Parametrized query

Details: Written by: Stanko Milosev; Category: PHP; Published: 27 August 2008; Last Updated: 30 November -0001; Hits: 4503

Whenever is possible use parameterized queries in MS driver for PHP for MS SQL, to reduce risko of SQL injection attack.Taken from here.

Using of parametrized queries is simple, you can use example from here, for varchar types everything is same (you don't need quotes, as I thought) .