Explained by PDO and bindparam

Question

Explained by PDO and bindparam

I'm new to PDO and I have to say that I like it so far, but I'm still a little unstable with respect to some of the calls that it uses, and the documentation is not so bad.

I use a couple of stored procedures and from what I understand about PDO, I have to use training for this. I am creating a module that will store information about any errors caused by the user. I understand that bindParam will escape any quotes and clear the string before it is inserted into the database, which is NOT what I want. I want to see the line when the user entered it for troubleshooting. I tried to refuse bindparam calls, but get errors about trying to follow the link. Is there any way I can achieve this? Also open to suggestions. Thanks.

+4

php

jim Feb 25 '10 at 1:47

source share

1 answer

bobince · Accepted Answer · 2010-02-25T02:12:11+0000

bindParam does not " bindParam away" or "does not clear anything" as such. It sends the string you supply directly to the database layer, verbatim. Any character ' included in the string ends with the character ' in the database column. That the entire parameterization parameter: there are no special characters to worry about.

If you are having trouble passing non- bindParam , I suggest using bindValue . In fact, I would highly recommend using this call all the time, because the behavior of the bindParam link (and mysqli_stmt_bind_param ) is confusing and almost always undesirable.

Explained by PDO and bindparam

More articles: