Without further ado, let’s look at the code directly:
Copy the code The code is as follows:
$dbh = new PDO('mysql:host=localhost;dbname=test', "test");
$query = << INSERT INTO `user` (`username`, `password`) VALUES (:username, :password);
QUERY;
$statement = $dbh->prepare($query);
$bind_params = array(':username' => "laruence", ':password' => "weibo");
foreach( $bind_params as $key => $value ){
$statement->bindParam($key, $ value);
}
$statement->execute();
Excuse me, what is the SQL statement that is finally executed, and is there any problem with the above code?
Okey , I think most students will think that the final executed SQL is:
INSERT INTO `user` (`username`, `password`) VALUES ("laruence", "weibo");
But, it’s a pity Yes, you are wrong. The final SQL executed is:
INSERT INTO `user` (`username`, `password`) VALUES ("weibo", "weibo");
Isn’t this a big pitfall? What?
This problem comes from a bug report today: #63281
The reason is that the difference between bindParam and bindValue is that bindParam requires the second parameter to be a reference variable.
Let us disassemble the foreach of the above code, which is this foreach:
Copy the code The code is as follows:
< ;?php
foreach( $bind_params as $key => $value ){
$statement->bindParam($key, $value);
}
Equivalent to:
Copy code The code is as follows:
//First loop
$value = $bind_params[":username"];
$statement->bindParam(":username", &$value); //At this time, :username is a reference to the $value variable
//Second loop
$value = $bind_params[":password"]; //oops! $value is overwritten to the value of:password
$statement->bindParam(": password", &$value);
So, when using bindParam, pay special attention to the trap of using it in conjunction with foreach. So what is the correct approach?
1. Do not use foreach , but manually assign the value
Copy code The code is as follows:
$statement->bindParam (":username", $bind_params[":username"]); //$value is a reference variable
$statement->bindParam(":password", $bind_params[":password"]);
2. Use bindValue instead of bindParam, or pass the entire parameter array directly in execute.
3. Use foreach and reference (not recommended)
Copy the code The code is as follows:
foreach( $bind_params as $key => &$value ) { //Pay attention here
$ statement->bindParam($key, $value);
}
Finally, to elaborate, for functions that require parameters to be references and have lag processing, you must use foreach time, be cautious!
http://www.bkjia.com/PHPjc/825167.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/825167.htmlTechArticleWithout further ado, let’s look at the code directly: Copy the code as follows: ?php $dbh = new PDO('mysql :host=localhost;dbname=test', "test"); $query = QUERY INSERT INTO `user` (`username`, `passwor...
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
