Is there a list describing all of the data_type parameters you can use in PDOStatement::bindParam() ? If none, what do you commonly use, and for what type of field ?
According to PHP manual: *data_type* Explicit data type for the parameter using the PDO::PARAM_* constants.
I know about the PDO::PARAM_INT and PDO::PARAM_STR . I've heard of PDO::PARAM_LOB but I wasn't sure how and when to use that, though. (for date ?)
From the documentation here:
PDO::PARAM_BOOL (integer) Represents a boolean data type. PDO::PARAM_NULL (integer) Represents the SQL NULL data type. PDO::PARAM_INT (integer) Represents the SQL INTEGER data type. PDO::PARAM_STR (integer) Represents the SQL CHAR, VARCHAR, or other string data type. PDO::PARAM_LOB (integer) Represents the SQL large object data type. PDO::PARAM_STMT (integer) Represents a recordset type. Not currently supported by any drivers. PDO::PARAM_INPUT_OUTPUT (integer) Specifies that the parameter is an INOUT parameter for a stored procedure. You must bitwise-OR this value with an explicit PDO::PARAM_* data type.
In my experience, the best policy is validate and clean input yourself, and when in doubt, just bind as a string (which is the default in PDO AFAIK).