Description:
------------
As explained in http://php.net/manual/en/pdo.prepare.php, "You cannot use both named and question mark parameter markers within the same SQL statement; pick one or the other parameter style."

Indeed, this can become a "style" issue for complex queries built by several functions, somewhat forcing applications to choose one or the other.

I believe named parameter markers are generally better, providing better clarity, but they are sometimes inferior to question mark parameter markers. Consider the broken test script (2 columns are named "name"). The filterType() function here could easily make itself clever enough to workaround keeping only named markers, but it would be simpler to use a mix of both Oracle-style (named) and MySQL-style (question mark) parameters:

function filterType($name, &$parameters) {
    $parameters[] = $name;
    return '(type=(SELECT id FROM types WHERE name= ?))';
}


Question mark parameter markers have their issues (order matters), and named markers have their different issues (unicity requirement). The more complex query generation gets, the more complex using only one parameter style becomes. Therefore, I believe both styles should be allowed in the same query.


Until this is implemented, I suggest putting the quote from the manual above in a warning box.

Test script:
---------------
<?php
function filterType($name, &$parameters) {
    $parameters[':name'] = $name;
    return '(type=(SELECT id FROM types WHERE name= :name))';
}

$parameters = array(':name' => 'salsa');
$sql = 'SELECT colour, calories
    FROM fruit
    WHERE name = :name';
$sql .= ' AND ' . filterType('sauce', $parameters); // Make sure we don't select something called "salsa" which is not sauce.
$sth = $dbh->prepare($sql);
$sth->execute($parameters);
$sth->fetchAll();
?>