Using PDO to store HTML

Question

Possible Duplicate:
PHP PDO bindParam with html content

I'm using PDO prepared statement to insert/update a new blog article for my web app. Everything is being entered in to the database except the article body, which contains HTML tags from a WYSIWYG editor.

Let' say $content contains <p>This is a test article</p>. It just won't insert using a prepared statement. However, it will insert the data if I don't use the prepared statement.

How can I get around this issue?

Here is my query:

$SQL = "UPDATE blog_articles SET topic_id = :topic_id, title = :title, ";
$SQL .= "title_slug = :title_slug, description = :description, ";
$SQL .= "keywords = :keywords, content = :content WHERE article_id = :article_id;";
$STH = $DBH->prepare($SQL);

// other binds ...
$STH->bindParam(':content', trim($content));
// other binds ..

$STH->execute();

score 4 · Accepted Answer · edited May 23 '17 at 11:55

4

This was answered here: Use

$pdo->bindValue(':html', $html, PDO::PARAM_STR);

instead of

$pdo->bindParam(:html, $html);

edited May 23 '17 at 11:55

Community

1
1

answered Oct 04 '12 at 17:13

Ben D

14,321
3
45
59

Thanks Ben, that worked. Don't really get the bindParam and bindValue differences — better start reading! – ShadowStorm Oct 04 '12 at 17:28
NP. There's a discussion [here](http://stackoverflow.com/questions/1179874/pdo-bindparam-versus-bindvalue) about it, along with links to the documentation. – Ben D Oct 04 '12 at 17:33

Using PDO to store HTML

1 Answers1