ODBCPreparedStatement

From Xojo Documentation

Class (inherits from PreparedSQLStatement)

Used to create a PreparedSQLStatement for an ODBCDatabase.

Methods
Bind ExecuteSQL
BindType SelectSQL

Notes

fa-info-circle-32.png
The use of the prepared statement classes is rare because Database.SelectSQL and Database.ExecuteSQL utilize them automatically. See PreparedSQLStatement for information on cases where using prepared statement classes is appropriate.

Use the "?" character as the parameter marker in the prepared statement ("SELECT * FROM Persons WHERE Name = ?").

These are the available bind type constants:

Constants
ODBC_TYPE_BIGINT
ODBC_TYPE_BINARY
ODBC_TYPE_DATE
ODBC_TYPE_DOUBLE
ODBC_TYPE_FLOAT
ODBC_TYPE_INTEGER
ODBC_TYPE_NULL
ODBC_TYPE_SMALLINT
ODBC_TYPE_STRING
ODBC_TYPE_TIME
ODBC_TYPE_TIMESTAMP
ODBC_TYPE_TINYINT

Sample Code

This code shows how to use database binding.

// "db" is an ODBC Database object
Var ps As ODBCPreparedStatement
ps = ODBCPreparedStatement(db.Prepare("SELECT * FROM Persons WHERE Name = ? AND Age >= ?"))

ps.BindType(0, ODBCPreparedStatement.ODBC_TYPE_STRING)
ps.BindType(1, ODBCPreparedStatement.ODBC_TYPE_INTEGER)

ps.Bind(0, "John")
ps.Bind(1, 20)

Var rs As RecordSet = ps.SQLSelect

If db.Error Then
MessageBox(db.ErrorMessage)
Return
Else
// Use RecordSet as usual
End If

Alternatively, you can avoid binding the types manually with the Bind method by supply the values as part of the SQLSelect call:

// "db" is an ODBC Database object
Var ps As ODBCPreparedStatement
ps = ODBCPreparedStatement(db.Prepare("SELECT * FROM Persons WHERE Name = ? AND Age >= ?"))
rs = ps.SQLSelect("John", 20)
If db.Error Then
MsgBox(db.ErrorMessage)
Return
Else
// Use RecordSet as usual
End If

See Also

Database Class, ODBCDatabase, PreparedSQLStatement classes.