Say, a code like this ) placeholders, the latter always begins from a colon and can be written using letters, digits and underscores only.
Also note that no quotes have to be ever used around placeholders.
Also note that despite a widespread delusion, no " it has no side effects to deal with.
Having a query with placeholders, you have to prepare it, using the As you can see, for the positional placeholders, you have to supply a regular array with values, while for the named placeholders, it has to be an associative array, where keys have to match the placeholder names in the query.
You cannot mix positional and named placeholders in the same query.
So, for every query you run, if at least one variable is going to be used, you have to substitute it with a placeholder, then prepare your query, and then execute it, passing variables separately. In most cases, you need only two functions - prepare() and execute().
First of all, you have to alter your query, adding placeholders in place of variables.
Very handy when we are selecting only one field: That's most interesting function, with most astonishing features.