PDOStatement->bindParam()
What the bindValue() docs fail to explain without reading them _very_ carefully is that bindParam() is passed to PDO byref - whereas bindValue() isn't.
Thus with bindValue() you can do something like $stmt->bindValue(":something", "bind this"); whereas with bindParam() it will fail because you can't pass a string by reference, for example.
PDOStatement->bindValue()
(PHP 5 >= 5.1.0, PECL pdo:1.0-1.0.3)
PDOStatement->bindValue() — Binds a value to a parameter
Description
PDOStatement
bool bindValue
( mixed $parameter
, mixed $value
[, int $data_type
] )
Binds a value to a corresponding named or question mark placeholder in the SQL statement that was use to prepare the statement.
Parameters
- parameter
-
Parameter identifier. For a prepared statement using named placeholders, this will be a parameter name of the form :name. For a prepared statement using question mark placeholders, this will be the 1-indexed position of the parameter.
- value
-
The value to bind to the parameter.
- data_type
-
Explicit data type for the parameter using the PDO::PARAM_* constants. Defaults to PHP native type.
Return Values
Returns TRUE on success or FALSE on failure.
Examples
Example#1 Execute a prepared statement with named placeholders
<?php
/* Execute a prepared statement by binding PHP variables */
$calories = 150;
$colour = 'red';
$sth = $dbh->prepare('SELECT name, colour, calories
FROM fruit
WHERE calories < :calories AND colour = :colour');
$sth->bindValue(':calories', $calories, PDO::PARAM_INT);
$sth->bindValue(':colour', $colour, PDO::PARAM_STR);
$sth->execute();
?>
Example#2 Execute a prepared statement with question mark placeholders
<?php
/* Execute a prepared statement by binding PHP variables */
$calories = 150;
$colour = 'red';
$sth = $dbh->prepare('SELECT name, colour, calories
FROM fruit
WHERE calories < ? AND colour = ?');
$sth->bindValue(1, $calories, PDO::PARAM_INT);
$sth->bindValue(2, $colour, PDO::PARAM_STR);
$sth->execute();
?>
add a note
User Contributed NotesPDOStatement->bindValue()
streaky at mybrokenlogic dot com
08-Jan-2008 11:20
08-Jan-2008 11:20
joe at dsforge dot net
01-Oct-2007 03:46
01-Oct-2007 03:46
note that bindParam() doesn't let you bind a table name into a prepared statement, whereas this can be done with bindValue()...