You are here

Home » API reference » Drupal driver for SQL Server and SQL Azure 7 » database.inc » DatabaseStatement_sqlsrv

protected function DatabaseStatement_sqlsrv::getStatement in Drupal driver for SQL Server and SQL Azure 7

Grab a PDOStatement object from a given query and its arguments.

Some drivers (including SQLite) will need to perform some preparation themselves to get the statement right.

Parameters

$query: The query.

array $args: An array of arguments.

Return value

PDOStatement A PDOStatement object.

Overrides DatabaseStatementPrefetch::getStatement

1 call to DatabaseStatement_sqlsrv::getStatement()
DatabaseStatement_sqlsrv::execute in sqlsrv/database.inc
Executes a prepared statement.

File

sqlsrv/database.inc, line 473
Database interface code for Microsoft SQL Server.

Class

DatabaseStatement_sqlsrv

Code

protected function getStatement($query, &$args = array()) {
  $pdo_options = array();

  // Set insecure options if requested so.
  if ($this->insecure) {

    // We have to log this, prepared statements are a security RISK.
    watchdog('SQL Server Driver', 'An insecure query has been executed against the database. This is not critical, but worth looking into.');
    $options = $this->dbh
      ->getConnectionOptions();

    // These are defined in class Connection.
    $pdo_options = $options['pdo'];
  }
  return $this->dbh
    ->PDOPrepare($query, $pdo_options);
}