473,566 Members | 2,908 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

parameter markers - SQLBindParamete r issue

I am having a problem with my application that uses ODBC. I am doing
the following:

* prepare a statement
* Bind
* execute

The problem is that my application needs to accept only insert queries
with parameter markers since it later writes to the database depending
on the values in the SQL query.

It seems that SQLBindParamete r does not return any Error/Info when
there are no parameter markers to bind variables to in the statement.
I would expect this call to fail or at least generate some info to
suggest to the caller that the query had no parameters to bind
variables to!

Is there any way to find out using ODBC calls given a handle to a
statement whether this is an insert statement and how many parameter
markers are in the statement? I tried the SQLGetDiagField function
with the SQL_DIAG_DYNAMI C_FUNCTION identifier to get the kind of
statement but this would not tell me the number of parameter markers
in the query. Moreover this approach may not work if the user uses a
stored procedure in it. I want to avoid parsing the sql statement to
get this info.

I would appreciate if someone could give me some information on this.

TIA,
Nilesh
Nov 12 '05 #1
3 3144
On 7 Nov 2003 12:47:33 -0800, ni****@cs.alban y.edu (Nile) wrote:
I am having a problem with my application that uses ODBC. I am doing
the following:

* prepare a statement
* Bind
* execute

The problem is that my application needs to accept only insert queries
with parameter markers since it later writes to the database depending
on the values in the SQL query.

It seems that SQLBindParamete r does not return any Error/Info when
there are no parameter markers to bind variables to in the statement.
That's right ... you can call SQLPrepare and SQLExecute on any kind of
statement.
I would expect this call to fail or at least generate some info to
suggest to the caller that the query had no parameters to bind
variables to!

Is there any way to find out using ODBC calls given a handle to a
statement whether this is an insert statement and how many parameter
markers are in the statement? <
Yes. SQLNumParams has been around since ODBC 1.0.

There is also SQLDescribePara m, but in my experience it is not
supported by many ODBC data sources. At any rate, the documentation to
this function says that the type of parameter (i.e. in, out, or
in/out) is not returned by the function.
I tried the SQLGetDiagField function
with the SQL_DIAG_DYNAMI C_FUNCTION identifier to get the kind of
statement but this would not tell me the number of parameter markers
in the query. Moreover this approach may not work if the user uses a
stored procedure in it. I want to avoid parsing the sql statement to
get this info.
To deduce whether or not the SQL is an insert statement, one would
normally examine the SQL statement and see if it starts with the
keyword "INSERT". Not a whole lot to parse there...

I don't know how one would do this if only the statement handle were
available ... normally, you start with a connection handle and an SQL
string in order to allocate a statement handle. How is the statement
handle allocated?

I would appreciate if someone could give me some information on this.

TIA,
Nilesh


--
Bob Hairgrove
No**********@Ho me.com
Nov 12 '05 #2
> >I tried the SQLGetDiagField function
with the SQL_DIAG_DYNAMI C_FUNCTION identifier to get the kind of
statement but this would not tell me the number of parameter markers
in the query. Moreover this approach may not work if the user uses a
stored procedure in it. I want to avoid parsing the sql statement to
get this info.


To deduce whether or not the SQL is an insert statement, one would
normally examine the SQL statement and see if it starts with the
keyword "INSERT". Not a whole lot to parse there...

I don't know how one would do this if only the statement handle were
available ... normally, you start with a connection handle and an SQL
string in order to allocate a statement handle. How is the statement
handle allocated?


Thanks for the info. The reason why I am not doing something simple
like looking at the first word to see if it is INSERT is because the
user can use a stored procedure named "foo" which has the insert
statement in it! So I want it to be more general. Any suggestions?

Thanks again,
Niles
Nov 12 '05 #3
On 10 Nov 2003 11:11:03 -0800, ni****@cs.alban y.edu (Nile) wrote:
Thanks for the info. The reason why I am not doing something simple
like looking at the first word to see if it is INSERT is because the
user can use a stored procedure named "foo" which has the insert
statement in it! So I want it to be more general. Any suggestions?


In that case, the only parameters you would have are those of the
procedure call for which all you seem to have is the statement handle.

If you know the name of the SP, you would need documentation of the
procedure to know what it does; there is no way that I know of to gain
access to the "inside" of a SP from ODBC. Besides, if the parameters
have default values, or are objects passed by reference and not simple
data types, it might prove to be rather difficult...

