Tutorialspoint.dev

Difference between bindParam and bindValue in PHP

PDOStatement::bindParam() Function

The PDOStatement::bindParam() function is an inbuilt function in PHP which is used to bind a parameter to the specified variable name. This function bound the variables, pass their value as input and receive the output value, if any, of their associated parameter marker.

Syntax:

bool PDOStatement::bindParam
( $parameter, $variable, $data_type, $length, $driver_options )

Parameters: This function accepts five parameters as mentioned above and described below:

  • $parameter: It is a parameter identifier which is used to prepare statement using name placeholders. It is the parameter name of the form :name.
  • $variable: This parameter is used to hold the name of variable to bind to the SQL statement parameter.
  • $data_type: It is an explicit data type for the parameter using the PDO::PARAM_* constants.
  • $length: This parameter is used to hold the length of the data type.
  • $driver_options: This parameter hold the operation which needs to perform.

Return Value: This function returns True on success or false on failure.



Program:

<?php  
  
// setup PDO connection
$db = new PDO('mysql:host=localhost;dbname=geeks','root',''); 
  
// Get username
$username = 'geesforgeeks';
     
$stmt = $db->prepare("SELECT * FROM users WHERE user = :username");
  
// Use bindParam function
$stmt->bindParam(':username', $username);
   
 $username = 'g4g';
     
 $stmt->execute();
?>

/div>

Note: The SQL statement will be executed using ‘g4g’ as the username because :username searches for $username upon execution, and the last known value of $username is ‘g4g’.

PDOStatement::bindValue() Function

The PDOStatement::bindValue() function is an inbuilt function in PHP which is used to bind a value to a parameter. This function binds a value to corresponding named or question mark placeholder in the SQL which is used to prepare the statement.

Syntax:

bool PDOStatement::bindValue( $parameter, $value, $data_type )

Parameters: This function accepts three parameters as mentioned above and described below:

  • $parameter: It is a parameter identifier which is used to prepare statement using name placeholders. It is the parameter name of the form :name.
  • $value: This parameter is used to hold the value to bind the parameter.
  • $data_type: It is an explicit data type for the parameter using the PDO::PARAM_* constants.

Return Value: This function returns True on success or False on failure.

Program:

<?php  
  
// setup PDO connection
$db = new PDO('mysql:host=localhost;dbname=geeks','root',''); 
  
// Get username
$username = 'geeksforgeeks';
    
$stmt = $db->prepare("SELECT * FROM users WHERE user = :username");
  
// Use bindValue function
$stmt->bindValue(':username', $username);
  
$username = 'g4g';
    
$stmt->execute();
?>

Note: The SQL statement will be executed using ‘g4g’ as the username because the literal value “geeksforgeeks” has been bound to :username prior to the bindValue() function. Further changes to $username will not be reflected in the prepared statement.

Difference between bindParam() and bindValue():

  1. bindParam():
    1. The bindParam() function binds a parameter to named or question mark placeholder in SQL statement.
    2. The bindParam () function is used to pass variable not value.
  2. bindValue():
    1. The bindValue() function binds a value to named or question mark in SQL statement.
    2. The bindValue() function is used to pass both value and variable.


This article is attributed to GeeksforGeeks.org

You Might Also Like

leave a comment

code

0 Comments

load comments

Subscribe to Our Newsletter