Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Using named parameters

From: Accessing Databases with Object-Oriented PHP

Video: Using named parameters

{QTtext}{width:960}{textColor:65280,65280,65280}{justify:center}{timescale:1000}{backColor:0,0,0}{plain}{font:Verdana}{size:20} PDO has the option of using either And the next argument is the value that you want to pass to it. Then concatenate to that the value that comes from the form through the GET array. It contains a search form with a text Then finally the, other wild card character.

Using named parameters

PDO has the option of using either named or anonymous parameters in prepared statements.

And the next argument is the value that you want to pass to it. We'll begin by looking at named parameters and how to bind values to them. So we need the wild card caret, the percentage sign as a string. This is pdo_named.php, which you can find in the Chapter 3 03_02 folder of the exercise files. Let's take a quick look at this page in a browser. Then concatenate to that the value that comes from the form through the GET array. It contains a search form with a text input field two select menus and a submit button. At the moment, the PHP script ignores the values in the form fields. And that form field is called make. So if I change these select menus, say to 2005. And to 10,000. Leave the make field blank. Then finally the, other wild card character. And click Search. Instead of getting the results that I want, the page displays a complete set of results from the cars and makes tables in the OOPHP database. The values coming from yearmade and price don't need to be changed. We need to embed the values submitted by the form into the SQL. And we'll do that using a prepared statement. So let's go back to the editing program. And the search criteria need to be added to the SQL as a WHERE clause. So, we can use the variables that come from the GET array. So we'll put the WHERE clause on a new line after line seven. And the first value we're looking for is make. That means we can use bindParam. We'll use the LIKE operator, and then a named parameter. Named parameters begin with a colon. So I'll call it make. So on the next line. You don't need to use the same name as Again, the statement object. the column, but very often it's helpful to do so. This time the bindParam method. Then an AND clause. Next one we want is yearmade. And the first argument, is the same as before. And that needs to be greater than or equal to. It's the same structure. We use the named parameter. And then a named parameter. So, this will be yearmade. So colon yearmade. Price, needs to be less than or equal to. And again, a named parameter beginning with a colon, price. And the next argument is the value that we want to assign to it. The original script used the query method to submit the query and store the result as result. This time we're going to be using a prepared statement, so we need to get rid of that line ten and replace it with the preparation of our prepared statement. So this comes from the GET array, and that is yearmade. We call this statement stmt, and then we use the database connection object. And call its prepare method. And we pass it the SQL. So at this stage it's very similar to using query. Now yearmade is an integer so we can pass a third argument, a PDO But, we need to bind the values to our named parameters. The first parameter is make, and that's using the LIKE operator. That means we're going to need to add percentage wildcard characters before and after the value of make that's passed in from the form, through the GET array. constant, to say that we want it to be submitted as an integer, so. As a result, we need to use bind value, rather than bindParam. So on the next line, we'll use the statement object, and we'll call its bind value method. The first argument to bind value is a string. All in caps, PDO. And that's the named parameter. So it begins with a colon make. Then a double colon and PARAM_INT. That says, we're submitting this as an integer. Price is almost exactly the same, so we'll just duplicate that line and then, we change the named parameter to colon price. And the value from the GET array to price. Now we need to execute the statement. That's simply done. The statement object, and you call it execute method. The original script here on line 15 used the error info method on the database object to get any error messages. This time we need to use it on the statement object, so change db on that line to stmt, the statement object. And this works in exactly the same way as in the previous chapter. The error info method returns an array, which if there is a problem, has the error message as the third element. So if there is the third element in the error info array, then we will know that there is an error. If there's no third element, then we know that everything has gone fine. The result set is now stored in the statement object, but the table must be displayed only if the result set contains any records. Some databases like MySQL report the number of rows returned by a select query. But that won't work with all databases. So to create portable code, we need to fetch the first row to see if there is one. And we need to do that much further down in the page, so let's scroll down. This is the form and there on line 62 is a conditional statement that checks whether the form has been submitted. We need to add our code inside this conditional statement. So if we add a couple of lines in there, then on line 63, we can use the fetch method on the statement object to get the first row. So we'll store that as row. And our statement object, and fetch. So this will get the first row from the results set. If there is one. But if there are no results, row will be false. So if there's nothing to display, we can hide the table by wrapping it in another conditional statement. We'll use row as the condition. So if row, if there is a row, then we need to display the table. We need to add the. Closing curly brace right down at the very bottom of the page. It's here on line 84. We need to put that in there. So we've now got our braces balanced correctly. So, here we are getting the first row. If there is a value in that row, it will then, display what goes after line 64 inside this conditional statement. But we can no longer use this while loop, because if we've got the first row here, we need to display the first row before going on to get the rest of the results. So, copy that while clause. Cut it with a clipboard and replace it with do. Then down at the end of that loop, you can paste in the while condition. But at the moment, we're referring to result. We need to change that to statement. So we're getting everything now from the prepared statement. So this conditional statement here will display the table if there are any results. If there are no results, we need to say there aren't any. So we can put an else block down here, and then we just echo no results found. So that's all we need to do. Let's save that page. Go back to the browser. And this time we'll add in some search criteria. Put in ch. And we'll change the year say to, 1980. We'll make the maximum value $20,000. Conduct a search. And now we've got a filtered result. So all the values that have been passed from the form have been passed to the SQL query. And it is used that in the WHERE clause. So let's just recap that. This is how you use a prepared statement with named parameters in PDO. Let's go back up and have a look at the SQL statement. Here is the WHERE clause. The name parameters begin with a colon. You don't need to use the same name as the column, but it makes the query easier to understand if you do so. The parameters are inserted directly into the SQL query. And even when a parameter represents a string, you must not enclose it in quotes. You then pass the SQL to the prepare method to create the statement and bind the values to the parameters using bindParam for variables. And bindValue for expressions such as calculations or strings. And finally, execute using the execute method. And fetch the results directly from the statement object.

