validate session gives me error

hello friends I have modified a file validate session in pdo but I get an error the error that gives me is the following:

  

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE [HY093]: Invalid parameter number: no parameters were bound' in C: \ xampp \ htdocs \ pdo \ validar.php: 73 Stack trace: # 0 C: \ xampp \ htdocs \ pdo \ validar.php (73): PDOStatement-> execute () # 1 {main} thrown in C: \ xampp \ htdocs \ pdo \ validar.php on line 73

I append the code to see where it failed

<?php



include("conexion/conexion.php");


$user = $_POST['user'];   
$password = $_POST['password'];


$user_check = $DB_con->prepare('SELECT user FROM user WHERE user = :user LIMIT 1');
$user_check->bindParam(':user', $_POST['user']);
$user_check->execute();
if($user_check->rowCount() > 0){ ?>


<div class='col s12 card-panel blue lighten-2 center'>
<h5 class='black-text text-darken-2 center CONDENSED LIGHT5'>¡ Ups Aviso: Usuario Incorrecto !
</h5>
<?php header("refresh:5;login.php"); ?>
</div>



<?php 

        }

$hash_password= hash('sha256', $_POST['password']);
$sql = $DB_con->prepare('SELECT * FROM user WHERE user = :user AND 
password = :password AND idnivel = \'Administrador\'  LIMIT 1');
$sql->bindParam(':user', $_POST['user']);
$sql->bindParam(':password', $_POST['password']);
$sql->execute();
$sql->closeCursor();
if($sql->rowCount()){


session_start();


$_SESSION['id'] = $id;
$_SESSION['correo'] = $correo;
$_SESSION['idnivel'] = 'Administrador';
$_SESSION['Administrador'] = $clave;
$_SESSION['nombres'] = $row['nombres'] . ' ' . $row['apellidos'];


?>


<?php header("Location: admin/home.php"); ?>


<?php  } else {  ?>


<div class='col s12 card-panel blue lighten-2 center'>
<h5 class='black-text text-darken-2 center CONDENSED LIGHT5'>¡ Ups Aviso: Contraseña incorrecta !
</h5>
<?php header("refresh:5;login.php"); ?>
</div>



<?php


        }

$hash_password= hash('sha256', $_POST['password']);
$sql = $DB_con->prepare('SELECT * FROM user WHERE user = :user AND 
password = :password AND idnivel = \'Usuarios\'  LIMIT 1');
$sql->execute();
$sql->closeCursor();
if($sql->rowCount()){


session_start();


$_SESSION['id'] = $id;
$_SESSION['correo'] = $correo; //muestra el login
$_SESSION['idnivel'] = 'Secretarias'; //muestra el nivel del usuario
$_SESSION['Secretarias'] = $correo;
$_SESSION['nombres'] = $row['nombres'] . ' ' . $row['apellidos'];
$_SESSION['cedula'] = $row['cedula'];


?>


<?php header("Location: secretaria/home.php"); ?>


<?php  } else {  ?> 


<div class='col s12 card-panel blue lighten-2 center'>
<h5 class='black-text text-darken-2 center CONDENSED LIGHT5'>¡ Ups Aviso: Contraseña incorrecta !
</h5>
<?php header("refresh:5;login.php"); ?>
</div>


<?php

        }

$hash_password= hash('sha256', $_POST['password']);
$sql = $DB_con->prepare('SELECT * FROM user WHERE user = :user AND 
password = :password AND idnivel = \'Secretarias\'  LIMIT 1');
$sql->execute();
if($sql->rowCount()){


session_start();


$_SESSION['id'] = $id;
$_SESSION['correo'] = $correo;
$_SESSION['idnivel'] = 'Usuarios';
$_SESSION['Usuarios'] = $correo;
$_SESSION['nombre'] = $row['nombre'] . ' ' . $row['apellido'];

?>


<?php header("Location: usuarios/home.php"); ?>


<?php  } else {  ?>


<div class='col s12 card-panel blue lighten-2 center'>
<h5 class='black-text text-darken-2 center CONDENSED LIGHT5'>¡ Ups Aviso: Contraseña incorrecta !
</h5>
<?php header("refresh:5;login.php"); ?>
</div>


<?php
}

$sql = null;
$DB_con = null;

?>

thanks in advance