Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

PHP PDO Binded variables empty?

  • 22-02-2017 5:17pm
    #1
    Closed Accounts Posts: 1,758 ✭✭✭


    I'm trying to insert some values into a table and for some reason when binding my named parameters all I get are empty strings.

    [PHP]
    $conn = 'mysql:host=' . $hn . ';dbname=' . $db . '';
    $user = $un;
    $pass = $pw;

    $PDO = new PDO($conn, $user, $pass);
    $PDO->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );

    $STH = $PDO->prepare("INSERT INTO table (reason_id, account_no, amount, created_at, company_id, user_id)
    VALUES (':reason', ':accref', ':amount', ':date', ':company', ':user')");

    $company = sanitizeString($_POST);
    $reason = sanitizeString($_POST);
    $accref = sanitizeString($_POST);
    $amount = sanitizeString(number_format(round($_POST, 2), 2, '.', ''));
    $date = sanitizeString(date('Y-m-d H:i:s'));
    $user = sanitizeString($_SESSION);

    $STH->bindValue(':reason', $reason, PDO::PARAM_INT);
    $STH->bindValue(':accref', $accref, PDO::PARAM_STR);
    $STH->bindValue(':amount', $amount, PDO::PARAM_STR);
    $STH->bindValue(':date', $date, PDO::PARAM_STR);
    $STH->bindValue(':company', $company, PDO::PARAM_INT);
    $STH->bindValue(':user', $user, PDO::PARAM_INT);
    $result = $STH->execute();

    if ($result) {
    echo 1;
    }[/PHP]

    In the case of :accref, the string ":accref" is inserted into the table.

    I just echo the sanitized variables I can see that they are there!

    Anyone any ideas?

    Thanks.


Comments

  • Closed Accounts Posts: 1,758 ✭✭✭Pelvis


    Never mind. I am an idiot. :)

    Spoiler
    remove single quotes from query


Advertisement