When I am using a PDO prepared statement, and use it to plug in a table name to the query it fails, a quick example:
$stmt = $dbh->prepare("CREATE TABLE ? (id foo, int bar,...)");
$stmt->execute(Array('table_foobar'));
All it does is replaces ?
with 'table_foobar'
, the single quotes don't allow creation of the table for me!
I end up needing to do a sprintf
on TOP of the prepared statement to add in a predefined table name.
What on earth am I missing here?