PDO Selecting with named parameter (Not possible?)

Asked Oct 01 '12 at 22:48

Active Oct 01 '12 at 22:48

Viewed 39 times

Possible Duplicate:
Can PHP PDO Statements accept the table name as parameter?

Can you use a named parameter in the SELECT portion of a query?

Example:

$stmt = $conn->prepare('SELECT Available, UserFileName, NameOnServer, :levelid FROM productpage WHERE productID = :prodid');
$stmt->execute(array('levelid'=> $LevelCheck, 'prodid'=> $ProductID));

In the code above, "levelid" does not seem to work ($LevelCheck is defined above the included code)

If I replace the named parameter with an actual column name, it works fine.

If this isn't possible, I was wondering if anyone might have a suggestion for me? There are different columns and the user specifies which column to search.

Thank You for taking the time to look at this!

edited May 23 '17 at 11:56

Community

asked Oct 01 '12 at 22:48

jwynn

1

No you cannot. Only values can be replaced by bound parameters. best you can do (and probably should do) is make a whitelist and do it with a "normal" variable. – PeeHaa Oct 01 '12 at 22:49
Not an exact duplicate but the same answer applies, so follow the link... – fd8s0 Oct 01 '12 at 23:41

PDO Selecting with named parameter (Not possible?)

0 Answers0