Error in PDO embedded

Question

Error in PDO embedded

Asked 4 years, 10 months ago

Viewed 39 times

-2

Hello,

I have the following code:

public function insert($nome,$email,$senha,$cluster,$situacoes_id,$niveis_acesso_id,$empresa,$modified,$area,$escritorio,$contrato,$regional) {        

       $stmt = $this->pdo->prepare("INSERT INTO [dbo].Usuarios VALUES('$nome','$email','$senha','$cluster','$situacoes_id','$niveis_acesso_id',
       '$empresa','$modified','$area','$escritorio','$contrato','$regional')");

       $stmt->bindParam(':nome', $nome);
       $stmt->bindParam(':email', $email);
       $stmt->bindParam(':senha', $senha);
       $stmt->bindParam(':cluster', $cluster);
       $stmt->bindParam(':situacoes_id', $situacoes_id);
       $stmt->bindParam(':niveis_acesso_id', $niveis_acesso_id);
       $stmt->bindParam(':empresa', $empresa);
       $stmt->bindParam(':modified', $modified);
       $stmt->bindParam(':area', $area);
       $stmt->bindParam(':escritorio', $escritorio);    
       $stmt->bindParam(':contrato', $contrato);    
       $stmt->bindParam(':regional', $regional);    
       $stmt->execute();

       var_dump($stmt->errorInfo());

       if($stmt->rowCount() > 0) {
        echo "cadastro com sucesso";
    }
    else {
        echo "não foi cadastrado";
    }



}

is reporting this error:

array(3) { [0]=> string(5) "IMSSP" [1]=> int(-29) [2]=> string(84) "Tried to bind Parameter number 0. SQL Server Supports a Maximum of 2100 Parameters." } was not registered

According to the Error "SQL Server supports at most 2100 parameters."... You are trying to insert a very large value into the database.

– Jakson Fischer

2020/01/07 at 17:46
I have already checked the data by editing the separation Insert in Sql Server and it works, in code that is not working.

– Sandro

2020/01/07 at 17:51
I found something here, try the following: INSERT INTO [dbo].Usuarios VALUES($nome,$email,$senha,$cluster,$situacoes_id,$niveis_acesso_id,
 $empresa,$modified,$area,$escritorio,$contrato,$regional), Maybe taking out the ' works.

– Jakson Fischer

2020/01/07 at 17:57
Build the query text in a similar way to: INSERT INTO [dbo]. Usuarios (name, email, ...outros_campos) values (:name, :email, ...:outros_campos)

– Benilson

2020/01/07 at 18:01
You noticed that you set the values of the parameters, but in no time you use them in SQL? You used the variables directly instead of using the parameters.

– Woss

2020/01/07 at 18:01
I don’t understand, I’m not using in SQL?

– Sandro

2020/01/07 at 18:20

Show 1 more comment

1 answer

Browser other questions tagged php sql pdo

You are not signed in. Login or sign up in order to post.

by Júlio Neto • **1,228** points · Answer 1 · 2020-01-07T18:37:12+00:00

Your query is misspelled:

$stmt = $this->pdo->prepare("INSERT INTO [dbo].Usuarios VALUES('$nome','$email','$senha','$cluster','$situacoes_id','$niveis_acesso_id',
       '$empresa','$modified','$area','$escritorio','$contrato','$regional')");

Parameters in a Prepared statement should start with colon and single quotes are unnecessary, even in char fields:

$stmt = $this->pdo->prepare("INSERT INTO [dbo].Usuarios VALUES(:nome,:email,:senha,:cluster,:situacoes_id,:niveis_acesso_id,
       :empresa,:modified,:area,:escritorio,:contrato,:regional)");