Also, there is the issue of permissions. Usually, in a properly
designed database, SPs are there so that ordinary users can perform
certain updates, etc. for which they would otherwise not have the
necessary permissions. The reason for this is so that said updates,
etc. can happen under a controlled environment with regard to
exception handling, data consistency which cannot be enforced at the
engine level, etc.
--
Bob Hairgrove
No**********@Ho me.com
Nov 12 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1744
Bound parameters failure (SQLBindParameter) using ODBC
by: Bj?rn Terje Svennes | last post by:
Using SQLBindParameter, I bind buffers to a prepared statement. Next time this statement is used I just replace the values in the buffer (not calling SQLBindParameter). This works fine when used within the same method. But the use of this statement can happen from several places in my code. When calling the statement a second time, the...
Microsoft SQL Server
6
5096
How to use parameter markers for "for bit data" columns?
by: alederer | last post by:
Hallo! I have a table tstest(ts char(13) for bit data constraint a unique). This column is filled in a trigger with generate_unique(). In a application (CLI), I have the values of this column as timestamp representation: e.g.: select timestamp(ts) from tstest 1
DB2 Database
0
2535
How to use SQLBindParameter for double or float datatype
by: alederer | last post by:
Hallo! I have a problem using SQLBindParameter for columns of datatype DOUBLE or REAL. e.g. I have an insert statement where i wan't to insert the value 100.10 into a DOUBLE column. For the source type of SQLBindParameter I need to use SQL_C_CHAR. What type does I need to set ParameterType, I have tried SQL_VARCHAR and SQL_DOUBLE with...
DB2 Database
1
2044
UDB 7.2 fp9, dynamic-sql plans with parameter-markers
by: Mike | last post by:
Envirnoment is UDB 7.2 fp9 on AIX. I'm familiar with using "dynexpln" for quickly comparing access plans for directly executable queries. dynexpln docs suggest it cannot work with sql that contains parameter markers. But, when there is no Control-centre (i.e. text only access via korn-shell, no x-windows), how can I use db2 on aix...
DB2 Database
2
2615
how to get parameter value from dynamic select statement ?
by: t2581 | last post by:
Hi, running DB2 UDB 7.2 F.P 12 on WIndows Developers debug old application and need to get value passed to db2 by application I run db2cli trace and event monitor and both cases I get SELECT T1.* FROM
DB2 Database
1
8816
Error 07002 SQLBindParameter not used for all parameters
by: Mikey G | last post by:
Hi, I created a simple VB.NET 2003 application through Visual Studio that connects to a MySQL database and loads a table into a Dataset, and then displays that table information in a DataGrid on a form for editing. The table fill works fine, the delete function works fine, but when I try to update a row, the application fails with the...
Visual Basic .NET
1
1991
Parameter.Add need help - not understanding
by: Vaelek | last post by:
Hello, I'm somewhat new to DB programming and have a question. I am now taking over an application that a previous programmer had written and he had made use of the Parameter.Add function for DB2 comman objects. This is what is trying to be done: An sql statement is created that uses ? as value markers. This value is passed into a function...
DB2 Database
7
7189
Parameter markers in LIKE clause
by: =?ISO-8859-2?Q?Gregor_Kova=E8?= | last post by:
Hi! Is it possible to use parameter markers like this: 1.) SELECT * FROM TABLE1 WHERE FIELD1 LIKE '%?%' If I now set parameter 1 to '' (empty string) I don't get any rows back, but if I run: 2.) SELECT * FROM TABLE1 WHERE FIELD1 LIKE '%%' I get back data I expect.
DB2 Database
2
3549
Filter Factors when using Parameter markers?
by: PaulR | last post by:
Hi, (DB2 LUW v8.2) When using parameter markers how does the optimizer evaluate filter factors? - and is it able to make use of distribution stats. for parm. markers? The reason I ask, is we have heavily skewed data in places and we need
DB2 Database
0
7673
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
General
0
7893
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
C / C++
0
8109
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
Online Marketing
0
7953
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
General
0
6263
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
Career Advice
1
5485
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
Microsoft Access / VBA
0
5213
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
C# / C Sharp
0
3643
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
Networking - Hardware / Configuration
0
3626
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us