string – Postgres/PHP PDO::PDOStatement->bindParam() to character(1) field – Education Career Blog

I have code similar to the following:

$data'someField' = (isset($_POST'someField')) ? 'Y' : 'N';
$stmt = $db->prepare("INSERT INTO public.someTable (someField) VALUES (':someField');");
$stmt->bindParam(':someField', ($data'someField'), PDO::PARAM_STR, 1);
$db->beginTransaction();
$stmt->execute();
$db->commit();

The field is a character(1) that contains either a Y or N (I’d rather use a bool/int(1), but I can’t change that unfortunately). As you can see, this takes the POST data from an HTML form and set Y or N based on a checkbox. The variable looks properly set when I echo it. The query works if I manually put a ‘Y’ or ‘N’ into the statement, but when using bindParam() I get the following error:

SQLSTATE22001: String data, right truncated: 7 ERROR: value too long for type character(1)

The really odd thing is even if I do something like this:

$stmt->bindParam(':someField', substr($data'someField', -1), PDO::PARAM_STR, 1);

I still get the error. From the user comments on the function page at php.net:

Steve M 19-Nov-2009 07:28 Note that
when using PDOStatement::bindParam an
integer is changed to a string value
upon PDOStatement::execute(). (Tested
with MySQL).

There is no further mention of this, or anything on how to get around it. I am assuming that this the root of the problem. I have also tried using bindValue() with no change.

,

Found the answer for this problem here: String encoding problem on PdoStatement->bindParam()?

Basically PDO will automatically escape the parameter for you, so when I made my query:

"INSERT INTO public.someTable (someField) VALUES (':someField');"

Once PDO was done with it it ended up looking like this:

"INSERT INTO public.someTable (someField) VALUES (''Y'');"

Correct use of the prepare() function is:

$stmt = $db->prepare("INSERT INTO public.someTable (someField) VALUES (:someField);");

Leave a Comment