$sql = "SELECT * FROM users WHERE name = :username"; $stmt = $pdo->prepare($sql); $stmt->bindValue(':username', 'John Doe'); $stmt->execute();
$sql = "SELECT * FROM users WHERE id = ?"; $stmt = $pdo->prepare($sql); $stmt->bindValue(1, 123); $stmt->execute();In this example, we are preparing an SQL statement that selects all rows from a table where the id column matches a question mark placeholder. We then bind the value 123 to the first placeholder using the bindValue method, which ensures that the value is properly sanitized for use in the SQL statement. Finally, we execute the statement using the execute method. In conclusion, the PDOStatement bindValue method is a useful tool for sanitizing and binding values to SQL statement placeholders in PHP. It is part of the PDO library, which is a package that provides a consistent interface for accessing databases in PHP.