PHP / MYSQL - Drop Database Using Prepared Statement

Question

PHP / MYSQL - Drop Database Using Prepared Statement

I would like to delete the database using PDO.

This approach was the best for me.

function delete_db($database)
{
  $statement = $my_pdo_obj->prepare("DROP DATABASE IF EXISTS :database");
  $statement->bindParam(":database", $database);
  $statement->execute();
}

But unfortunately, I have a PDOException saying that my bound value ($ database) has a syntax error:

Fatal error: throw a "PDOException" exception with the message "SQLSTATE [42000]: syntax error or access violation: 1064 You have an error in the SQL syntax; check the manual that matches your MySQL server version for the correct syntax to use next to ?? in line 1 '

So, I tried to execute the request by following

function delete_db($database)
{
  $statement = $my_pdo_obj->exec("DROP DATABASE IF EXISTS " . $database);
}

And it works.

I was wondering why the prepared statement did not work, as well as if the second request was protected.

Thanks for your ideas!

+4

php pdo

Xor 02 . '17 17:14

2

, PDO .

, !

PHP PDO ?

0

Matthias Weiß 02 . '17 17:16

Artem Ilchenko · Accepted Answer · 2017-01-02T17:17:48+0000

, ..

http://php.net/manual/ru/pdo.prepare.php#111977

PHP / MYSQL - Drop Database Using Prepared Statement

More articles: