designosis
Reputation: 5263
Does PDO demand parameters in all SELECT WHERE queries?
I'm doing the most basic of queries ...
SELECT `id` FROM `members` WHERE `group` = 'admin';
Running the above query generates Error: Invalid parameter number: number of bound variables does not match number of tokens.
There's no need for prepared statements because there are no variables, therefore no possibility of injection.
Is this just the nature of PDO, that any query containing WHERE must be bound?
Here's my actual query:
$sql = "SELECT `id` FROM `members` WHERE `group` = 'admin';"
foreach ($conn->query($sql) as $row) { ... }
Upvotes: 0
Views: 79
Answers (1)
WouterH
Reputation: 1356
This error is generated when you pass an array to execute that has a different amount of elements than the amount of question marks you have in your query. Zero parameters is possible, but you will also have to pass an empty array.
Upvotes: 3
Related Questions
- WHERE clause confusion with PDO
- MySQLl one or multiple parameters in where clause
- PDO MySQL prepared statement with optional where statements
- Optionally make use of bound parameters in PDO query?
- PHP PDO prepared statements for where clause
- PDO in PHP - What parameters can I bind outside of the query or not
- Are parameterized queries in PDO necessary for request variables?
- Using PDO to select when param columns are unknown/variable
- PHP PDO parameterised query for MySQL
- The way PDO parametrized query works