Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //Prep the variables for insert
- $p1 = $_POST['description'];
- $p2 = intval($_POST['visible']);
- $p3 = strval($_POST['whoToShow']);
- //Build an array with those variables
- $params = array(&$p1, &$p2, &$p3);
- //Build the SQL
- $sql = "INSERT INTO notifications (description, visible, whoToShow) VALUES (?, ?, ?)";
- //Execute the sql using a prepared statement, passing the variables in an array
- $stmt = sqlsrv_prepare($conn, $sql, $params) or die(FormatErrors(sqlsrv_errors()));
- $myServer = "xxxxxxx";
- $myUser = "xxxxxxxx";
- $myPass = "xxxxxxx";
- $myDB = "myDatabase";
- //connection to the database
- $dbhandle = mssql_connect($myServer, $myUser, $myPass)
- or die("Couldn't connect to SQL Server on $myServer");
- //select a database to work with
- $selected = mssql_select_db($myDB, $dbhandle)
- or die("Couldn't open database $myDB");
- $query = "exec eCommerce.dbo.cart_GET_Detail @sid = ".$_SESSION['sid']." , @cc = '".$_SESSION['cc']."'";
- $result = mssql_query($query);
- $numRows = mssql_num_rows($result);
- $hasItems = (($numRows == 0) ? 'N' : 'Y');
- while ($RSLoop = mssql_fetch_array($result)) {
- //var_dump($RSLoop); //var_dump will show you everything in the recordset
- echo '<tr><td colspan=6 width=720 class=cartDivider> </td></tr>';
- echo '<form name=frmProduct'.$idx.' method=POST action=_action.asp>';
- echo '<input type=hidden name=pid value="'.$RSLoop['product_id'].'">';
- }
Add Comment
Please, Sign In to add comment