I am confuse between these two functions Bindvalue()
and BindParam()
- I read on php.net it does not escape
%
and_
, so be careful when usingLIKE
. So i thinkBindValue()
is not used when we are using LIKE query. - when we using
LIKE
queryBindParam()
is used. Because as i know BindParam can escape these%
and_
. BindValue()
doesn't gives protection against sql injection. I am not sure about this, is it true?
friends tell what i mention in these 3 points is right or wrong. i am beginner in PDO so please explain it clearly ..
See Question&Answers more detail:os