0

I need to send data to the SQL Server from a HTML form using PHP. The script to open the connection works, but being SQL Server not MySQL it's a bit hard to find a good example to INSERT data into the table.

Tried several methods, but none works. Some examples:

<?php
$query = "
   INSERT INTO dbo.facturi_achizitii 
      (tip, MBxxx, xxx_key, Document, Reference, doc_xxx_text, doc_date, xxx_date, Customer, Business_xxx, xxx_jurnal, valoare_xxx, tax_b_amount, output_xxx) 
   VALUES 
      ('$tip', '$MBxxx', '$xxx_key', '$Document', '$Reference', '$doc_xxx_text', '$doc_date', '$xxx_date', '$Customer', '$Business_xxx', '$xxx_jurnal', '$valoare_xxx', '$tax_b_amount', '$output_xxx')";
$params1 = array($tip, $MBxxx,$xxx_key, $Reference, $doc_xxx_text, $xxx_date, $xxx_date, $Customer, $Business_xxx, $xxx_jurnal, $valoare_xxx, $tax_b_amount, $output_xxx);
$stmt = sqlsrv_query( $conn, $sql, $params);
if( $stmt === false ) {
     die( print_r( sqlsrv_errors(), true));
}
?>

What is wrong with it? Thank you

Dale K
  • 25,246
  • 15
  • 42
  • 71
Stefan3D
  • 31
  • 5
  • 1
    Can you pls post the exact error you are facing? – Archit Gargi Jun 16 '22 at 08:49
  • 2
    Though PHP isn't my strong point. that looks like injection to me, not parametrisation. – Thom A Jun 16 '22 at 08:54
  • Some issues with your code: 1) You have 14 columns, but only 13 parameter values. 2) You are missing parameters placeholders in your statement. 3| Pass datetime values using unambiguous dattime format. My experience is summarized [here](https://stackoverflow.com/questions/55276287/php7-3-sqlsrv-format-of-datetime-different-when-query-and-store/55286218#55286218). 4) `$query` and `$sql` are two different variables (which one do you use). – Zhorov Jun 16 '22 at 09:18

0 Answers0