Paul Jones, in a post over his blog talks about the new PDO behavior in PHP 5.2.1. He demonstrates the following code, which prior to PHP 5.2.1 could be performed in PDO. The code is as follows:
<?php
// assume $pdo is PDO connection
$sql = "SELECT * FROM some_table
WHERE col1 = :foo
OR col2 = :foo
OR col3 = :foo";
$sth = $pdo->prepare($sql);
$sth->bindValue('foo', 'bar');
$sth->execute();
?>
With the help of this above code, PDO would bind the value ‘bar’ to every ‘:foo’ placeholder in the statement.
He says, sadly, this is no longer the case in PHP 5.2.1. For valid reasons of security and stability in memory handling, the above behavior is no longer supported. So, you cannot bind a single parameter or value to multiple identical placeholders in a statement. If you try it, PDO will throw an exception or raise an error, and will not execute the query. In short, you now need to match the number of bound parameters or values with the number of placeholders, Paul explains.
Though there are exceptions, he says as in most cases, it’s not a problem. However, in Solar, he says, you can build queries piecemeal, so you won’t know in advance how many placeholders there are going to be in the final query. Also, it’s often convenient to throw an array of data against a statement with placeholders, and only bind to the placeholders that have elements in the data array. However, he says that this too is no longer allowed in PDO under PHP 5.2.1, because the number of bound values might not match the number of placeholders.
He says, as a result, the newest Solar_Sql_Adapter::query() method includes some code to examine the statement and try to extract the named placeholders that PDO expects to see. So, given the above example statement, PDO will expect placeholders for :foo, :foo2, and :foo3.
He gives a code which can bind one ‘foo’ value to many identical ‘:foo’ placeholders. But on a cautious note he says, not to try doing this with bound parameters, or you are likely to run into memory problems.
|
