In PHP with PDO, what characters are we limited to using. I've tried looking in the documentation and online but to no avail.
I did find a post where a user had used a hypen in the name which broke the query. I'm writing a function that dynamically generates these names and since hyphens are no nos, I was wondering if there was a list of alternatives.
<?php
/* Execute a prepared statement by binding PHP variables */
$calories = 150;
$colour = 'red';
$sth = $dbh->prepare('SELECT name, colour, calories
FROM fruit
WHERE calories < :calories AND colour = :colour');
$sth->bindParam(':calories', $calories, PDO::PARAM_INT);
$sth->bindParam(':colour', $colour, PDO::PARAM_STR, 12);
$sth->execute();
?>
So in this example what characters would be allowed in the string ':colour'?
My Answer:
In PHP with PDO, placeholders are typically represented by a question mark (?) in the SQL query. This is the recommended and most commonly used method for placeholders in PDO.
However, if you are looking to use named placeholders (e.g. :name), the characters that are valid for placeholders in PDO are alphanumeric characters and underscores. This means you can use letters (both uppercase and lowercase), numbers, and underscores in your named placeholders.
For example, valid named placeholders could be :first_name, :last_name, :email_address, etc.
It is recommended to stick to these characters when creating named placeholders to avoid any potential issues with the query execution.
Rate this post
4 of 5 based on 7727 votesComments