So basicly I am trying to insert a patch into an mssql table. The path, and possibly the file name can contain Umlaute.
I have tried several things like:
$path = 'univativ\mitarbeiter\individualprofile und lebensläufe\\'.$standort['name'].'\\'.$name.'\\'.$file['filename'];
\Yii::$app->dbsamherbert->createCommand(
"INSERT INTO [tbl_FileLinks] ([Keyone], [KeyTwo], [FileLink])
VALUES (3, 28216,:id)")->bindParam(':id', $path)->queryAll();
Or using
\Yii::$app->dbsamherbert->createCommand()->insert('...', [
All fail. The "Ä" will get destroyed. What I noticed is that the Path-String is being converted to an hex? ("0x72183648237428…")
The only thing which works is doing an direct SQL query. However I’m feeling very uncomfortable with that because i have to make sure no sql injection is possible on my own.
Any ideas?
So long
Shaeldon