SyntaxFix

[php] What is the difference between bindParam and bindValue?

What is the difference between PDOStatement::bindParam() and PDOStatement::bindValue()?

This question is related to php pdo bindparam bindvalue

The answer is

The simplest way to put this into perspective for memorization by behavior (in terms of PHP):

  • bindParam: reference
  • bindValue: variable

For the most common purpose, you should use bindValue.

bindParam has two tricky or unexpected behaviors:

  • bindParam(':foo', 4, PDO::PARAM_INT) does not work, as it requires passing a variable (as reference).
  • bindParam(':foo', $value, PDO::PARAM_INT) will change $value to string after running execute(). This, of course, can lead to subtle bugs that might be difficult to catch.

Source: http://php.net/manual/en/pdostatement.bindparam.php#94711

From Prepared statements and stored procedures

Use bindParam to insert multiple rows with one time binding:

<?php

$stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (?, ?)");
$stmt->bindParam(1, $name);
$stmt->bindParam(2, $value);

// insert one row
$name = 'one';
$value = 1;
$stmt->execute();

// insert another row with different values
$name = 'two';
$value = 2;
$stmt->execute();

Here are some I can think about :

  • With bindParam, you can only pass variables ; not values
  • with bindValue, you can pass both (values, obviously, and variables)
  • bindParam works only with variables because it allows parameters to be given as input/output, by "reference" (and a value is not a valid "reference" in PHP) : it is useful with drivers that (quoting the manual) :

support the invocation of stored procedures that return data as output parameters, and some also as input/output parameters that both send in data and are updated to receive it.

With some DB engines, stored procedures can have parameters that can be used for both input (giving a value from PHP to the procedure) and ouput (returning a value from the stored proc to PHP) ; to bind those parameters, you've got to use bindParam, and not bindValue.

You don't have to struggle any longer, when there exists a way lilke this:

$stmt = $pdo->prepare("SELECT * FROM someTable WHERE col = :val");
$stmt->execute([":val" => $bind]);

From the manual entry for PDOStatement::bindParam:

[With bindParam] Unlike PDOStatement::bindValue(), the variable is bound as a reference and will only be evaluated at the time that PDOStatement::execute() is called.

So, for example:

$sex = 'male';
$s = $dbh->prepare('SELECT name FROM students WHERE sex = :sex');
$s->bindParam(':sex', $sex); // use bindParam to bind the variable
$sex = 'female';
$s->execute(); // executed with WHERE sex = 'female'

or 

$sex = 'male';
$s = $dbh->prepare('SELECT name FROM students WHERE sex = :sex');
$s->bindValue(':sex', $sex); // use bindValue to bind the variable's value
$sex = 'female';
$s->execute(); // executed with WHERE sex = 'male'

Source: Stackoverflow.com

Examples related to php

I am receiving warning in Facebook Application using PHP SDK Pass PDO prepared statement to variables Parse error: syntax error, unexpected [ Preg_match backtrack error Removing "http://" from a string How do I hide the PHP explode delimiter from submitted form results? Problems with installation of Google App Engine SDK for php in OS X Laravel 4 with Sentry 2 add user to a group on Registration php & mysql query not echoing in html with tags? How do I show a message in the foreach loop?

Examples related to pdo

Pass PDO prepared statement to variables PDO::__construct(): Server sent charset (255) unknown to the client. Please, report to the developers Laravel Migration Error: Syntax error or access violation: 1071 Specified key was too long; max key length is 767 bytes PHP 7 RC3: How to install missing MySQL PDO PHP Connection failed: SQLSTATE[HY000] [2002] Connection refused ERROR: SQLSTATE[HY000] [2002] No connection could be made because the target machine actively refused it php artisan migrate throwing [PDO Exception] Could not find driver - Using Laravel How to check if a row exists in MySQL? (i.e. check if an email exists in MySQL) PDOException SQLSTATE[HY000] [2002] No such file or directory How do I configure php to enable pdo and include mysqli on CentOS?

Examples related to bindparam

What is the difference between bindParam and bindValue?

Examples related to bindvalue

What is the difference between bindParam and bindValue?

Tags

Html-to-pdf Pipes-filters Distribution Addrange Selectmethod Predict Return Directoryentry Dojo-dnd Onscroll Multimap Db-structure Session-replication Text-size Sum-of-digits Blu-ray Process-management Openfire Radcombobox Appendfile Mtj Abstract-base-class Time-trial Event-tracking Ora-01747 Overlay-icon-disappear Cmmi Word Refresher Devdefined-oauth Agi Header-files Getter-setter Overwrite Nsnetservicebrowser Audioqueue Dllhost Pstricks Graphicsmagick Drupal-domain-access Libxml2 Icccm Ngen Mysql-error-1146 Inno-setup Spinning Apache-felix Autocad Sizing Nsdialogs Autotools Dynamic-data Turkish Jsfiddle Biopython Zend-date Gnu-fileutils Lua Scientific-software Permissions Orbited Conditional-attribute Bitmapeffect Concurrency Arithmetic-expressions Mysql-error-1066 777 Macrubyc Facebooktoolkit Stm32 Moq Pastrykit String-conversion Author Web-search Data-processing Livesearch Generic-function Scope-creep Focusout Csg Finder-sql Sigabrt Curvycorners Crc16 Swiz Knopflerfish Density-independent-pixel Protected-mode Rosetta Rights-management Mojibake Service-name Commit Cp1251 Encoding Logarithm Storing-information Loc Oracle-apex