// \PDO::ATTR_PERSISTENT disables persistent connections, w
hich can cause concurrency issues in certain cases. See "Gotchas".
// \PDO::MYSQL_ATTR_INIT_COMMAND alerts the connection
that we'll be passing UTF-8 data.
// This may not be required depending on your configuration, bu
t it'll save you headaches down the road
// if you're trying to store Unicode strings in your database. See
"Gotchas".
$link = new \PDO( 'mysql:host=your-hostname;dbname=your-
db',
'your-username',
'your-password',
array(
\PDO::ATTR_ERRMODE => \PDO::ERRMODE_EX
CEPTION,
\PDO::ATTR_PERSISTENT => false,
\PDO::MYSQL_ATTR_INIT_COMMAND => 'set n
ames utf8mb4'
)
);
$handle = $link->prepare('select Username from Users where Us
erId = ? or Username = ? limit ?');
// PHP bug: if you don't specify PDO::PARAM_INT, PDO may en
close the argument in quotes.
// This can mess up some MySQL queries that don't expect inte
gers to be quoted.
// See: https://bugs.php.net/bug.php?id=44639
// If you're not sure whether the value you're passing is an integ
er, use the is_int() function.
$handle->bindValue(1, 100, PDO::PARAM_INT);
$handle->bindValue(2, 'Bilbo Baggins');
$handle->bindValue(3, 5, PDO::PARAM_INT);
$handle->execute();