Prepared statement mysqli

I'm getting obsessed. I'm working for the first time with prepared statement and I am sure I have read somewhere tha开发者_Python百科t you could prepare a statement like:

$stmt = $db->prepare("INSERT INTO {$table} (:var1, :var2) VALUES (:val1, :val2)");
$stmt->bind_param(':var1', $var1);
$stmt->bind_param(':var2', $var2);
$stmt->bind_param(':val1', $val1);
$stmt->bind_param(':val2', $val2);
$stmt->execute();

Or something like that. I remember that I have read that you could call the vars with a specific name with ':' as prefix. But I really can't find an example of that. I read the php manual and I couldn't find any sample of this thing. Is it right or have I dreamed it?

Faq

If you are wondering why I can't use simply the '?' method:

$stmt = $db->prepare("INSERT INTO {$table} (?, ?, ?, ?, ?, ?) VALUES (?, ?, ?, ?, ?, ?)");

this gets hard to write.

You can't do :var1,:var2,:varX in both the column names list and the VALUES list for one thing. Secondly, PDO accepts named parameter binding.

See PHP Data Objects and examples in PDO::prepare.