Last active
April 30, 2018 03:30
-
-
Save terrymun/39b001c073b0c31a3ea9 to your computer and use it in GitHub Desktop.
The difference between bindParam() and bindValue()
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Assuming that database connection is already open | |
| // Get username | |
| $username = 'johndoe'; | |
| $stmt = $db->prepare("SELECT user, email, country FROM users WHERE user = :username"); | |
| $stmt->bindParam(':username', $username); | |
| $username = 'janesmith'; | |
| $stmt->execute(); | |
| // Statement will be executed using 'janesmith' as the username... | |
| // because :username searches for $username upon execution, and | |
| // the last known value of $username is 'janesmith' | |
| ?> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Assuming that database connection is already open | |
| // Get username | |
| $username = 'johndoe'; | |
| $stmt = $db->prepare("SELECT user, email, country FROM users WHERE user = :username"); | |
| $stmt->bindValue(':username', $username); | |
| $username = 'janesmith'; | |
| $stmt->execute(); | |
| // Statement will be executed using 'johnsmith' as the username... | |
| // because the literal value "johndoe" has been bound to :username | |
| // prior to the bindValue() function. Further changes to $username | |
| // will not be reflected in the prepared statement. | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
you have a mistake the second example should be johndoe not johnsmith.