Last updated: Fri, 20 Nov 2009

mssql_bind

(PHP 4 >= 4.0.7, PHP 5, PECL odbtp >= 1.1.1)

mssql_bind — Adds a parameter to a stored procedure or a remote stored procedure

Description

bool mssql_bind ( resource $stmt , string $param_name , mixed &$var , int $type [, bool $is_output = false [, bool $is_null = false [, int $maxlen = -1 ]]] )

Binds a parameter to a stored procedure or a remote stored procedure.

Parameters

stmt: Statement resource, obtained with mssql_init().
param_name: The parameter name, as a string.

Note: You have to include the @ character, like in the T-SQL syntax. See the explanation included in mssql_execute().
var: The PHP variable you'll bind the MSSQL parameter to. It is passed by reference, to retrieve OUTPUT and RETVAL values after the procedure execution.
type: One of: SQLTEXT, SQLVARCHAR, SQLCHAR, SQLINT1, SQLINT2, SQLINT4, SQLBIT, SQLFLT4, SQLFLT8, SQLFLTN.
is_output: Whether the value is an OUTPUT parameter or not. If it's an OUTPUT parameter and you don't mention it, it will be treated as a normal input parameter and no error will be thrown.
is_null: Whether the parameter is NULL or not. Passing the NULL value as var will not do the job.
maxlen: Used with char/varchar values. You have to indicate the length of the data so if the parameter is a varchar(50), the type must be SQLVARCHAR and this value 50.

Return Values

Returns TRUE on success or FALSE on failure.

Examples

Example #1 mssql_bind() example


<?php
// Connect to MSSQL
mssql_connect('KALLESPC\SQLEXPRESS', 'sa', 'phpfi');
mssql_select_db('php');

// Create a new stored prodecure
$stmt = mssql_init('NewUserRecord');

// Bind the field names
mssql_bind($stmt, '@username',  'Kalle',        SQLVARCHAR,     false,  false,  60);
mssql_bind($stmt, '@name',      'Kalle',        SQLVARCHAR,     false,  false,  60);
mssql_bind($stmt, '@age',       19,             SQLINT1,        false,  false,   3);

// Execute 
mssql_execute($stmt);

// Free statement
mssql_free_statement($stmt);
?>


There isn't a bind function for regular SQL queries; not even a escape function. I found this nice piece of code:



<?php

function mssql_escape($data) {

    if(is_numeric($data))

        return $data;

    $unpacked = unpack('H*hex', $data);

    return '0x' . $unpacked['hex'];

}

?>



http://stackoverflow.com/questions/574805/

Anonymous
17-Nov-2009 06:35


I found SQLVARCHAR better for datetime.



It was performing some other non-strtotime() convertions when it was set to SQLINT4

valerio dot della-porta dot com
22-Apr-2009 09:00


Use:

SQLVARCHAR for binary

SQLINT4 for datetime

SQLFLT8 for decimal

SQLVARCHAR for image

SQLFLT8 for money

SQLCHAR for nchar

SQLTEXT for ntext

SQLFLT8 for numeric

SQLVARCHAR for nvarchar

SQLFLT8 for real

SQLINT4 for smalldatetime

SQLFLT8 for smallmoney

SQLVARCHAR for sql_variant

SQLINT4 for timestamp

SQLVARCHAR for varbinary

Anonymous
25-Jan-2009 01:08


<?php


//IP Address, if instance then IP\Instance


$server = 'a.b.c.d';


$link = mssql_connect($server, 'sql_user', 'sql_user_pass');





//Select DB


$dbn = 'dbName';


mssql_select_db($dbn);





//Define Procedure


$lala = 'tstProc';


$proc = mssql_init($lala, $link);





//Define Parameters


$parm1 = 'one';


$parm2 = 'two';


$parm3 = 'three';





//Load Parameters


mssql_bind($proc, '@num', $parm1, SQLCHAR, false, false, 10);


mssql_bind($proc, '@naamen', $parm2, SQLCHAR, false, false, 10);


mssql_bind($proc, '@desci', $parm3, SQLCHAR, false, false, 10);





//Execute Procedure


mssql_execute($proc);





//Free Memory


mssql_free_statement($proc);





//...and whenever the wolf did howl, all the sheep had to do was bleat!


?>

Anonymous
08-Jun-2008 05:52


for type :



SQLCHAR     DBCHAR

SQLVARCHAR     DBCHAR

SQLTEXT     DBCHAR

SQLBINARY     DBBINARY

SQLVARBINARY     DBBINARY

SQLIMAGE     DBBINARY

SQLINT1     DBTINYINT

SQLINT2     DBSMALLINT

SQLINT4     DBINT

SQLFLT4     DBFLT4

SQLFLT8     DBFLT8

SQLBIT     DBBIT

SQLMONEY4     DBMONEY4

SQLMONEY     DBMONEY

SQLDATETIM4     DBDATETIM4

SQLDATETIME     DBDATETIME

SQLDECIMAL     DBDECIMAL

SQLNUMERIC     DBNUMERIC



source : http://msdn.microsoft.com/en-us/library/aa937008(SQL.80).aspx

daryl dot mitchell at usask dot ca
05-Dec-2007 05:56


I had the same problem but the posted solution above just produced null results.  Here's a modification that ended up working:



#THIS SUCCEEDS, USES A REFERENCE

mssql_bind($proc, '@'.$key, $sp_parms[$key], SQLVARCHAR)

or die("Unable to bind $sp_name:$key<br>".mssql_get_last_message());

fheald at buzztime dot com
06-Aug-2007 07:27


mssql_bind binds by reference, not by value, even on input parameters.  Improper binding can cause strange errors; in my case "Error converting data type varchar to int"



--SAMPLE STORED PROCEDURE

CREATE Procedure [dbo].[myproc]

(

    @one VARCHAR(10) = 'n1',

    @two VARCHAR(10) = 'n2',

    @three VARCHAR(10) = 'n3',

    @four VARCHAR(10) = 'n4',

    @five VARCHAR(10) = 'n5'

)

AS

BEGIN

SET NOCOUNT ON;



SELECT

    @one AS 'one',

    @two AS 'two',

    @three AS 'three',

    @four AS 'four',

    @five AS 'five'

END



//SAMPLE PHP CALL

$sp_name = 'mydb.dbo.myproc';

$proc = mssql_init($sp_name);

$sp_parms->one = 'one';

$sp_parms->two = 'two';

$sp_parms->three = 'three';



foreach ($sp_parms as $key=>$parm) {

    #THIS FAILS, because it's binding values!

    #mssql_bind($proc, '@'.$key, $parm, SQLVARCHAR)

    #    or die("Unable to bind $sp_name:$key<br>".mssql_get_last_message());

    #THIS SUCCEEDS, USES A REFERENCE

    mssql_bind($proc, '@'.$key, $sp_parms->$key, SQLVARCHAR)

        or die("Unable to bind $sp_name:$key<br>".mssql_get_last_message());

}

add a note

mssql_close

Mssql Functions