user478280
Reputation:
PDO : Select using a prepared statement returns column name
I am trying to use a prepared statement where the column is prepared
i.e.
SELECT ? FROM users
Now this normally works if I put
SELECT id FROM users
But doing the first statement, the value is the column name.
id = id
0 = 0
What am I doing wrong, or is this possible?
Upvotes: 3
Views: 1046
Answers (2)
Jonatan Cloutier
Reputation: 929
A prepared statement can only replace value in the statement not field nor column name, this is because prepared statement are kind of precompiled and optimized in function of the whole statement except the value.
so this is possible:
SELECT id FROM users WHERE name=?
but not this:
SELECT ? FROM users WHERE name='john'
SELECT id FROM ? WHERE name='john'
SELECT id FROM users WHERE ?='john'
Upvotes: 5
Galen
Reputation: 30170
No you can't bind column names or table names.
Here's more info Escaping column names in PDO statements
Upvotes: 6
Related Questions
- PDO Prepared statement returns nothing even tho MySQL Statement does
- SELECT Query doesn't work MySQL
- PDO select prepared statement does not work
- PHP and PDO prepared statments - Column not found
- pdo prepared statements do not work, but an ordinary query does. What am I missing?
- PDO prepared SELECT statement isn't working
- Why is this prepared PHP PDO statement not working when the query() is?
- PDO prepared query returns nothing
- PDO - Prepared statement doesn't handle variable right
- PDO prepared statement not returning expected results