Strange PDO error hy093

Question

First of all, excuse me, if similar questions have been asked before. But I did not find anything that could help me with my problem.

On it goes: In a class, I generate an SQL statement like this:

        $params = array();
$query = 'INSERT INTO '.TABLE_SETTINGS.' SET type=:type,';
        $params[] = array('type' => $setting['type']);

        if(!isset($setting['attributes'])){
            $query .= 'attributes=NULL,';   
        } else {
            $query .= 'attributes=:attributes,';
            $params[] = array('attributes' => $setting['attributes']);
        }

        if(!isset($setting['partid'])){
            $query .= 'partid=NULL,';   
        } else {
            $query .= 'partid=:partid,';
            $params[] = array('partid' => (int)$setting['partid']);
        }

        if(!isset($setting['description'])){
            $query .= 'description=NULL,';  
        } else {
            $query .= 'description=:description,';
            $params[] = array('description' => addslashes($setting['description']));
        }


        $query .= 'host=:host,name=:name,';
        $params[] = array('host' => (int)$setting['host']);
        $params[] = array('name' => $setting['name']);

        if(!isset($setting['content'])){
            $query .= 'content=NULL,';  
        } else {
            $query .= 'content=:content,';
            $params[] = array('content' => addslashes($setting['content']));
        }

        if(!isset($setting['trigger'])){
            $query .= 'trigger=NULL';   
        } else {
            $query .= 'trigger=:trigger';
            $params[] = array('trigger' => addslashes($setting['trigger']));
        }

After that, I pass it to a database function: dbQuery($query,$params)

The function dbQuery relies on a working PDO Connection and goes like this:

function dbQuery($query,$params = array()){
global $DBVARS;  // I know that is not very nice ;-)
$db = dbInit();

$prefix = isset($DBVARS['table_prefix']) ? $DBVARS['table_prefix'] : '';
$sql = str_replace("{prefix}",$prefix,$query);

if(isset($params) && is_array($params) && count($params) > 0){
    $q = $db->prepare($sql);
    if(!$q->execute($params)){ // Added this just for debugging purpose
        $q = $q->errorCode();
    }
} else {
    $q = $db->query($sql);
}
$db->num_queries++;

return $q;

}

If I now var_dump(dbQuery($query,$params)), it returns me the HY093 error, which tells me, that my parameters do not match the tokens, at least that was what I have found via google. To make it clear, I show here the complete generated $query:

INSERT INTO table_name SET type=:type,attributes=NULL,partid=NULL,description=:description,host=:host,name=:name,content=:content,trigger=NULL

And this is the array $params:

array(5) { [0]=> array(1) { ["type"]=> string(5) "yesno" } [1]=> array(1) { ["description"]=> string(79) "If yes, the link to the password score table is shown. It is hidden by default." } [2]=> array(1) { ["host"]=> int(49) } [3]=> array(1) { ["name"]=> string(17) "enable_scoretable" } [4]=> array(1) { ["content"]=> string(3) "yes" } }

I checked it several times, but as far as I can see, the count of my elements matches the count of my array and the names are equal, too. So where do I have the error?

I am fairly new to php, and english is not my natve tongue, so I hope I could express myself well enough.

Any help with this is gadly appreciated. I have been googling for hours without any usable result. So I decided to post my very first question here.

Greetings from Germany and thank you for your help.

Answer 1

It's not the right syntax for a insert query ! Your are confounding with an update query ...

INSERT INTO table_name (column1, column2, column3,...) VALUES (value1, value2, value3,...)

---

Edit :

$params[] = array('type' => $setting['type']); // Wrong

It's gonna create an array of arrays.

$params = array_merge($params, array('type' => $setting['type']));