Home/ Questions/Q 6820469
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T21:25:42+00:00

I’m not sure if the issue is with the prepare() statement itself or with

  • 0

I’m not sure if the issue is with the prepare() statement itself or with the bindValues, but I cannot figure out why this works as a query() and not as a prepared statement.

$dbh = new PDO("mysql:host=$dbhost", $dbuser, $dbpass, $options);
$dbh->beginTransaction();

$record_data = $dbh->prepare("UPDATE $db.$dbt SET :column = :value WHERE `key` = :key;");

foreach ( $qaPairs as $pair ) {
    list($question , $answer) = explode('=', $pair);

    echo "$key : $question $answer";
    $record_data->bindValue(':column', $question);
    $record_data->bindValue(':value', $answer);
    $record_data->bindValue(':key', $key);
    $record_data->execute();
}
$dbh->commit();

If I replace the $record_data->bindValue…s and the $record_data->execute() with

$dbh->query("UPDATE `$db`.`$dbt` SET `$question`='$answer' WHERE `key`='$key';");

it works.

For troubleshooting, I added the echo statement, and the values printed are just letters and digits and no quoting; also, the database and table names are not quoted/tick’d.

I read in another question that looping causes problems with prepare and bind_. I switched from bindParam to bindValue, but that didn’t seem to help…

EDIT: results of var_dump($key,$question,$answer):
string(17) "m3dc78db1e8368428" string(3) "age" string(2) "23" age 23

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You cannot bind a table field name. As much as you cannot bind a table name. You’ll have to use this code instead:

    $dbh = new PDO("mysql:host=$dbhost", $dbuser, $dbpass, $options);
$dbh->beginTransaction();

foreach ( $qaPairs as $pair ) {
    list($question , $answer) = explode('=', $pair);
    // Initialize $column here… remember to sanitize it!!!
    $record_data = $dbh->prepare("UPDATE $db.$dbt SET $question = :value WHERE `key` = :key;");
    echo "$key : $question $answer";
    $record_data->bindValue(':value', $answer);
    $record_data->bindValue(':key', $key);
    $record_data->execute();
}
$dbh->commit();

    Reference:

    • 0