PHP passing array to PDO bindParam

Question

PDO param:

$cto=new PDO("mysql:host=$servername;dbname=$dbname",$username,$password);

Interacting with data base

$csql=$cto->prepare("INSERT INTO `users`(`username`, `password`, `class`, `is_on`, `time_log`, `IP`)
        VALUES (:name,:pass,:class,0,0,'0')");
        $pr=[
          ':name' => $_POST['username'],
          ":pass" => $_POST['password'],
          ":class" => $_POST["class"],
        ];
        $csql->execute($pr);
        $cto=null;

My question is ,i am currently using array $pr in execute,could i pass this array with using bindParam

$csql->bindParam($pr);
$csql->exec();

Thank you for your time.

Answer 1

You can use bindParam() in single line by this way:

$csql=$cto->prepare("INSERT INTO `users`(`username`, `password`, `class`, `is_on`, `time_log`, `IP`)
VALUES (:name,:pass,:class,0,0,'0')");

//Looping for all values into array...
foreach ($pr as $key => &$val) {
    $csql->bindParam($key, $val);
}
$csql->execute();

Hope this will help you!

Answer 2

Yes you have to do one line per bindParam(), if you want to bind several values as in an array, try it inside the excute()

http://php.net/manual/en/pdostatement.bindparam.php

Answer 3

You can pass all parameters as an array inside the execute().

This works with variable parameter size, not know beforehand, and avoids the loop that can lead to mistakes.

$inputArray : input parameters in array format

//step 1 : create placeholders in format ?,?,?

$placeholders = str_repeat('?,', count($inputArray) - 1) . '?';

//step 2: create query

$query = "  select *
            from table
            where column in ($placeholders)";

//step 3: prepare as usual

$st = $this->db()->prepare($query);

//step 4: send values in the execute

$st->execute($inputArray);

Answer 4

You can also use bindValue, if you don't want to pass by reference with bindParam.

foreach ($pr as $key => &$val) {
    $csql->bindValue($key, $val);
}