473,698 Members | 2,086 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

parameter markers - SQLBindParamete r issue

I am having a problem with my application that uses ODBC. I am doing
the following:

* prepare a statement
* Bind
* execute

The problem is that my application needs to accept only insert queries
with parameter markers since it later writes to the database depending
on the values in the SQL query.

It seems that SQLBindParamete r does not return any Error/Info when
there are no parameter markers to bind variables to in the statement.
I would expect this call to fail or at least generate some info to
suggest to the caller that the query had no parameters to bind
variables to!

Is there any way to find out using ODBC calls given a handle to a
statement whether this is an insert statement and how many parameter
markers are in the statement? I tried the SQLGetDiagField function
with the SQL_DIAG_DYNAMI C_FUNCTION identifier to get the kind of
statement but this would not tell me the number of parameter markers
in the query. Moreover this approach may not work if the user uses a
stored procedure in it. I want to avoid parsing the sql statement to
get this info.

I would appreciate if someone could give me some information on this.

TIA,
Nilesh
Nov 12 '05 #1
3 3160
On 7 Nov 2003 12:47:33 -0800, ni****@cs.alban y.edu (Nile) wrote:
I am having a problem with my application that uses ODBC. I am doing
the following:

* prepare a statement
* Bind
* execute

The problem is that my application needs to accept only insert queries
with parameter markers since it later writes to the database depending
on the values in the SQL query.

It seems that SQLBindParamete r does not return any Error/Info when
there are no parameter markers to bind variables to in the statement.
That's right ... you can call SQLPrepare and SQLExecute on any kind of
statement.
I would expect this call to fail or at least generate some info to
suggest to the caller that the query had no parameters to bind
variables to!

Is there any way to find out using ODBC calls given a handle to a
statement whether this is an insert statement and how many parameter
markers are in the statement? <
Yes. SQLNumParams has been around since ODBC 1.0.

There is also SQLDescribePara m, but in my experience it is not
supported by many ODBC data sources. At any rate, the documentation to
this function says that the type of parameter (i.e. in, out, or
in/out) is not returned by the function.
I tried the SQLGetDiagField function
with the SQL_DIAG_DYNAMI C_FUNCTION identifier to get the kind of
statement but this would not tell me the number of parameter markers
in the query. Moreover this approach may not work if the user uses a
stored procedure in it. I want to avoid parsing the sql statement to
get this info.
To deduce whether or not the SQL is an insert statement, one would
normally examine the SQL statement and see if it starts with the
keyword "INSERT". Not a whole lot to parse there...

I don't know how one would do this if only the statement handle were
available ... normally, you start with a connection handle and an SQL
string in order to allocate a statement handle. How is the statement
handle allocated?

I would appreciate if someone could give me some information on this.

TIA,
Nilesh


--
Bob Hairgrove
No**********@Ho me.com
Nov 12 '05 #2
> >I tried the SQLGetDiagField function
with the SQL_DIAG_DYNAMI C_FUNCTION identifier to get the kind of
statement but this would not tell me the number of parameter markers
in the query. Moreover this approach may not work if the user uses a
stored procedure in it. I want to avoid parsing the sql statement to
get this info.


To deduce whether or not the SQL is an insert statement, one would
normally examine the SQL statement and see if it starts with the
keyword "INSERT". Not a whole lot to parse there...

I don't know how one would do this if only the statement handle were
available ... normally, you start with a connection handle and an SQL
string in order to allocate a statement handle. How is the statement
handle allocated?


Thanks for the info. The reason why I am not doing something simple
like looking at the first word to see if it is INSERT is because the
user can use a stored procedure named "foo" which has the insert
statement in it! So I want it to be more general. Any suggestions?

Thanks again,
Niles
Nov 12 '05 #3
On 10 Nov 2003 11:11:03 -0800, ni****@cs.alban y.edu (Nile) wrote:
Thanks for the info. The reason why I am not doing something simple
like looking at the first word to see if it is INSERT is because the
user can use a stored procedure named "foo" which has the insert
statement in it! So I want it to be more general. Any suggestions?


In that case, the only parameters you would have are those of the
procedure call for which all you seem to have is the statement handle.

If you know the name of the SP, you would need documentation of the
procedure to know what it does; there is no way that I know of to gain
access to the "inside" of a SP from ODBC. Besides, if the parameters
have default values, or are objects passed by reference and not simple
data types, it might prove to be rather difficult...

