• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 142
  • Last Modified:

sqlsrv_query considered prepared statement

Simple question I am sure.  

Is this considered a prepared statement in SQL Server in PHP?   Is this method the safest way when following the ideas of prepared statements for PHP in SQL Server?

$sql = "SELECT * FROM table.toys WHERE Id= ? or Id= ?";
$params = array(3,5);//relative to the two ? above

$stmt = sqlsrv_query( $conn, $sql, $params);

Open in new window

1 Solution
Dave BaldwinFixer of ProblemsCommented:
I've never used it that way but apparently it is.  http://php.net/manual/en/function.sqlsrv-query.php
ZipbangAuthor Commented:
thank you
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now