Problem with form

idanieleperi · September 27, 2015, 5:29pm

I have this error when I submit my form:

SQLSTATE[HY093]: Invalid parameter number: parameter was not defined

controller:

  //REGISTRAZIONE: Azione quando clicco sul link "REGISTRATI"
if (isset($_GET['addreg']))
{
	
	$pagetitle= 'Registrazione';
	$button= 'Registrati';
	$action= 'addform';
	$id= '';
	$username= '';
	$etàAllenatore= '';
	$psn= '';
	$password= '';
	
	include 'login/form.html.php';
	exit();
}

//REGISTRAZIONE: Azione quando clicco sul bottone "REGISTRATI"
if (isset($_GET['addform']))
{
	include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
	
	try
	{
		$sql= 'INSERT INTO allenatore SET
			etàAllenatore= :etàAllenatore,
			username= :username,
			password= :password,
			psn= :psn';
		
		$s= $pdo->prepare($sql);
		$s->bindValue(':etàAllenatore' , $_POST['etàAllenatore']);
		$s->bindValue(':username' , $_POST['username']);
		$s->bindValue(':password' , $_POST['password']);
		$s->bindValue(':psn' , $_POST['psn']);
		$s->execute();
	}
	catch(PDOException $e)
	{
		$error= "Impossibile completare la registrazione" . $e->getMessage();
		include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.inc.html.php';
		exit();
	}
	
	header('Location: .');
	exit();
}

form:

    <?php include $_SERVER['DOCUMENT_ROOT'] . '/includes/helpers.inc.php'; ?>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title><?php htmlout($pagetitle) ?></title>

<link href="../css/style.css" rel="stylesheet" type="text/css">
<link href="../css/reset.css" rel="stylesheet" type="text/css">
</head>

<body class="bodyLogin">
<!--Contenitore sito-->
<div class="contenitore">
	

    <!--Intestazione-->
    <div class="intestazioneLogin">
		<div class="logoLogin">
    		<a href="#"><img src="../images/logo.png" alt="Manual Manager" width="150px"; height="120.5px"> </a>
		</div>
    </div>
    
    
    
    <div class="registrazione">
 
    	<form action="?<?php htmlout($action)?>" method="post" class="registrazioneForm">
       		<div> <input type="hidden" name="id" id="id" value="<?php htmlout($id) ?>"> </div>
    		<div> <label for="username">Nome Allenatore: <input type="" name="username" id="username" value="<?php htmlout($username) ?>"> </label> </div>
			<div> <label for="password">Password: <input type="password" name="password" id="password" value="<?php htmlout($password) ?>"> </label> </div>
            <div> <label for="etàAllenatore">Età: <input type="" name="etàAllenatore" id="etàAllenatore" value="<?php htmlout($etàAllenatore) ?>"> </label> </div>
            <div> <label for="psn">PSN: <input type="" name="psn" id="psn" value="<?php htmlout($psn) ?>"> </label> </div>
           
			<div> <input type="submit" value="<?php htmlout($button) ?>"> </div>
   		</form>
         
     </div>
    

</div>

</body>
</html>

droopsnoot · September 27, 2015, 5:36pm

I don’t think this is a valid parameter name, though I might be wrong. One note I read suggested parameter names can only contain 0-9, a-z, A-Z and underscore characters.

	$s->bindValue(':etàAllenatore' , $_POST['etàAllenatore']);

If you try without the accented character, does that work?

Drummin · September 27, 2015, 7:20pm

Are we not missing type=“text” on those inputs…

idanieleperi · September 28, 2015, 7:51am

The problem was the accented character, thank you. Another question, how can I add a md5 password into INSERT query?

Thank you

felgall · September 28, 2015, 6:53pm

why do you want to do that rather than using the password functions for hashing the password far more securely?

system · December 29, 2015, 1:54am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.