This is one situation where PDO offers an extra option not offered by mySQLi. Which of these you use determines how the binding works when you use prepare statements.
With bindParam (and the mySQLi equivalent), the variable name is bound to the SQL. This means that whatever is in the variable at the time the command is executed is what will be used as the values for the database call. Using this approach both the prepare and bind statements only need to be set once and the execute can be run multiple times, each time picking up whatever values are held in the variables that have been attached to the SQL via the bind commands.
With bindValue it isn't the variables that are attached to the SQL but the values currently in the variables at the time of running the bind. So if you want to change the value used in the SQL you need to call bht bind again so as to refresh the value.
If you need to do multiple calls where only the values being passed change then the most efficient way of processing is to prepare the SQL and bind the variables that will contain the values to it. Then you need simply execute the call each time the values have been changed.
If you need to capture the vale in a particular variable to use that in every call even if the value in the variable has since changed to something else then you'd use bindValue instead.
This article written by Stephen Chapman, Felgall Pty Ltd.