0

Hello I am using the followng code to update password, but I need to select which users should I update inside my SQL query there is a WHERE Clause if I put number as id like 23 it is working but I wish this id to come from the POST method which is posting the id also from the form, here is the code in this version it is giving me an error: 

`SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens`

and this is the code here 

   <?php


class Users {
public $password = null;
public $salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w";

public function __construct( $data = array() ) {
if( isset( $data['id'] ) ) $this->id = stripslashes( strip_tags( $data['id'] ) );
if( isset( $data['password'] ) ) $this->password = stripslashes( strip_tags( $data['password'] ) );
}


public function storeFormValues( $params ) {
//store the parameters
$this->__construct( $params );
}


public function register() {
$correct = false;
try {
$con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$sql = "Update users SET password = :password WHERE userID = :id";

$stmt = $con->prepare( $sql );
$stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
$stmt->execute();



 return "Registration Successful <br/> <a href='index.php'>Login Now</a>";
       }catch( PDOException $e ) {
                 return $e->getMessage();
       }
}
}


?>

So the question is how to put the posted WHERE userID= :id;

Improve this question
3
  • 1
    $stmt->bindValue( "id",...); Commented Oct 21, 2013 at 21:11
  • The error message is clear. Commented Oct 21, 2013 at 21:12
  • that worked ,you can post it as answer and I will accept it. Thanks. Commented Oct 21, 2013 at 21:13

2 Answers 2

Reset to default
3

You never bind a value for :id. You need something like

$stmt->bindValue(':id', $_POST['id']);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You forget to bindValue() the id:

$stmt->bindValue( "id",...);

EDIT: I know the Marc B answer was first but I just answered because the John Siniger asked to write the anwer

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.