Also, there is the issue of permissions. Usually, in a properly
designed database, SPs are there so that ordinary users can perform
certain updates, etc. for which they would otherwise not have the
necessary permissions. The reason for this is so that said updates,
etc. can happen under a controlled environment with regard to
exception handling, data consistency which cannot be enforced at the
engine level, etc.
--
Bob Hairgrove
No**********@Ho me.com
Nov 12 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1765
Bound parameters failure (SQLBindParameter) using ODBC
by: Bj?rn Terje Svennes | last post by:
Using SQLBindParameter, I bind buffers to a prepared statement. Next time this statement is used I just replace the values in the buffer (not calling SQLBindParameter). This works fine when used within the same method. But the use of this statement can happen from several places in my code. When calling the statement a second time, the SQLExecute fails with return code SQL_NEED_DATA. The buffers are still valid and I haven't called...
Microsoft SQL Server
6
5112
How to use parameter markers for "for bit data" columns?
by: alederer | last post by:
Hallo! I have a table tstest(ts char(13) for bit data constraint a unique). This column is filled in a trigger with generate_unique(). In a application (CLI), I have the values of this column as timestamp representation: e.g.: select timestamp(ts) from tstest 1
DB2 Database
0
2545
How to use SQLBindParameter for double or float datatype
by: alederer | last post by:
Hallo! I have a problem using SQLBindParameter for columns of datatype DOUBLE or REAL. e.g. I have an insert statement where i wan't to insert the value 100.10 into a DOUBLE column. For the source type of SQLBindParameter I need to use SQL_C_CHAR. What type does I need to set ParameterType, I have tried SQL_VARCHAR and SQL_DOUBLE with the same result:
DB2 Database
1
2050
UDB 7.2 fp9, dynamic-sql plans with parameter-markers
by: Mike | last post by:
Envirnoment is UDB 7.2 fp9 on AIX. I'm familiar with using "dynexpln" for quickly comparing access plans for directly executable queries. dynexpln docs suggest it cannot work with sql that contains parameter markers. But, when there is no Control-centre (i.e. text only access via korn-shell, no x-windows), how can I use db2 on aix command line programs
DB2 Database
2
2619
how to get parameter value from dynamic select statement ?
by: t2581 | last post by:
Hi, running DB2 UDB 7.2 F.P 12 on WIndows Developers debug old application and need to get value passed to db2 by application I run db2cli trace and event monitor and both cases I get SELECT T1.* FROM
DB2 Database
1
8832
Error 07002 SQLBindParameter not used for all parameters
by: Mikey G | last post by:
Hi, I created a simple VB.NET 2003 application through Visual Studio that connects to a MySQL database and loads a table into a Dataset, and then displays that table information in a DataGrid on a form for editing. The table fill works fine, the delete function works fine, but when I try to update a row, the application fails with the following error message: An unhandled exception of type 'System.Data.Odbc.OdbcException' occurred in...
Visual Basic .NET
1
1995
Parameter.Add need help - not understanding
by: Vaelek | last post by:
Hello, I'm somewhat new to DB programming and have a question. I am now taking over an application that a previous programmer had written and he had made use of the Parameter.Add function for DB2 comman objects. This is what is trying to be done: An sql statement is created that uses ? as value markers. This value is passed into a function that calls the Parameter.Add function. What is supposed to happen is that the first ? is replaced...
DB2 Database
7
7201
Parameter markers in LIKE clause
by: =?ISO-8859-2?Q?Gregor_Kova=E8?= | last post by:
Hi! Is it possible to use parameter markers like this: 1.) SELECT * FROM TABLE1 WHERE FIELD1 LIKE '%?%' If I now set parameter 1 to '' (empty string) I don't get any rows back, but if I run: 2.) SELECT * FROM TABLE1 WHERE FIELD1 LIKE '%%' I get back data I expect.
DB2 Database
2
3559
Filter Factors when using Parameter markers?
by: PaulR | last post by:
Hi, (DB2 LUW v8.2) When using parameter markers how does the optimizer evaluate filter factors? - and is it able to make use of distribution stats. for parm. markers? The reason I ask, is we have heavily skewed data in places and we need
DB2 Database
0
8604
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
9157
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
1
8895
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
7728
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
6518
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
4369
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
4619
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
3046
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
2330
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us