SitePoint Sponsor |
|
User Tag List
Results 1 to 5 of 5
Thread: PDO bindParam confusion
-
Oct 11, 2007, 17:39 #1
- Join Date
- Dec 2004
- Location
- Canada
- Posts
- 162
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
PDO bindParam confusion
I am exploring PDO at the moment, and for the life of me I cannot see the point of such things as PDO::PARAM_INT within bindParam. Supposedly it is meant to raise an error, but I can bind whatever param I like, integer or not, and the query executes without blinking an eye.
An example that I copied verbatim can be found here: http://phpro.org/tutorials/Introduct...HP-PDO.html#10
The following PDO::PARAM_INT and PDO::PARAM_STR seem to have no effect whatsoever:
$stmt->bindParam(':animal_id', $animal_id, PDO::PARAM_INT);
$stmt->bindParam(':animal_name', $animal_name, PDO::PARAM_STR, 5);
What am I missing?
-
Oct 11, 2007, 17:58 #2
- Join Date
- May 2004
- Location
- Central USA
- Posts
- 806
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I am not 100% sure how it works, but it looks like it may just be casting the value to the specified type instead of raising an error. If that is the case, it would be identical to:
$stmt->bindParam(':animal_id', (int) $animal_id);Stackbox CMS - Full edit-on-page drag-and-drop CMS
Autoridge - Vehicle information & maintenance part numbers
Twitter | Blog | Online Javascript Compressor
-
Oct 11, 2007, 19:06 #3
It doesn't validate the value it cast it and puts it into the query fitting the field type setting in the table.
For example char fields in SQL need to be quoted but integers do not.
Prepared statements quotes values that need to be quoted and those that are not, etc.
It does not validate.
Code:bool bindParam ( mixed $parameter, mixed &$variable [, int $data_type [, int $length [, mixed $driver_options]]] )
data_type
Explicit data type for the parameter using the PDO::PARAM_* constants. Defaults to PHP native type. To return an INOUT parameter from a stored procedure, use the bitwise OR operator to set the PDO::PARAM_INPUT_OUTPUT bits for the data_type parameter.
-
Oct 11, 2007, 20:31 #4
- Join Date
- Apr 2004
- Location
- Melbourne
- Posts
- 362
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
As far as I remember, it's for telling PDO how to do things such as escaping the value when building the final SQL statement.
-
Oct 12, 2007, 07:19 #5
- Join Date
- Feb 2007
- Location
- USA
- Posts
- 64
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
PDO freedom!
The answer i believe is in the query and database itself. I have not used PDO more than a few times, but if i recall correctly the usage i had for defining that third field was to bind a boolean 'false' parameter. Just giving it 'false' converted it into a string, and postgresql did not like having a string put into a boolean only field.
PHP Code:$trueOrFalse = true;
//This code works
$stmt->bindParam(':boolean', $trueOrFalse, PDO::PARAM_BOOL);
//This code has the database saying nasty things about my mother
$stmt->bindParam(':boolean', $trueOrFalse);
The best resource for pdo, it's parameters and gotcha's can be found at: http://us2.php.net/pdo.
Also, another thing to watch for is misuse of bindParam(). bindParam() is meant to be used only when your parameter will be changing throughout the course of the function you declared. bindValue() will bind a single value and has the same syntax as bindParam().
Hope this gives you a heads up on PDO. Read through the PHP documentation on pdo i provided via the link. You'll have it up and running in no time.
-Nick
Bookmarks