Hello. Using latest php in order to create a function that adds a row to table user.
class targil_db {
private $_pdo;
public function __construct() {
// username: root password: <blank> database: targil
$this->_pdo = new PDO(
'mysql:host=127.0.0.1;dbname=targil',
'root',
''
);
}
function addUser($username, $password) {
$md5password = md5($password);
$sql = <<<SQL
"INSERT INTO user (username,password) VALUES (:username,:password)"
SQL;
$stmt = $this->_pdo->prepare($sql);
$stmt->bindValue(':username', $username,PDO::PARAM_STR);
$stmt->bindValue(':password', $password,PDO::PARAM_STR);
$stmt->execute();
}
}
when i execute the addUser function, this is the query that i see executed on the mysql log file:
INSERT INTO user (username,password) VALUES (:username,:password)
as you can see it did not replace the :varname into the proper value. what am i missing ?
I tried both bindValue and bindParam but i got the same results.
thanks
update
even when i change :username
and :password
to ?,?
and i use
bindValue(1,$username)
and bindValue(2,$password)
i get the same results.
the query that get executed actually still has ?,?
in it instead of the actual variables.