What do I miss in this function?

Here is the call for the function:
$result = insert_tokens_for_pwdreset($userEmail, $selector, $token, $expires);
And here is the function :

function insert_tokens_for_pwdreset($pwdResetEmail, $pwdResetSelector, $pwdResetToken, $pwdResetExpires)
{
	global $db;
	$hashedToken = password_hash($pwdResetToken, PASSWORD_DEFAULT);
	try
	{
		
		$sql = "INSERT INTO pwdReset (pwdResetEmail, pwdResetSelector, pwdResetToken,                 pwdResetExpires)
		VALUES (?, ?, ?, ?)";
		
		
		$stmt = $db->prepare($sql);
		$stmt->bindParam(':pwdResetEmail', $pwdResetEmail, PDO::PARAM_STR);
		$stmt->bindParam(':pwdResetSelector', $pwdResetSelector, PDO::PARAM_STR);
		$stmt->bindParam(':pwdResetToken', $hashedToken, PDO::PARAM_STR);
		$stmt->bindParam(':pwdResetExpires', $pwdResetExpires, PDO::PARAM_STR);
		$stmt->execute();
        return true;

	} catch(Exception $e)
	{
	   echo $e;
	   die();
	   //return false;
	}
   }// End function

This is the table screenshot :

table916×209 12.9 KB

And this is the error message:
PDOException: SQLSTATE[HY093]: Invalid parameter number: parameter was not defined in /home4/traderan/public_html/includes/fetch.php:1660 Stack trace: #0 /home4/traderan/public_html/includes/fetch.php(1660): PDOStatement->execute() #1 /home4/traderan/public_html/includes/reset-request.inc.php(41): insert_tokens_for_pwdreset(‘erez.vol@gmail…’, ‘8949a7e759631d0…’, ‘\x97j\x1F\x1Ct\x1D\x96\xEAU\r\xB7\xCF|\xF8\n…’, ‘1696035173’) #2 {main}

What did I miss here ?

Take a look at

I’m surprised you don’t get a syntax error.

Your query uses unnamed parameters while you bind named parameters.

If you change your query to this it should work

INSERT INTO pwdReset (pwdResetEmail, pwdResetSelector, pwdResetToken, pwdResetExpires) VALUES (:pwdResetEmail, :pwdResetSelector, :pwdResetToken, :pwdResetExpires)

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.