(PHP 5 >= 5.1.0, PHP 7, PHP 8, PECL pdo >= 0.1.0)
PDOStatement::bindParam — Binds a parameter to the specified variable name
$param
,&$var
,$type
= PDO::PARAM_STR,$maxLength
= 0,$driverOptions
= null
Binds a PHP variable to a corresponding named or question mark placeholder in the SQL statement that was used to prepare the statement. Unlike PDOStatement::bindValue(), the variable is bound as a reference and will only be evaluated at the time that PDOStatement::execute() is called.
Most parameters are input parameters, that is, parameters that are used
in a read-only fashion to build up the query (but may nonetheless be cast
according to type
). Some drivers support the
invocation of stored procedures that return data as output parameters,
and some also as input/output parameters that both send in data and are
updated to receive it.
param
Parameter identifier. For a prepared statement using named placeholders, this will be a parameter name of the form :name. For a prepared statement using question mark placeholders, this will be the 1-indexed position of the parameter.
var
Name of the PHP variable to bind to the SQL statement parameter.
type
Explicit data type for the parameter using the PDO::PARAM_*
constants.
To return an INOUT parameter from a stored procedure,
use the bitwise OR operator to set the PDO::PARAM_INPUT_OUTPUT
bits
for the type
parameter.
maxLength
Length of the data type. To indicate that a parameter is an OUT
parameter from a stored procedure, you must explicitly set the
length.
Meaningful only when type
parameter is PDO::PARAM_INPUT_OUTPUT
.
driverOptions
Returns true
on success or false
on failure.
Emits an error with level E_WARNING
if the attribute PDO::ATTR_ERRMODE
is set
to PDO::ERRMODE_WARNING
.
Throws a PDOException if the attribute PDO::ATTR_ERRMODE
is set to PDO::ERRMODE_EXCEPTION
.
Example #1 Execute a prepared statement with named placeholders
<?php
/* Execute a prepared statement by binding PHP variables */
$calories = 150;
$colour = 'red';
$sth = $dbh->prepare('SELECT name, colour, calories
FROM fruit
WHERE calories < :calories AND colour = :colour');
$sth->bindParam('calories', $calories, PDO::PARAM_INT);
/* Names can be prefixed with colons ":" too (optional) */
$sth->bindParam(':colour', $colour, PDO::PARAM_STR);
$sth->execute();
?>
Example #2 Execute a prepared statement with question mark placeholders
<?php
/* Execute a prepared statement by binding PHP variables */
$calories = 150;
$colour = 'red';
$sth = $dbh->prepare('SELECT name, colour, calories
FROM fruit
WHERE calories < ? AND colour = ?');
$sth->bindParam(1, $calories, PDO::PARAM_INT);
$sth->bindParam(2, $colour, PDO::PARAM_STR);
$sth->execute();
?>
Example #3 Call a stored procedure with an INOUT parameter
<?php
/* Call a stored procedure with an INOUT parameter */
$colour = 'red';
$sth = $dbh->prepare('CALL puree_fruit(?)');
$sth->bindParam(1, $colour, PDO::PARAM_STR|PDO::PARAM_INPUT_OUTPUT, 12);
$sth->execute();
print("After pureeing fruit, the colour is: $colour");
?>