Few days ago, I decided to build my own minimalistic Feed reader using SQLite3 for the backend and SimplePie – a very fast and easy-to-use feed parser, written in PHP.
Note: I am using PDO as my database abstraction layer.
I wrote the PHP class to connect to the SQLite database and a method that contains the SQL query that will insert records to the DB.
When I check to ensure the code wasn’t going awry, it indeed was as I got this error message:
General error: 25 bind or column index out of range
Possible Cause of this Error
Error in SQL query
This was the cause of the error in my case.
Below is a code excerpt from the Feed reader class.public function addFeed($name, $url) { try { $conn = $this -> conn; $conn -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $sql = 'INSERT INTO feeds (name, url) VALUES (:name, :name)'; $update = $conn -> prepare($sql); $update -> bindValue(':name', $name); $update -> bindValue(':url', $url); } catch (PDOException $e) { echo $e -> getMessage(), $e -> getLine(); } }Examining the SQL query in $sql variable, you could see I was binding the same parameter to both “name” and “url” column.
The right code should have been:$sql = 'INSERT INTO feeds (name, url) VALUES (:name, :url)';Addition of quotes to placeholder
When using prepared statements, the placeholders shouldn’t be quoted.
For example, these are wrong:
$sql = "UPDATE feed SET name = ':name', url = ':url'";$sql = 'INSERT INTO feeds (name, url) VALUES (":name", ":url")';These are right:
$sql = "UPDATE feed SET name = :name, url = :url";$sql = 'INSERT INTO feeds (name, url) VALUES (:name, :url)';Conclusion
Although this error was due to typographical error in the prepared statements, I felt I should write a blog post on it. Who knows, someone might find it useful someday.