problems with mysql pdo query

Question

Is there something wrong with my query?

function needExport($table, $key, $id, $stamp) {
    try {
        $dbW = dbConCC();
        $stmt = $dbW->prepare("SELECT * FROM :table LIMIT 10");
        $params = array(':table' => "tmlaender");
        $stmt->execute($params);
        while ($row = $stmt->fetch()) {
            echo $row;
        }
    }
    catch(PDOException $e) {
        echo json_encode($e->getMessage());
    }
}

I get the follwoing Syntax Error:

"SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''tmlaender' LIMIT 1' at line 1"

Can't find any mistakes in this "simple" query.

Table and Column names cannot be replaced by parameters in PDO. — Masivuye Cokile, Dec 15 '16 at 09:33

score 0 · Accepted Answer · answered Dec 15 '16 at 09:33

0

try this:

function needExport($table, $key, $id, $stamp) {
    try {
        $dbW = dbConCC();
        $stmt = $dbW->prepare("SELECT * FROM `table`");
        $stmt->execute();

        $fetch = $stmt->fetch(PDO::FETCH_OBJ);

        return $fetch;
    }
    catch(PDOException $e) {
        echo "Error: " . $e->getMessage();
    }
}

then when echoing a field from table you'd simply:

$var1 = $var->needExport();

echo $var1->idColumn;

Note:

Binding Params is only used when using a WHERE such as:

public function getId($userid)
{
    $dbW = dbConCC();
    $stmt = $dbW->prepare("SELECT * FROM `users` WHERE `userid` = :uid");
    $stmt->bindParam(':uid', $userid);
    $stmt->execute();
}

answered Dec 15 '16 at 09:33

Option

2,605
2
19
29

My pet hate is - votes with no note as to why someone has decided to - vote it. – Option Dec 15 '16 at 09:38
It looks like table isn't replaced: Base table or view not found: 1146 Table 'ccweb.table' doesn't exist – robert Dec 15 '16 at 09:40
You need to change `table` to your table name – Option Dec 15 '16 at 09:41
Ok, but tbale name comes as variable "$table". But I read that it's not possible to prepare the table name and columns – robert Dec 15 '16 at 09:42
what is your tablename called? tmlaender? – Option Dec 15 '16 at 09:43
for example...I will use the same query for diffrent tables. So I decide to wrap it in this function. – robert Dec 15 '16 at 09:44
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/130677/discussion-between-option-and-robert). – Option Dec 15 '16 at 09:44
My pet hate is an answer that doesn't answer the question asked – Your Common Sense Dec 15 '16 at 10:05

problems with mysql pdo query

1 Answers1