shragi
asked on
mysql to sqlserver php code
Hi - I am trying to update an existing code and I want to convert the mysql implementation to sqlserver.
but all the changes I made those are not working
so what's the best way to modify the below code in php to sql server.
Thanks,
but all the changes I made those are not working
so what's the best way to modify the below code in php to sql server.
$insert_query = 'insert into '.$this->tablename.'(
name,
email,
username,
password,
salt,
confirmcode
)
values
(
"' . $this->SanitizeForSQL($formvars['name']) . '",
"' . $this->SanitizeForSQL($formvars['email']) . '",
"' . $this->SanitizeForSQL($formvars['username']) . '",
"' . $encrypted_password . '",
"' . $salt . '",
'" . $confirmcode . "'
)';
Thanks,
If that worked for MySQL, I see no obvious reason that it would fail with SQL Server. What OS are you on and what PHP driver are you using?
ASKER
I am using windows and php5
Sql server takes input as single string but here it is given in double quotes
I received the following error
Sql server takes input as single string but here it is given in double quotes
I received the following error
Error inserting data to the table
query:insert into Users(
name,
email,
username,
password,
salt,
confirmcode
)
values
(
"abc",
"abc@outlook.com",
"abc",
"HbYlL/aIX/ZcHHSjh7/qzDQ1jU03YjQ2ZTE1MDgz",
"7b46e15083",
"d9773bae7c34d0514e9a8bd553c20505"
)
use single quotes for SQL Server
$insert_query = "insert into ".$this->tablename."(
name,
email,
username,
password,
salt,
confirmcode
)
values
(
'" . $this->SanitizeForSQL($formvars['name']) . "',
'" . $this->SanitizeForSQL($formvars['email']) . "',
'" . $this->SanitizeForSQL($formvars['username']) . "',
'" . $encrypted_password . "',
'" . $salt . "',
'" . $confirmcode . "'
)";
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
By the way. This is what I recommend as the basic script using PDO:
$table='yourtable';
$insert_query =
"INSERT INTO $table
(
name,
email,
username,
password,
salt,
confirmcode
)
VALUES
(?,?,?,?,?,?)";
$type ='dblib'; //SQL
$db ='db_name';
$usr ='user';
$pwd ='password';
$pdo = new PDO("$type:host=$host;dbname=$db",$usr,$pwd);
$stmt = $pdo->prepare($insert_query);
$stmt->execute(array(
$formvars['name'],
$formvars['email'],
$formvars['username'],
$encrypted_password,
$salt,
$confirmcode)
);