Fetching data from MySQL db with PDO PHP

Asked May 17 '18 at 20:07

Active May 17 '18 at 20:12

Viewed 41 times

<?php

error_reporting(E_ALL);
ini_set('display_errors', 1);

include_once("set.php");

function fetchinfo($rowname, $tablename, $key, $val, $db)
{

    $stmt = $db->prepare('SELECT ? FROM ? WHERE ? = ?');

    $stmt->execute([$rowname, $tablename, $key, $val]);

    $row = $stmt->fetch();
   
    return $row[$rowname];
}

echo fetchinfo("name","users","steamid","76561198159854902", $pdo);

?>

OUTPUT:

set.php is running

Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? WHERE ? = ?' at line 1 in C:\xampp\htdocs\index.php:11 Stack trace: #0 C:\xampp\htdocs\index.php(11): PDO->prepare('SELECT ? FROM ?...') #1 C:\xampp\htdocs\index.php(20): fetchinfo('name', 'users', 'steamid', '765611981598549...', Object(PDO)) #2 {main} thrown in C:\xampp\htdocs\index.php on line 11

edited Jun 20 '20 at 09:12

Community

asked May 17 '18 at 20:07

1

You can't pass identifiers as parameters, only values. – Don't Panic May 17 '18 at 20:10
Table names and Columns can't be passed as arguments to prepared statements. However, you can pre-process these values with some custom function. And then can concatenate these values as strings while preparing the statement. – nandal May 17 '18 at 20:16

Fetching data from MySQL db with PDO PHP

0 Answers0