PDO Statement Error: 42601 syntax error near "$6"

I'm having trouble getting this simple query to execute. I'm using nameless parametized queries and Postgres + PostGIS. The PDO Statements error info is as follows:

Array
(
    [0] => 42601
    [1] => 7
    [2] => ERROR:  syntax error at or near "$6" at character 28
)

Which is a syntax error in PostGreSQL, which makes me feel silly that I cannot find it...

Here is the query in question

$sql = "SELECT ?,?,?,?,? 
        FROM ? 
        WHERE ST_Distance((SELECT the_geom FROM polyon_table WHERE gid = ? ), ?.the_geom) < 0.1";

Then I prepare it... $stmt = $dbh->prepare($sql);. The errorInfo from $dbh gives a code 00000 (success).

The $params is as follows:

array(8) {
  [0]=>
  string(4) "area"
  [1]=>
  string(9) "perimeter"
  [2]=>
  string(6) "lat"
  [3]=>
  string(6) "lon"
  [4]=>
  string(8) "data"
  [5]=>
  string(10) "myTable"
  [6]=>
  int(8)
  [7]=>
  string(10) "myTable"
}

Then I execute and pass it the $params array. $stmt->execute($params) and I print the error code and get this:

Array 
(
  [0] => 42601
  [1] => 7
  [2] => ERROR:  syntax error at or near "$6" at character 28
)

The $stmt->debugDumpParams(); is as follows:

SQL: [112] SELECT ?,?,?,?,? FROM ? WHERE ST_Distance((SELECT the_geom FROM polygon_table开发者_如何转开发 WHERE gid = ? ), ?.the_geom)< 0.1
Params:  8
Key: Position #0:
paramno=0
name=[0] ""
is_param=1
param_type=2
...
// shortened it to save space.... all of them look the same, except 6, which has param type = 1
Key: Position #7:
paramno=7
name=[0] ""
is_param=1
param_type=2

So, after trying a few things (looping and binding the params individually, changing the int(8) in $params to a string, etc). I copied and pasted the sql into the terminal to run the query. I replaced all the variables very carefully and in the exact order of $params and it runs fine.

My conclusion is that the sixth variable(the integer) isn't getting inserted properly. Any ideas why this is happening?

Hopefully, this sort of error isn't a repeat question. I went through 3 pages of questions.

You can use query parameters to substitute for literal values, but not for table names, column names, lists of values, expressions, SQL keywords, etc.

Think of it this way: at prepare time, the SQL parser must know all the syntax your query uses, and also which tables and columns you're using. Otherwise how would it know that those tables and columns exist in your database, or if it should give you an error? It is supposed to give you any errors related to non-existant tables at prepare time, not at execute time.

So when you provide a string "myTable" for your 6th parameter value, it's as if you execute a query:

SELECT ... FROM 'myTable' ...

That is, instead of a table name, it's a quoted string literal. That doesn't make any sense in SQL; it's an error of syntax and semantics.

I'm not entirely sure, but I don't think that you can parametize the table name, I'm not even sure that you can for the columns too, but I haven't tested it.

Also, not sure that ?.column works. I don't think that it just replace the parameters with strings.