sqlsrv_query

(No version information available, might only be in SVN)

sqlsrv_query — Prepares and executes a query.

说明

mixed sqlsrv_query ( resource $conn , string $sql [, array $params [, array $options ]] )

Prepares and executes a query.

参数

conn

A connection resource returned by sqlsrv_connect().

sql

The string that defines the query to be prepared and executed.

params

An array specifying parameter information when executing a parameterized query. Array elements can be any of the following:

A literal value
A PHP variable
An array with this structure: array($value [, $direction [, $phpType [, $sqlType]]])

The following table describes the elements in the array structure above:

**Array structure**
Element	Description
$value	A literal value, a PHP variable, or a PHP by-reference variable.
$direction (optional)	One of the following SQLSRV constants used to indicate the parameter direction: SQLSRV_PARAM_IN, SQLSRV_PARAM_OUT, SQLSRV_PARAM_INOUT. The default value is SQLSRV_PARAM_IN.
$phpType (optional)	A SQLSRV_PHPTYPE_* constant that specifies PHP data type of the returned value.
$sqlType (optional)	A SQLSRV_SQLTYPE_* constant that specifies the SQL Server data type of the input value.

options

An array specifing query property options. The supported keys are described in the following table:

**Query Options**
Key	Values	Description
QueryTimeout	A positive integer value.	Sets the query timeout in seconds. By default, the driver will wait indefinitely for results.
SendStreamParamsAtExec	`TRUE` or `FALSE` (the default is `TRUE`)	Configures the driver to send all stream data at execution (`TRUE`), or to send stream data in chunks (`FALSE`). By default, the value is set to `TRUE`. For more information, see sqlsrv_send_stream_data().
Scrollable	SQLSRV_CURSOR_FORWARD, SQLSRV_CURSOR_STATIC, SQLSRV_CURSOR_DYNAMIC, or SQLSRV_CURSOR_KEYSET	See » Specifying a Cursor Type and Selecting Rows in the Microsoft SQLSRV documentation.

返回值

Returns a statement resource on success and FALSE if an error occurred.

范例

Example #1 sqlsrv_query() example


<?php
$serverName = "serverName\sqlexpress";
$connectionInfo = array( "Database"=>"dbName", "UID"=>"username", "PWD"=>"password" );
$conn = sqlsrv_connect( $serverName, $connectionInfo);
if( $conn === false ) {
     die( print_r( sqlsrv_errors(), true));
}

$sql = "INSERT INTO Table_1 (id, data) VALUES (?, ?)";
$params = array(1, "some data");

$stmt = sqlsrv_query( $conn, $sql, $params);
if( $stmt === false ) {
     die( print_r( sqlsrv_errors(), true));
}
?>

注释

For statements that you plan to execute only once, use sqlsrv_query(). If you intend to re-execute a statement with different parameter values, use the combination of sqlsrv_prepare() and sqlsrv_execute().

参见

sqlsrv_prepare() - Prepares a query for execution
sqlsrv_execute() - Executes a statement prepared with sqlsrv_prepare

PHP手册 - N: Prepares and executes a query.

用户评论:

bill_spam0001 at yahoo dot com (28-Feb-2012 04:42)

Tip: It may seem obvious, but you need to trim your strings down to fit in the database field you are saving them to via a parametrized query or a stored procedure. (IE: only submit up to 20 characters to a VARCHAR(20) database field). If you send a larger string to the query then it can handle, you will get an error. When cleaning up your strings, you will most likely find yourself using the php substr() function. This function will return, as documented, a boolean FALSE value when presented with an empty string. Not minding this boolean FALSE value will cause "0" to be saved in your database tables instead of an empty string. Since trimming your input is also important, the simple and intuitive solution for this is to trim your substr() output, which will consistently supply and empty string, not boolean FALSE. So this will always work: <?php //trim last returns our empty string as a data type of string $address_line_2 = trim(substr($_POST['addr2']),0,30)); echo gettype($address_line_2); //outputs string //executing a database query will save "" in field tblAddressBook.addr2 $sql = "update tblAddressBook set name=(?), addr1=(?), addr2=(?),..." $params = array($name, $address_line_1, $address_line_2, ...) $sql_srv_query($db_conn, $sql, $params); ?> This second way will give seemingly unexpected data in your database. <?php //if the result of trimming our post variable is "" (empty), substr() will return FALSE $address_line_2 = substr(trim($_POST['addr2'])),0,30); //$address_line_2 actually === FALSE, not "" echo gettype($address_line_2); //outputs boolean //executing a database query will save "0" in field tblAddressBook.addr2 $sql = "update tblAddressBook set name=(?), addr1=(?), addr2=(?),..." $params = array($name, $address_line_1, $address_line_2, ...) $sql_srv_query($db_conn, $sql, $params); ?> You can also cast the type as a string using, which will cast the boolean false back to the expected Empty String. <?php $address_line_2 = (string)substr(trim($_POST['addr2'])),0,30); echo gettype($address_line_2); //outputs string //executing a database query will save "" in field tblAddressBook.addr2 $sql = "update tblAddressBook set name=(?), addr1=(?), addr2=(?),..." $params = array($name, $address_line_1, $address_line_2, ...) $sql_srv_query($db_conn, $sql, $params); ?> I didn't notice this behavior until switching to IIS7, PHP 5.3.8 and SQL Server 2008. But the behavior also is exhibited with IIS7, PHP 5.2 and SQL Server 2008.