PDO prepare statement for inserting array into db issue

Question

I am creating a user registration system using PDO, and am attempting to insert the users form data into a database table. Very simple, however the wrong value is entered into the database. The values entered into the database are :username, :password, :email_address, :city, etc, rather than the value passed to the function from my form. Any idea as to what I am doing wrong? I tried using bindParam and bindValue but had similar results, and based on other posts I concluded that using an array is the best way to do it. help!

    function add_user($username, $password, $email, $fName, $lName, $address, $city, $state, $zip, $phone ) {
global $db;
$sql = "INSERT INTO alumni_user_info 
        (username, password, email_address, first, last, address, city, state, zip_code, phone)
        VALUES
        (':username', ':password', ':email_address', ':first', ':last', ':address', ':city', ':state', ':zip_code', ':phone')";

$sth = $db->prepare($sql);      

$result = $sth -> execute(array(':username' => $username, ':password' => $password, ':email_address' => $email, ':first' => $fName, ':last' => $lName, ':address' => $address, ':city' => $city, ':state' => $state, ':zip_code' => $zip, ':phone' => $phone)); 


if ($sth->execute()) {
$success = "Registration successful";
return $success;

} else {
var_dump($result->errorInfo());
$success = "Registration failed";
return $success;
}

Answer 1

Do not use quotes for parameters. It will be escaped because you're binding parameters already.

$sql = "INSERT INTO alumni_user_info 
    (username, password, email_address, first, last, address, city, state, zip_code, phone)
    VALUES
    (:username, :password, :email_address, :first, :last, :address, :city, :state, :zip_code, :phone)";

If you do something like this ':username' PDO will treat it as string.