PHP ODBC - How To Include Text Values in SQL Statements?
Submitted by: AdministratorText values in SQL statements should be quoted with single quotes ('). If the text value contains a single quote ('), it should be protected by replacing it with two single quotes (''). In SQL language syntax, two single quotes represents one single quote in string literals.
The tutorial exercise below shows you two INSERT statements. The first one will fail, because it has an un-protected single quote. The second one will be ok, because a str_replace() is used to replace (') with (''):
<?php
$con = odbc_connect('ggl_SQL_SERVER','sa','GGL');
$notes = "It's a search engine!";
$sql = "INSERT INTO ggl_links (id, url, notes) VALUES ("
. " 201, 'www.google.com', '".$notes."')";
if (!odbc_exec($con, $sql)) {
print("SQL statement failed with error: ");
print(odbc_error($con).": ".odbc_errormsg($con)." ");
} else {
print("1 rows inserted. ");
}
$notes = "It's another search engine!";
$notes = str_replace("'", "''", $notes);
$sql = "INSERT INTO ggl_links (id, url, notes) VALUES ("
. " 202, 'www.yahoo.com', '".$notes."')";
Submitted by: Administrator
The tutorial exercise below shows you two INSERT statements. The first one will fail, because it has an un-protected single quote. The second one will be ok, because a str_replace() is used to replace (') with (''):
<?php
$con = odbc_connect('ggl_SQL_SERVER','sa','GGL');
$notes = "It's a search engine!";
$sql = "INSERT INTO ggl_links (id, url, notes) VALUES ("
. " 201, 'www.google.com', '".$notes."')";
if (!odbc_exec($con, $sql)) {
print("SQL statement failed with error: ");
print(odbc_error($con).": ".odbc_errormsg($con)." ");
} else {
print("1 rows inserted. ");
}
$notes = "It's another search engine!";
$notes = str_replace("'", "''", $notes);
$sql = "INSERT INTO ggl_links (id, url, notes) VALUES ("
. " 202, 'www.yahoo.com', '".$notes."')";
Submitted by: Administrator
if (!odbc_exec($con, $sql)) {
print("SQL statement failed with error: ");
print(odbc_error($con).": ".odbc_errormsg($con)." ");
} else {
print("1 rows inserted. ");
}
odbc_close($con);
?>
If you run this script, you will get something like this:
SQL statement failed with error:
37000: [Microsoft][ODBC SQL Server Driver][SQL Server]
Incorrect syntax near 's'.
1 rows inserted.
Submitted by: Administrator
print("SQL statement failed with error: ");
print(odbc_error($con).": ".odbc_errormsg($con)." ");
} else {
print("1 rows inserted. ");
}
odbc_close($con);
?>
If you run this script, you will get something like this:
SQL statement failed with error:
37000: [Microsoft][ODBC SQL Server Driver][SQL Server]
Incorrect syntax near 's'.
1 rows inserted.
Submitted by: Administrator
Read Online MS SQL Server Job Interview Questions And Answers
Top MS SQL Server Questions
| ☺ | How To Select Some Specific Rows from a Table in MS SQL Server? |
| ☺ | What Happens If You Insert a Duplicate Key for the Primary Key Column in MS SQL Server? |
| ☺ | What Happens If NULL Values Are Involved in Bitwise Operations? |
| ☺ | PHP MSSQL - How To Display a Past Time in Days, Hours and Minutes? |
| ☺ | PHP MSSQL - How To Delete Existing Rows in a Table? |
Top Databases Programming Categories
| ☺ | RDBMS Interview Questions. |
| ☺ | SQL Interview Questions. |
| ☺ | SSRS Interview Questions. |
| ☺ | Sybase Interview Questions. |
| ☺ | Database Administrator (DBA) Interview Questions. |
