I'm trying to convert a mysql_query statement that had the following in it to PDO:
$string = '2, 3, 4, 5, 7, 8';
mysql_query(" ... IN($string) ...");
This works fine with the mysql_query statement, but it will not work with PDO prepare and execute (no results are returned).
What am I missing here?
If the query sql works fine with mysql_query, then it will work fine with pdo.
What will not work is if you bind the whole string with just one placeholder. You need to bind for each values for the IN clause.
Example:
$string = '2, 3, 4, 5, 7, 8';
$params = explode(', ', $string);
$sth = $pdo->prepare(' ... IN('.join(',', array_fill(0, count($params), '?')).') ...');
$ret = $sth->execute($params);
"You cannot bind multiple values to a single named parameter in, for example, the IN() clause of an SQL statement."
http://php.net/manual/en/pdo.prepare.php
That goes against the whole purpose of prepared statements.
Please refer to either PDO binding values for MySQL IN statement or Can I bind an array to an IN() condition?.
I think that is a solution you are looking for since you cannot bind multiple values to a single named parameter in.