PHP prepared statement not working

Question

<?php
    $current = 0;
    $results = 5;
    $statement = $db->prepare("SELECT title, id FROM mytable LIMIT ?, ?");
    $statement->execute(array($current, $results));
?>

var_dump($statement);
=> public 'queryString' => string 'SELECT title, id FROM mytable LIMIT ?, ?' (length=39)

Can anyone help me find why this isn't working?

the questionmarks are not replaced by $current and $results and therefore the query returns false — Adonis K. Kakoulidis, Jun 02 '12 at 15:04
@RepWhoringPeeHaa - thanks. Totally missed the tag. And as always, learned something. Thanks! — random_user_name, Jun 02 '12 at 15:13

Madara's Ghost · Accepted Answer · 2012-06-02T15:13:28.857

2

You need to bind those parameters as integers, and not as strings (default). Binding parameters as strings adds quotes around them automatically.

$statement->bindParam(":current", $current, PDO::PARAM_INT)

This example uses named placeholders. I recommend you used it regardless.

edited Jun 02 '12 at 15:13

answered Jun 02 '12 at 15:08

Madara's Ghost

172,118
50
264
308

score 1 · Answer 2 · edited May 23 '17 at 11:49

letting you see a string with the placeholders replaced by the supplied values isn't a feature that pdo offers. It will however, properly execute the prepared statement with your values.

For pdos mysql driver, there's a peculiarity when binding values for part of the limit clause, if using execute() on an array of values. See How can I pass an array of PDO parameters yet still specify their types?

PHP prepared statement not working

2 Answers2