0

I tried to call a SQL Server stored procedure from PHP.

Here is my stored procedure:

CREATE procedure [dbo].[tester]
    @id NVARCHAR(MAX)
AS
BEGIN
    DECLARE @tab TABLE (myxml XML)

    INSERT INTO @tab(myxml)
        SELECT map 
        FROM forms 
        WHERE mapid = @id

    SELECT * FROM @tab
END

and my PHP script:

<?php
$serverName = "servername";
$connectionInfo = array("UID" => "sa","PWD" => "mypass","Database" =>  "database");  
$conn = sqlsrv_connect( $serverName, $connectionInfo);

if ($conn) {
    $tsql = "exec tester 'FORMgRGVL7bfpEnpBpg7vz2sHoKAs5zxU5LW'";
    $result = sqlsrv_query($conn, $tsql);

    if ($result === false) {
        die( print_r( sqlsrv_errors(), true) );
        $response=array('response'=>'notok','data'=>'loyo');
        $serverresponse=JSON_encode($response);
    } else {
        $row = sqlsrv_fetch_array( $result, SQLSRV_FETCH_NUMERIC);
        $response=array('response'=>'ok','data'=>$row[0]);
        $serverresponse=JSON_encode($response);
    }

    sqlsrv_free_stmt($stmt);
} else {
    $response=array('response'=>'notok','flag'=>$flag,'data'=>'cc');        
    $serverresponse = $serverresponse=JSON_encode($response);
}

echo ($serverresponse);
?>

When I execute the stored procedure from SSMS it returns the value as expected, but when I execute it from PHP, it returns null.

Improve this question
3

1 Answer 1

Reset to default
1

Explanations:

You need to put SET NOCOUNT ON as first line in your stored procedure to prevent returning the number of rows affected by the T-SQL statements as part of the result set. This is the reason for your NULL results.

As a note, always use prepared statements and parameterized queries to prevent SQL injection. With PHP Driver for SQL Server, function sqlsrv_query() does both statement preparation and statement execution and can be used to execute parameterized queries.

Example:

There are errors in your script, which are fixed in the example:

  • sqlsrv_free_stmt($stmt) is changed to sqlsrv_free_stmt($result)
  • variable $flag is not defined
  • $serverresponse = $serverresponse=JSON_encode($response) is changed to $serverresponse = json_encode($response)

T-SQL:

CREATE procedure [dbo].[tester]
   @id nvarchar(max)
as
begin
   SET NOCOUNT ON

   declare @tab table (myxml xml)

   insert into @tab(myxml)
   select map from forms where mapid=@id

   select * from @tab
end

PHP:

<?php

$flag = "";    
$serverName = "servername";
$connectionInfo = array("UID" => "sa", "PWD" => "mypass", "Database" => "database"); 

$conn = sqlsrv_connect( $serverName, $connectionInfo);
if ($conn) {
    $tsql = "exec tester ?";
    $params = array('FORMgRGVL7bfpEnpBpg7vz2sHoKAs5zxU5LW');
    $result = sqlsrv_query($conn, $tsql, $params);
    if ($result === false) {
        die( print_r( sqlsrv_errors(), true) );
        $response = array('response'=>'notok', 'data'=>'loyo');
        $serverresponse = json_encode($response);
    } else {
        $row = sqlsrv_fetch_array( $result, SQLSRV_FETCH_NUMERIC);
        $response = array('response'=>'ok', 'data'=>$row[0]);
        $serverresponse = json_encode($response);
    }
    sqlsrv_free_stmt($result);
} else {
    $response = array('response'=>'notok', 'flag'=>$flag, 'data'=>'cc');        
    $serverresponse = json_encode($response);
}

echo ($serverresponse);

?>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.