Zipbang
asked on
sqlsrv_query considered prepared statement
Simple question I am sure.
Is this considered a prepared statement in SQL Server in PHP? Is this method the safest way when following the ideas of prepared statements for PHP in SQL Server?
Is this considered a prepared statement in SQL Server in PHP? Is this method the safest way when following the ideas of prepared statements for PHP in SQL Server?
$sql = "SELECT * FROM table.toys WHERE Id= ? or Id= ?";
$params = array(3,5);//relative to the two ? above
$stmt = sqlsrv_query( $conn, $sql, $params);
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER