PDO DELETE query Invalid parameter number: parameter was not defined

Question

I am having issues getting a PDO prepared DELETE query to work. I am unsure of how I need to structure the bindParam in this instance. I get this warning:

Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: parameter was not defined

What am I doing wrong?

if(isset($_POST['delete'])) {
    $id = $_POST['id'];
    $stmt = $dbc->prepare("DELETE FROM users WHERE id = ?");
    $stmt->bindParam(' :id', $id);
    $stmt->execute();
}

<form method="POST">
            <tr>
                <td><input name="id" value="<?php echo $row['id'];?>" readonly></td>
                <td><input name="first" value="<?php echo $row['first'];?>"></td>
                <td><input name="last" value="<?php echo $row['last'];?>"></td>
                <td><input name="product" value="<?php echo $row['product'];?>"></td>
                <td><button name="save" type="submit">Save</button></td>
                <td><button name="delete" type="submit">Delete</button></td>
            </tr>
        </form>

Answer 1

In fact, with PDO, you've to give the type, else it's replaced by a string (your ID is probably an int). Use the optional parameter PDO::PARAM_INT So the code should be :

if(isset($_POST['delete'])) {
    $id = $_POST['id'];
    $stmt = $dbc->prepare("DELETE FROM users WHERE id = :id");
    $stmt->bindParam(' :id', $id, PDO::PARAM_INT);
    $stmt->execute();
}

You could find other types on official documentation : https://www.php.net/manual/en/pdo.constants.php

And if you're interested why the type FLOAT isn't here, follow the white rabbit on Stackoverflow : PDO::PARAM_FLOAT does not exist, why?

Hope to help you with my answer, like I've just discovered few minuts ago.