Show transcript

This video is part of

Image for Accessing Databases with Object-Oriented PHP
Accessing Databases with Object-Oriented PHP

47 video lessons · 1901 viewers

David Powers
Author

 
Expand all | Collapse all
  1. 13m 33s
    1. Welcome
      1m 4s
    2. What you should know before watching this course
      2m 8s
    3. Using the exercise files
      4m 56s
    4. Setting SQLite permissions
      1m 11s
    5. A quick primer on using PHP objects
      4m 14s
  2. 10m 12s
    1. Overview of PHP database APIs
      4m 5s
    2. Using prepared statements
      4m 24s
    3. Using transactions
      1m 43s
  3. 48m 57s
    1. Creating a database source name
      2m 3s
    2. Connecting to a database with PDO
      7m 27s
    3. Looping directly over a SELECT query
      3m 49s
    4. Fetching a result set
      8m 3s
    5. Finding the number of results from a SELECT query
      7m 14s
    6. Checking if a SELECT query contains results
      3m 32s
    7. Executing simple non-SELECT queries
      6m 2s
    8. Getting error messages
      7m 17s
    9. Using the quote() method to sanitize user input
      3m 30s
  4. 39m 51s
    1. Binding input and output values
      2m 36s
    2. Using named parameters
      9m 51s
    3. Using question marks as anonymous placeholders
      2m 35s
    4. Passing an array of values to the execute() method
      5m 20s
    5. Binding results to variables
      7m 53s
    6. Executing a transaction
      6m 54s
    7. Closing the cursor before running another query
      4m 42s
  5. 21m 20s
    1. Generating an array from a pair of columns
      2m 44s
    2. Setting an existing object's properties with a database result
      4m 42s
    3. Creating an instance of a specific class with a database result
      6m 1s
    4. Reusing a result set
      7m 53s
  6. 38m 14s
    1. Connecting to a database with MySQLi
      5m 57s
    2. Setting the character set
      1m 57s
    3. Submitting a SELECT query and getting the number of results
      4m 4s
    4. Fetching the result
      7m 35s
    5. Rewinding the result for reuse
      3m 20s
    6. Handling non-SELECT queries
      5m 27s
    7. Getting error messages
      5m 47s
    8. Sanitizing user input with real_escape_string()
      4m 7s
  7. 27m 49s
    1. Initializing and preparing a statement
      4m 17s
    2. Binding parameters and executing a prepared statement
      5m 55s
    3. Binding output variables
      5m 6s
    4. Executing a MySQLi transaction
      7m 5s
    5. Dealing with "commands out of sync" in prepared statements
      5m 26s
  8. 24m 7s
    1. Buffered and unbuffered queries
      4m 19s
    2. Using real_query()
      6m 1s
    3. Freeing resources that are no longer needed
      2m 31s
    4. Submitting multiple queries
      6m 41s
    5. Creating an instance of a class from a result set
      4m 35s
  9. 3m 31s
    1. PDO and MySQLi compared
      3m 31s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ.

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed Accessing Databases with Object-Oriented PHP.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferencesfrom the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Are you sure you want to delete this note?

No

Your file was successfully uploaded.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.