A Possible Bug with PDO's bindParam, bindValue and foreach

Question

I have been getting an error with this code.

$Database = new Database('localhost','root','password','Db');    

$Statement = $Database->prepare("INSERT INTO User VALUES(:ID,:FirstName,:MiddleName:LastName,:RegisteredDate")

$Array_Bind = array(
'ID'=>$ID,
'FirstName'=>$FirstName,
'MIddeName'=>$MiddleName,
'LastName'=>$LastName
'RegisteredDate'=>$Date
)

foreach($Array_Bind AS $Key=>$value){
$Statement->bindParam(':' .$Key, $value)

}

if($Statement->execute()){
echo 'Successfully inserted into the database';


}else{
echo 'could not insert into database';
};

The following have been noted IF the $ID (PrimaryKey) is NOT by DEFAULT an AUTO-INCREMENTING value in the MySQL Database.

ALL Fields except DATETIME Fields gets the value of the last element in the array when inserted into the database. i.e.

ID = $LastName FirstName = $LastName MiddleName = $LastName LastName = $LastName RegisteredDate = $RegisteredDate
The same error is outputted when bindValue is used.

So I ended up using

if($Statement->execute($Array_Bind)){
echo 'Successfully inserted into the database';


}else{
echo 'could not insert into database';
};

QUESTIONS

It is recommended to use execute($array_Bind) assuming all data have been sanitize as against using bindParam or bindValue in this scenario?
If Not is there a way to use bindParam or bindValue and arrays?
Is this a bug or wrong coding architecture.

score -1 · Answer 1 · answered Apr 01 '14 at 08:03

-1

I noticed you had a typo in the placeholder name. Don't know if this will sort the problem

$Statement = $Database->prepare("INSERT INTO User VALUES(:ID,:FirstName,:MiddleName:LastName,:RegisteredDate")

$Array_Bind = array(
'ID'=>$ID,
'FirstName'=>$FirstName,
'MIddeName'=>$MiddleName,
'LastName'=>$LastName
'RegisteredDate'=>$Date
)

You use a placeholder MIddeName but in your query you use MiddleName

Change this

'MIddeName'=>$MiddleName,

to this

'MiddleName'=>$MiddleName,

answered Apr 01 '14 at 08:03

AdRock

2,959
10
66
106

He's problem is far from that typo – Your Common Sense Apr 01 '14 at 08:06
At least it was a start – AdRock Apr 01 '14 at 08:11
One don't need such a false start when case is clear and already solved. – Your Common Sense Apr 01 '14 at 08:17

score -2 · Answer 2 · answered Mar 31 '14 at 05:09

You need to check your premises. Then double check. Then check documentation.

with bindParam it is not a bug but essential feature.
with bindValue it never happen
of course passing array into execute() is preferred, due to overall sanity and amount of code compared to other methods.

A Possible Bug with PDO's bindParam, bindValue and foreach

2 Answers2