ZF-159: PDOException thrown "SQLSTATE[HY093]: Invalid parameter" on some queries due to bad parameter handling

Description

from Namolovan Nicolae on the mailing list


class ServersTable extends Zend_Db_Table {
    protected $_name = 'servers';
}

$dbIns = array(
   'name'=>'sdf',
   'os_ver'=>'2'
);

$table = new ServersTable();
$id = $table->insert($dbIns);

I get the follow error: "Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: parameter was not defined' in ..\Zend\Db\Adapter\Abstract.php:157"

This is because placeholders underscores are removed (in Db\Adapter\Abstract.php:124)


        // build the statement
        $sql = "INSERT INTO $table "
             . '(' . implode(', ', $cols) . ') '
             . 'VALUES (:' . str_replace("_", "", implode(', :', $cols)) . ')';

The result are:


INSERT INTO servers (name, os_ver) VALUES (:name, :osver)

My $dbIns don't contain any "osver" key, only "os_ver". That's why I get the PDO exception..

What is the solution to this problem ?

Comments

and from Ramon de la Fuente on the mailing list as well

I had the same question a few weeks ago - as I have not received answers I'm kicking this back into the list:

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: no parameters were bound'

Using:


  $db = Zend_Db::factory()
  $db->query()

Turns out I had a question-mark in the data, which automatically turns into a placeholder even if you don't add a replacement array parameter. Is this intended?

Also, replacing the $db>query() with $db->insert(), I found that my column names (array_keys) get renamed without underscores. Again, is this intended?

Duplicates [ZF-140]