Be careful with your variables once you bind them to a statement with sqlsrv_prepare.
Consider the following:
<?php
$dude = '';
$time = new DateTime();
$sql = "INSERT INTO my_table (person, timein) VALUES (?, ?)";
$stmt = sqlsrv_prepare($conn, $sql, array(&$dude, &$time));
...
foreach ($times as &$time) {
}
$time = $times['start'];
if( sqlsrv_execute( $stmt ) === false ) {
die( print_r( sqlsrv_errors(), true));
}
?>
I did something like this. I prepared a statement at the start, used the variable again in the middle, and then set the value I wanted before running the query.
Trouble is, I used the variable as an iterator instead of a simple scalar. This caused PHP to use a different location in memory, and the location it was previously bound to was invalid. So SQL simply inserted a default date/time.
Worse, because SQL just inserted a default, it didn't throw any errors, and in trying to debug it, I did something like this:
<?php
var_dump($time);
sqlsrv_execute($stmt);
$q = "SELECT * FROM my_table WHERE id=@@IDENTITY";
$r = sqlsrv_query($conn, $q);
$row = sqlsrv_fetch_array($r); $id = $row[0];
var_dump($row['time']);
?>
Having it appear as though you're sending SQL the correct data, and seeing it spitting back something else entirely is absolutely maddening.
So if SQL seems to be inserting garbage with prepared statements, MAKE SURE YOU'RE NOT USING THE VARIABLES ANYWHERE ELSE.