Problem with MSSQL and Umlaute

So basicly I am trying to insert a patch into an mssql table. The path, and possibly the file name can contain Umlaute.

I have tried several things like:

$path = 'univativ\mitarbeiter\individualprofile und lebensläufe\\'.$standort['name'].'\\'.$name.'\\'.$file['filename'];


"INSERT INTO [tbl_FileLinks] ([Keyone], [KeyTwo], [FileLink])

VALUES (3, 28216,:id)")->bindParam(':id', $path)->queryAll();

Or using

\Yii::$app->dbsamherbert->createCommand()->insert('...', [

All fail. The "Ä" will get destroyed. What I noticed is that the Path-String is being converted to an hex? ("0x72183648237428…")

The only thing which works is doing an direct SQL query. However I’m feeling very uncomfortable with that because i have to make sure no sql injection is possible on my own.

Any ideas?

So long