I’m building simple query builder, and I have two questions: Is it possible to

Question

0

Editorial Team

Asked: June 12, 20262026-06-12T13:54:46+00:00 2026-06-12T13:54:46+00:00

I’m building simple query builder, and I have two questions: Is it possible to

0

I’m building simple query builder, and I have two questions:

Is it possible to secure mysql queries with normal functions to the similar level as it is done using ->execute(array(':param:' => ... ?
Is it possible to use many variables in one query, give them the same names (the ones after the semicolon), and then bind them one by one?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-12T13:54:47+00:00

If I understand you correctly, you would like to know if it possible to replicate the functionality of bindParam with the standard mysql_* functions?

Short answer is no. Please do not use the mysql functions at all, use mysqli or PDO as these provide you with the true security when it comes to prepared statements. They can also provide much better query performance as the SQL is able to be pre-optimised for the database.
You will have to define each parameter separately (even if it is the same value). You could also pass a simple array to the execute() method call, but you do not then have the option to explicitly define the parameter types.

Within your function use some thing like this:

$name = "fred";
$statement = $pdo->prepare("SELECT id FROM contacts WHERE first_name = ? OR last_name = ?");
for ($x = 1; $x <= 2; $x++) {
  $statement->bindParam($x, $name, PDO::PARAM_STR);
}
$statement->execute();

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m building simple query builder, and I have two questions: Is it possible to

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply