Difference between PDO->query() and PDO->exec()
Regardless of whatever theoretical difference, neither PDO::query() nor PDO::exec() should be used anyway. These functions don’t let you bind parameters to the prepared statement and should never be used. Use prepare()/execute() instead, especially for UPDATE,INSERT,DELETE statements. Please note that although prepared statements are widely advertised as a security measure, it is only to attract people’s … Read more