PDO::quote

Microsoft Drivers for PHP for SQL Server

Collapse image Expand Image Copy image CopyHover image

Processes a string for use in a query by placing quotes around the input string as required by the underlying SQL Server database. PDO::quote will escape special characters within the input string using a quoting style appropriate to SQL Server.

Syntax

string PDO::quote( $string[, $parameter_type ] )

Parameters

$string: The string to quote.

$parameter_type: An optional (integer) symbol indicating the data type. The default is PDO::PARAM_STR.

Return Value

A quoted string that can be passed to an SQL statement, or false if failure.

Remarks

Support for PDO was added in version 2.0 of the Microsoft Drivers for PHP for SQL Server.

Example

  Copy imageCopy Code
<?php
$database = "test";
$server = "(local)";
$conn = new PDO( "sqlsrv:server=$server ; Database = $database", "", "");

$param = 'a \' g';
$param2 = $conn->quote( $param );

$query = "INSERT INTO Table1 VALUES( ?, '1' )";
$stmt = $conn->prepare( $query );
$stmt->execute(array($param));

$query = "INSERT INTO Table1 VALUES( ?, ? )";
$stmt = $conn->prepare( $query );
$stmt->execute(array($param, $param2));
?>

See Also

Reference

Other Resources

PDO