PHP/PDO: Prepared statements don't work when creating a table?

Question

When I am using a PDO prepared statement, and use it to plug in a table name to the query it fails, a quick example:

$stmt = $dbh->prepare(\"CREATE TABLE          


        

Answer 1

I can find nothing clear in the manual, but looking at the User Contributed Notes, the use of parameters is intended for actual values only, not table names, field names etc.

Normal string concatenation should (and can) be used.

$tablename = "tablename";
$stmt = $dbh->prepare("CREATE TABLE `$tablename` (id foo, int bar,...)");