I’m reading sitepoint’s PHP anthology book and they’re discussing PDO. At one point they discuss the prepare and execute methods. Here’s the code:
<?php
// make the DSN
$dsn = 'mysql:host=localhost;dbname=world;';
$user = 'user';
$password = 'secret';
$country = 'USA';
// try to make the connection to the database
try
{
$dbh = new PDO($dsn, $user, $password);
$sql = 'Select * from city where CountryCode =:country';
$dbh->setAttribute(PDO::ATTR_ERRMODE,
PDO::ERRMODE_EXCEPTION);
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':country', $country, PDO::PARAM_STR);
$stmt->execute();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
print $row['Name'] . "\ ";
print $row['CountryCode'] . "\ ";
print $row['Population'] . "\
";
}
}
// if there is a problem we can handle it here
catch (PDOException $e)
{
echo 'PDO Exception Caught. ';
echo 'Error with the database: <br />';
echo 'SQL Query: ', $sql;
echo 'Error: ' . $e->getMessage();
}
?>
Most of it makes sense however there are two lines I don’t quite get.
$sql = 'Select * from city where CountryCode =:country';
and
$stmt->bindParam(':country', $country, PDO::PARAM_STR);
In both of these lines the variable “country” is prefixed with a colon, for example “:country”. What does the colon represent and how does it affect the statement?
Thanks!