MSSQL php pdo pagination, something is wrong on bindParam

Question

MSSQL php pdo pagination, something is wrong on bindParam

Works great with MsSQL:

$ppage = 15;
$poset = 0;
$stmt = "SELECT * FROM tbl ORDER BY ID OFFSET {:$poset } ROWS FETCH NEXT {:ppage } ROWS ONLY";
$stmt = $this->conn->prepare($stmt);
$stmt->execute();
return $row = $stmt->fetchAll();

Not working fine with MsSQL:

$ppage = 15;
$poset = 0;
$stmt = "SELECT * FROM tbl ORDER BY ID OFFSET :poffset ROWS FETCH NEXT :perpage ROWS ONLY";
$stmt = $this->conn->prepare($stmt);
$stmt->bindParam(':poffset', $poset);
$stmt->bindParam(':perpage', $ppage);
$stmt->execute();
return $row = $stmt->fetchAll();

the request is fine, I use variables to run with the actual actual data, but it does not work when I set the variable bindParam, when I am missing.

early.

+4

php sql-server pdo

Sar Jul 25 '16 at 4:26

source share

2 answers

Instead of using the function bindParam()inside the function parameters, execute()add an array containing the values.

Something like that:

$stmt = $this->conn->prepare($stmt);
$stmt->execute(array(':poffset' => $poset, ':perpage' => $ppage)); // using an array rather than the bindValue function.

, , bindParam, =>.

, , bindParam() &, - SQL Injection.

+3

GROVER. 25 . '16 4:38

mister martin · Accepted Answer · 2016-07-25T04:31:41+0000

Try using instead bindValue:

$stmt = $this->conn->prepare($stmt);
$stmt->bindValue(':poffset', $poset, PDO::PARAM_INT);
$stmt->bindValue(':perpage', $ppage, PDO::PARAM_INT);
$stmt->execute();

MSSQL php pdo pagination, something is wrong on bindParam

early.

More articles: