Re: Bind variable use in C++ SQL Calls

Mon, 24 Mar 2003 07:25:50 -0800

What is the type of your pDatabase class?  If it is an ODBC database container, you should use the bind variable facility of ODBC, where you use a question-mark as your placeholder.  Hence, in stead of assembling the SQL statement using printf like formating, you merely put a number of ?'s in there as in

  select * from avamas where ava_nodeid = ? and ava_wkday = ? and ...

The ?'s are subsequently bound to program variables using the bind routines of ODBC.  (I actaully don't know the ODBC API).

If your pDatabase class is not (derived from) ODBC, I presume it is something of your own, that most likely is implemented using Oracle Call Interface, OCI.  If that is the case, you need to augment your pDatabase class with calls to the various bind routines of ODBC, and you need to change your code to use standard style placeholders with : in stead of the ODBC-style ?, as in:

    select * from avamas where ava_nodeid = :1 and ava_wkday = :2 and ..

/Bjørn.


Karen Morton wrote:
All,

I've got an application that does not use bind variables.  The code is written 
in Microsoft Visual C++.  I have no background with C++ and need some help in 
telling the developers how to use bind variables in their code (they don't 
know and aren't sure how to find out).  I pulled the following examples out of 
the code for different ways they execute SQL.  If anyone can assist with 
specific examples on how to rewrite this to use bind variables, it would be 
immensely helpful.

Thanks,
Karen Morton



Samples
---------------------------------------
Mystring.Format("SELECT AVA_SERIAL FROM avamas \
    WHERE  ava_tabname = 'sys_node' \
    AND    ava_nodeid  =  %-d  \
    AND    ava_wkday   =  %-d  \
    AND    ava_sdate   =  %s \
    AND    ava_stime   = '%-s'",

    cAvalObject->cItemSerial, m_weekday, ConvertDateToODBCStr (pDatabase, 
m_sdatetime), m_schartime);

    rSpanRecord.Open (CRecordset::forwardOnly, cSpanSelect);

    if (rSpanRecord.IsEOF () == 0)
    {   rSpanRecord.GetFieldValue ("AVA_SERIAL", vCDBVariant);

        m_serial = atol (ObjectConvert (&vCDBVariant));

        vCDBVariant.Clear ();
    }

    rSpanRecord.Close ();
----------------------------------------------------                
CSysNumSet SysnumSet(pDatabase);
SysnumSet.m_TableParam = strFile; 
SysnumSet.m_strFilter = "myid = 1234 and yourmom = 'NICE'"
        
SysnumSet.Open();
        
if (SysnumSet.IsOpen())
   lNewSysNo = SysnumSet.m_file_identity;
else
   lNewSysNo = 0;
----------------------------------------------------

strSQL.Format("UPDATE sys_file WITH (ROWLOCK) SET file_identity = 
file_identity + 1 WHERE file_table = '%s' ",  strFile);
                
pDatabase->ExecuteSQL(strSQL);

--
Bjørn Engsig, Miracle A/S
Member of Oak Table Network
[EMAIL PROTECTED] - http://MiracleAS.dk

Reply via email to