慕村9548890
您需要在语句中使用参数。正如文档中提到的,sqlsrv_query() 函数非常适合一次性查询,并且应该是执行查询的默认选择,除非有特殊情况。此函数提供了一种简化的方法,可以使用最少的代码执行查询。sqlsrv_query 函数同时执行语句准备和语句执行,并且可用于执行参数化查询。您需要通过以下方式之一传递参数值:作为使用明确日期格式 ( yyyymmdd) 的文本,使用扩展参数语法和适当的数据类型绑定。例如,根据问题中的代码,使用日期的文本值:<?php// Connection$server = 'server,port';$database = 'database';$uid = 'uid';$pwd = 'pwd';$cinfo = array( "ReturnDatesAsStrings" => true, "Database" => $database, "UID" => $uid, "PWD" => $pwd);$conn = sqlsrv_connect($server, $cinfo);if ($conn === false) { echo "Error (sqlsrv_connect): ".print_r(sqlsrv_errors(), true); exit;}// Test input$from = (new DateTime('2020-07-02'))->format('Ymd');$to = (new DateTime('2020-07-03'))->format('Ymd');// Statement$sql = " SELECT * FROM Database WHERE (? <= [Date]) AND ([Date] <= ?)";$params = array($from, $to);$stmt = sqlsrv_query($conn, $sql, $params);if($stmt == false){ die( print_r( sqlsrv_errors(), true) );}echo $sql;// Datawhile( $row = sqlsrv_fetch_array( $stmt, SQLSRV_FETCH_NUMERIC) ) { echo $row[0].", ".$row[1]."<br />";}// Endsqlsrv_free_stmt($stmt);?>例如,根据问题中的代码,使用 PHP 日期对象和适当的参数绑定:<?php// Connection$server = 'server,port';$database = 'database';$uid = 'uid';$pwd = 'pwd';$cinfo = array( "ReturnDatesAsStrings" => true, "Database" => $database, "UID" => $uid, "PWD" => $pwd);$conn = sqlsrv_connect($server, $cinfo);if ($conn === false) { echo "Error (sqlsrv_connect): ".print_r(sqlsrv_errors(), true); exit;}// Test input$from = new DateTime('2020-07-02');$to = new DateTime('2020-07-03');// Statement$sql = " SELECT * FROM Database WHERE (CONVERT(date, ?) <= [Date]) AND ([Date] <= CONVERT(date, ?))";$params = array( array($from, SQLSRV_PARAM_IN, SQLSRV_PHPTYPE_DATETIME, SQLSRV_SQLTYPE_DATETIME), array($to, SQLSRV_PARAM_IN, SQLSRV_PHPTYPE_DATETIME, SQLSRV_SQLTYPE_DATETIME));$stmt = sqlsrv_query($conn, $sql, $params);if($stmt == false){ die( print_r( sqlsrv_errors(), true) );}echo $sql;// Datawhile( $row = sqlsrv_fetch_array( $stmt, SQLSRV_FETCH_NUMERIC) ) { echo $row[0].", ".$row[1]."<br />";}// Endsqlsrv_free_stmt($stmt);?>