Hello I am using the followng code to update password, but I need to select which users should I update inside my SQL query there is a WHERE Clause if I put number as id like 23 it is working but I wish this id to come from the POST method which is posting the id also from the form, here is the code in this version it is giving me an error:
`SQLSTATE[HY093]: Invalid parameter number: number of bound variables does not match number of tokens`
and this is the code here
<?php
class Users {
public $password = null;
public $salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w";
public function __construct( $data = array() ) {
if( isset( $data['id'] ) ) $this->id = stripslashes( strip_tags( $data['id'] ) );
if( isset( $data['password'] ) ) $this->password = stripslashes( strip_tags( $data['password'] ) );
}
public function storeFormValues( $params ) {
//store the parameters
$this->__construct( $params );
}
public function register() {
$correct = false;
try {
$con = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
$con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
$sql = "Update users SET password = :password WHERE userID = :id";
$stmt = $con->prepare( $sql );
$stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
$stmt->execute();
return "Registration Successful <br/> <a href='index.php'>Login Now</a>";
}catch( PDOException $e ) {
return $e->getMessage();
}
}
}
?>
So the question is how to put the posted WHERE userID= :id;
