sqlsrv

问题 I've looked over several other questions that seem (from the titles) the same as this. However, my case is a bit different. The following works (i.e. I get "success" and my database performs what I expect when running the procedure with the given variables): $sql = "MyDB.dbo.myProcedure {$var1}, {$var2}, {$var3}"; $result = sqlsrv_query($myConn, $sql); if (!$result) { echo 'Your code is fail.'; } else { echo 'Success!'; } I want to avoid (or lessen the possibility of) SQL injection by

问题 I am trying to get the number of rows returned in a query. The while loop looping through the results works, but for some reason the sqlsrv_num_rows does not return any value: $result = "SELECT * from dtable WHERE id2 = 'apple'"; $query = sqlsrv_query($conn, $result); $row_count = sqlsrv_num_rows($query); echo $row_count; while($row = sqlsrv_fetch_array($query)) { echo 'yes'; } Thanks. 回答1: It is because sqlsrv_query() uses SQLSRV_CURSOR_FORWARD cursor type by default. However, in order to