
            (title, year, actor, notes, category)
          VALUES
            (:code, :name, :price, :notes, :category_id)';
$statement = $db->prepare($query);
$statement->bindValue(':title', $code);
$statement->bindValue(':year', $name);
$statement->bindValue(':actor', $price);
$statement->bindValue(':notes', $notes);
$statement->bindValue(':category', $category_id);
$statement->execute();
$statement->closeCursor();

The error is refering to the execute(); statement Any help would be great.

Answer 1

I think it should be like this with proper variable binding, you've used wrong names while doing it. Let's do it-

$query = 'INSERT INTO
            movies(title, year, actor, notes, category)
          VALUES 
            (:code, :name, :price, :notes, :category_id)';

$statement = $db->prepare($query);
$statement->bindValue(':code', $code); // see the changes here 
$statement->bindValue(':name', $name); // see the changes here 
$statement->bindValue(':price', $price); // see the changes here 
$statement->bindValue(':notes', $notes);// see the changes here  
$statement->bindValue(':category_id', $category_id); // see the changes here 
$statement->execute();
$statement->closeCursor();

PDOStatement::bindValue — Binds a value to a parameter.

parameter

Parameter identifier. For a prepared statement using named placeholders, this will be a parameter name of the form :name. For a prepared statement using question mark placeholders, this will be the 1-indexed position of the parameter.

value

The value to bind to the parameter.

But in your case you used different names while using bindValue(). See more http://php.net/manual/en/pdostatement.bindvalue.php