PDO driver not working [CLOSED]

[eluser]ci_user[/eluser]
I get this error when trying to do a PDO prepared statement.

Fatal error: Call to undefined method CI_DB_pdo_driver::prepare() in C:\wamp\ci\core\Loader.php(829) : eval()'d code on line 18

Here's the code:

Code:

// create a prepared statement
$sth = $this->db->prepare("SELECT * FROM mytable WHERE ITEMNMBR = :var1 AND PRICELVL = :var2");

// bind parameters and execute query
$sth->bindParam(':var1', $var1, PDO::PARAM_STR);
$sth->bindParam(':var2', $var2, PDO::PARAM_STR);
$sth->execute();

If I change to a select statement it almost works...

Code:

// create a prepared statement
$sth = $this->db->select("* FROM mytable WHERE ITEMNMBR = :var1 AND PRICELVL = :var2");

But then it does not recognize the bindParam:

Fatal error: Call to undefined method CI_DB_pdo_driver::bindParam() in C:\wamp\ci\core\Loader.php(829) : eval()'d code on line 21

Is there something I'm missing? Any help would be really appreciated! Thanks!

[eluser]toopay[/eluser]
PDO driver that bundled within CI, was written in a natural and idiomatic CI query builder style. bindParam is not support by default, because of this. But as long as you intend to do that, to escape the variable(input) within your query string, doing a CI query builder way (an analog way) :

Code:

$query = $this->db->where(array('ITEMNMBR' => $var1, 'PRICELVL' => $var2))->get('mytable');

is generally same, and secure as you did using prepare and bindParam.

If you want to use PDO API's instead, you can do so by accesing conn_id property :

Code:

// create a prepared statement
$sth = $this->db->conn_id->prepare("SELECT * FROM mytable WHERE ITEMNMBR = :var1 AND PRICELVL = :var2");

// bind parameters and execute query
$sth->bindParam(':var1', $var1, PDO::PARAM_STR);
$sth->bindParam(':var2', $var2, PDO::PARAM_STR);
$sth->execute();

[eluser]ci_user[/eluser]
Thanks for your input. I now get:
Fatal error: Call to a member function prepare() on a non-object in C:\wamp\ci\core\Loader.php(829) : eval()'d code on line 18

When using

Code:

$sth = $this->db->conn_id->prepare

Do I need to define conn_id somewhere?

[quote author="toopay" date="1336494043"]PDO driver that bundled within CI, was written in a natural and idiomatic CI query builder style. bindParam is not support by default, because of this. But as long as you intend to do that, to escape the variable(input) within your query string, doing a CI query builder way (an analog way) :

Code:

$query = $this->db->where(array('ITEMNMBR' => $var1, 'PRICELVL' => $var2))->get('mytable');

is generally same, and secure as you did using prepare and bindParam.

If you want to use PDO API's instead, you can do so by accesing conn_id property :

Code:

// create a prepared statement
$sth = $this->db->conn_id->prepare("SELECT * FROM mytable WHERE ITEMNMBR = :var1 AND PRICELVL = :var2");

// bind parameters and execute query
$sth->bindParam(':var1', $var1, PDO::PARAM_STR);
$sth->bindParam(':var2', $var2, PDO::PARAM_STR);
$sth->execute();

[/quote]

[eluser]toopay[/eluser]
If you dump :

Code:

var_dump($this->db->conn_id);

and you did not get

Code:

object(PDO) (0) { }

Then something wrong in your database configuration. Every succesfull database connection(that use PDO as driver), will returning PDO object and assign it into conn_id property within your driver class.

[eluser]ci_user[/eluser]

Code:

var_dump($this->db->conn_id);

gives me:

object(PDO)[14]

[eluser]toopay[/eluser]
So it works then.

Code:

$sth = $this->db->conn_id->prepare("SELECT * FROM mytable WHERE ITEMNMBR = :var1 AND PRICELVL = :var2");

if you dump $sth, you should get PDO_Statement object. Mark [CLOSED] in this thread title, if so.

[eluser]ci_user[/eluser]
Yes! It works! Many thanks to you, Lab Technician.