Collections:
PHP MSSQL - Including Text Values in SQL Statements
PHP MSSQL - How To Include Text Values in SQL Statements?
✍: Guest
Text values in SQL statements should be quoted with single quotes ('). If the text value contains a single quote ('), it should be protected by replacing it with two single quotes (''). In SQL language syntax, two single quotes represents one single quote in string literals.
The tutorial exercise below shows you two INSERT statements. The first one will fail, because it has an un-protected single quote. The second one will be ok, because a str_replace() is used to replace (') with (''):
<?php $con = mssql_connect('LOCALHOST','sa','FYIcenter'); mssql_select_db('FyiCenterData', $con); $notes = "It's a search engine!"; $sql = "INSERT INTO fyi_links (id, url, notes) VALUES (" . " 201, 'www.google.com', '".$notes."')"; if (!mssql_query($sql, $con)) { print("SQL statement failed with error:\n"); print(" ".mssql_get_last_message()."\n"); } else { print("1 rows inserted.\n"); } $notes = "It's another search engine!"; $notes = str_replace("'", "''", $notes); $sql = "INSERT INTO fyi_links (id, url, notes) VALUES (" . " 202, 'www.yahoo.com', '".$notes."')"; if (!mssql_query($sql, $con)) { print("SQL statement failed with error:\n"); print(" ".mssql_get_last_message()."\n"); } else { print("1 rows inserted.\n"); } mssql_close($con); ?>
If you run this script, you will get something like this:
SQL statement failed with error: Unclosed quotation mark after the character string ')'. 1 rows inserted.
⇒ PHP MSSQL - Including Date and Time Values in SQL Statements
⇐ PHP MSSQL - Deleting Existing Rows in a Table
⇑ SQL Server FAQs - PHP MSSQL Functions - Managing Tables and Data Rows
2024-02-18, 1242🔥, 0💬
Popular Posts:
What Happens If the Imported Table Already Exists in Oracle? If the import process tries to import a...
How To Turn on mysql Extension on the PHP Engine in MySQL? The "mysql" API extension is provided as ...
How To Start Instance with a Minimal Initialization Parameter File in Oracle? The sample initializat...
How to execute statements in loops in SQL Server Transact-SQL? How to use WHILE ... loops? You can u...
How To Format DATETIME Values to Strings with the CONVERT() Function in SQL Server Transact-SQL? SQL...