PHP PDO Query isn't reading bind values

Question

So I'm trying to execute the following sql query:

$stmt = $connect->query("SELECT `FID`,`StorageID`,`DestructionDate` FROM `files` WHERE `DestructionDate` < ':date'");
$stmt->bindValue(":date",$date);
$stmt->execute();

while ($row = $stmt->fetch()) {
$fid = $row['FID'];
echo  $fid . " ";
}

The above code will return all records from files, it simply ignores the WHERE statement at all, and just to be clear, when I run the same statement on phpMyAdmin it runs just fine, in fact I even tried binding the value inside the query itself like this

$stmt = $connect->query("SELECT FID,StorageID,DestructionDate FROM files WHERE DestructionDate < '$date'");

And the query was executed correctly and only gave me the records that satisfy the WHERE condition, so the error is definitely in the bindValue() and execute() lines.

Answer 1

From docs :

PDO::query — Executes an SQL statement, returning a result set as a PDOStatement object

You possibly want PDO::prepare() followed by PDOStatement::execute() . (There's normally no need to painfully bind params one by one.)

Additionally, you have bogus quotes around the placeholder:

':date'

You'll note that as soon as you execute the statement because params won't match.

Answer 2

2 solutions :

First:

$stmt = $connect->prepare("SELECT `FID`,`StorageID`,`DestructionDate` FROM `files` WHERE `DestructionDate` < :date");
$stmt->execute(array('date' => $date);
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);

Second:

$stmt = $connect->prepare("SELECT `FID`,`StorageID`,`DestructionDate` FROM `files` WHERE `DestructionDate` < ?");
$stmt->execute(array($date));
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);

In both cases, you don't need to 'quote' the string to be replaced (:date or ?) because PDO parse the value in the right type corresponding to the column to match.