$conn = sqlsrv_connect($dbServer, $connectionInfo);
$query = "SELECT * FROM [users] WHERE [name] = ? AND [password] = ?";
$params = array("joebloggs", "pa55w0rd");
$stmt = sqlsrv_query($conn, $query, $params);
If you plan on using the same query statement more than once, with different parameters, the same can be achieved with the sqlsrv_prepare()
and sqlsrv_execute()
functions, as shown below:
$cart = array(
"apple" => 3,
"banana" => 1,
"chocolate" => 2
);
$query = "INSERT INTO [order_items]([item], [quantity]) VALUES(?,?)";
$params = array(&$item, &$qty); //Variables as parameters must be passed by reference
$stmt = sqlsrv_prepare($conn, $query, $params);
foreach($cart as $item => $qty){
if(sqlsrv_execute($stmt) === FALSE) {
die(print_r(sqlsrv_errors(), true));
}
}