PHP PDO and bindParam()

Question

I feel like I'm missing something.

I'm attempting to use the : delimiter with bindParam and am coming up unsuccessful.

PHP:

$te = 'test';
$tesql = "select charname from characters where username = :user;";
$stmt = $db->prepare($tesql);
$stmt->bindParam(':user',$te,PDO::PARAM_STR,100);
$stmt->execute();
echo $stmt->queryString;

the queryString shows:

select charname from characters where username = :user;

How can I get $te to show in place of :user

Answer 1

You don't get $te to show in place of :user. When using prepared statements, first the statement gets sent to the server with the placeholders (converted to question marks for MySQL since it doesn't natively support named placeholders) and then you send the data to the server separately when you do execute(). That's how they work. If you want the actual values instead of the placeholders, you will need to enable MySQL logging and check the server logs, however you will only see an actual SQL statement if PDO emulated queries are enabled.