0
I’m having a question using the pdo in the php, there is some practical difference in implementation using these two approaches?
$db = new PDO("ok");
$sql = "INSERT INTO tabela (campo1, campo2) VALUES (:campo1, :campo2)";
$stmt = $pdo->prepare($sql);
$stmt->bindParam(':campo1', "campo1", PDO::PARAM_STR);
$stmt->bindParam(':campo2', "campo2", PDO::PARAM_STR);
$stmt->execute();
$sql = "INSERT INTO tabela (campo1, campo2) VALUES (?, ?)"
$stmt = $db->prepare($sql);
$stmt ->execute(array("campo1","campo2");
I’ve always seen tutorials and examples using both approaches, but I never really knew what the difference was....
And there is still the parameter passage using the bindValue.
Are any of them safer? What influence? Performance? Or are there any more recommended?
What’s the difference between bindValue and an array executed directly in $Pdo->execute
– rray
Right, but there’s a difference between using
?or:?– MarceloBoni
No, you can use anyone as long as you don’t mix them.
– rray
Yes, although the answer still leaves me a little uneasy rs, there is no practical difference, but the embroidery is quite different, so what is there for?
– MarceloBoni
Because it is not practical to have dozens of calls from
bindValue/Param()pass an array toexecute()is simpler but see that there is a case where it does not work.– rray
And what would that be? Can you give an example?
– MarceloBoni
That case => SQL LIMIT parameterized in PHP with PDO
– rray