I'm trying to bind parameters in what I think is the correct way, but I get a 1064 error from MySQL, suggesting that there are too many quotes involved. The written code looks like this:
$db_host = 'localhost';
$db_username = 'root';
$db_password = 'Password123';
$db_database = 'db_test';
$dbh = new PDO("mysql:host=$db_host", $db_username, $db_password);
$stmt = $dbh->prepare("DROP DATABASE :db_database;");
$stmt->bindParam(':db_database', $db_database, PDO::PARAM_STR, 7);
$stmt->execute() or exit(print_r($stmt->errorInfo(), true));
and displays the error message:
Array ( [0] => 42000 [1] => 1064 [2] => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''db_test'' at line 1 )
It worked fine when I inserted the variable $db_database
the wrong way, i.e. directly into the sql syntax. Also, I have checked that magic_quotes are turned off, if that has any impact on it. Right now I'm stuck, because it feels like I have done things correctly (but obviously I haven't). Can anyone see the error?