1

I'm about to commence building a site using mssql and php.

I plan to use PDO's, however, as I currenlty believe its not possible to use named parameters.

Currently in MySQL I would use named placeholders in my query as such;

$conn = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
$sql = "SELECT *
        FROM table
        LIMIT :numRows";

$st = $this->conn->prepare( $sql );
$st->bindValue( ":numRows", $numRows, PDO::PARAM_INT );

However when using MSSQL;

$conn = new PDO("mysql:host=" . DB_HOST .";dbname=" . DB_NAME, DB_USER, DB_PASSWORD);

$sSQLInsert = "SELECT TOP ? *
    FROM table";

$aParams = array($iLimit);

$st = sqlsrv_query($dbhandle, $sSQLInsert, $aParams)){}

My worry appears when I have many parameters that need to be bound. Managing the order of them and dancing back and forth between query-parameters doesnt seem ideal.

So my question; is it posible to use named placeholders with MSSQL?

Improve this question
5
  • Sql server doesnt have LIMIT but uses TOP Commented Jul 6, 2015 at 13:58
  • Show your connect/driver in use Commented Jul 6, 2015 at 14:22
  • it's mysqli that can't have named parameters. PDO supports ? and :foo, which stands to reason, since it's a generic "all databases" interface, while mysqli is (obviously) specific to mysql. Commented Jul 6, 2015 at 14:25
  • @DrewPierce I have included my connection string Commented Jul 6, 2015 at 14:27
  • Ok look at bottom of my answer Commented Jul 6, 2015 at 14:31

4 Answers 4

Reset to default
1

This would be a simple script to write an check, however I found documentation and an example! The answer is YES! Name parameters works with PDO_MSSQL.

https://msdn.microsoft.com/en-us/library/ff628166(v=sql.105).aspx

$stmt = null;
$contact = "Sales Agent";
$stmt = $conn->prepare("select * from Person.ContactType where name = :contact");
$stmt->bindParam(':contact', $contact);
$contact = "Owner";
$stmt->execute();
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

No You cannot use named Placeholder with sqlsrv_ or any other extension.

This is a feature of PDO only.

I plan to use PDO's, however, as I currenlty believe its not possible to use named parameters.

You can do it with SQL server:

$sql = "SELECT TOP :numRows *
        FROM table";
$st = $this->conn->prepare( $sql );
$st->bindValue( ":numRows", $numRows, PDO::PARAM_INT );
$st->execute();
var_dump($st->fetch());

It is not about the server, it is more about the driver, this PDO advantage since it is compatible with most database. You don't have to change your code, just the connection.

Improve this answer

2 Comments

thanks meda need to brush up on my mssql... Have updated the question. Can you shed any light on the actual question?
@atoms I answered your question
1

You might have luck looking at the following PDF (auto download of pdf):

http://tinyurl.com/orc2xkc

It has examples binding with variables and arrays.

$sql = ‘select Title, 
 FirstName, 
 MiddleName, 
 LastName 
 from SalesLT.Customer 
 where Title = :title and CustomerId<10’;
$query = $conn->prepare($sql);
$title = ‘Mr.’;
$query->bindParam(‘:title’, $title);
$query->execute();

In the meantime I will look up info on mssql driver to use because that apparently plays into it.

Edit ... As for the driver look at the comments under this question: From PDO to SQLSRV

Improve this answer

Comments

0

Many thanks for all the replies to this. After some time I've managed to get it working, so in answer to my question; Yes it is possible to use Named Placeholders with MSSQL.

After installing the SQLSRV PDO extension, placeholders can be used as such;

$database = "";
$server = "";
$conn = new PDO( "sqlsrv:server=$server ; Database = $database", DB_USER, DB_PASSWORD);

$sql = "SELECT * FROM Table WHERE MemberID =:MemberID";

$iMemberID = 5;

$st = $conn->prepare($sql);

//named placeholders within the execute() as an array.
   $st->execute(array(':MemberID'=>$iMemberID));
//OR using bind param..
   $st->bindParam(':MemberID', $iMemberID);

while ($row = $st->fetch()){
    echo "<pre>";
    var_dump($row);
    echo "</pre>";
}

Thanks to Drew Pierce for the link to the drivers and pdf and everyone else for the help.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.