How define the variable type in PDOStatement::bindValue()?

后端 未结 3 710
甜味超标
甜味超标 2021-02-08 19:36

The PDOStatement::bindValue() method offers a way to specify the type of the variable bound:

PDOStatement::bindValue ( $parameter , $value [, $da

相关标签:
3条回答
  • 2021-02-08 20:10

    The data type parameter to PDOStatement::bindValue() isn't terribly useful. Essentially:

    • If you tell it PDO::PARAM_STR, it converts your value into a string.
    • If you tell it PDO::PARAM_INT and you pass a boolean, it converts it into a long.
    • If you tell it PDO::PARAM_BOOL and you pass it a long, it converts it into a boolean.

    Nothing else seems to be converted. See here for a quick look at the source code and a little better explanation. Perhaps most importantly, PDO will not throw an exception or produce an error if you pass data with a type that doesn't match the data type you passed.

    0 讨论(0)
  • 2021-02-08 20:22

    I'm no PDO-expert, but I can think of a few scenarioes where the data_type parameter is both useful and even needed.

    Output parameters

    When you define output or input/output parameters, you must provide both type and length of the expected output parameter.

    Ref: http://www.php.net/manual/en/pdo.prepared-statements.php

    Example #4

    $stmt = $dbh->prepare("CALL sp_returns_string(?)");
    $stmt->bindParam(1, $return_value, PDO::PARAM_STR, 4000); 
    

    Example #5

    $stmt = $dbh->prepare("CALL sp_takes_string_returns_string(?)");
    $value = 'hello';
    $stmt->bindParam(1, $value, PDO::PARAM_STR|PDO::PARAM_INPUT_OUTPUT, 4000); 
    

    DBMs without implicit casting

    Explained in another answer to this question...

    When parameter is not bound to castable data

    Even databases with casting abilities will not always be able to cast you variable correctly.

    Ref: Reasons to strongly type parameters in PDO?

    $limit = 1;
    
    $dbh->prepare("SELECT * FROM items LIMIT :limit");
    $dbh->bindParam(":limit", $limit, PDO::PARAM_STR); 
    // Will throw "You have an error in your SQL syntax..."
    
    0 讨论(0)
  • 2021-02-08 20:33

    That's mainly for interacting with databases that require correct typing. For example, if you enable strict mode in MySQL, you will get errors (failed queries) instead of warnings when there are type mismatches.

    By default, MySQL does its best to convert data properly. But if you have ever seen 0000-00-00 in a date field, that is very likely the result of mysql trying to convert a string to a date and failing. In strict mode, the query would fail instead of trying to convert and using whatever the result is.

    0 讨论(0)
提交回复
热议问题