 |  LoginProducts  SalesSupportDownloadsAbout |
| Home » Technical Support » ElevateDB Technical Support » Product Manuals » ElevateDB Version 2 Manual for RAD Studio 10.1 (C++ MacOS32) » Using ElevateDB » Parameterized Queries |
Parameterized QueriesParameters allow the same SQL statement to be used with different data values, and are placeholders for those data values. At runtime, the application prepares the query with the parameters and fills the parameter with a value before the query is executed. When the query is executed, the data values assigned to the parameters are substituted for the parameter placeholder and the SQL statement is executed.
Specifying Parameters in SQL
Parameter markers can be used in SQL SELECT, INSERT, UPDATE, and DELETE statements in place of constants. Parameters are identified by a preceding colon (:). For example:
Parameters are used to pass data values to be used in WHERE clause comparisons and as update values in updating SQL statements such as UPDATE or INSERT. Parameters cannot be used to pass values for Identifiers. The following example uses the TotalParam parameter to pass the data value that needs to be assigned to the ItemsTotal column for the row with the OrderNo column equal to 1014:
Populating Parameters with the TEDBQuery Component
You can use the TEDBQuery Params property to populate the parameters in an SQL statement with data values. You may use two different methods of populating parameters using the Params property:
• By referencing each parameter by its index position in the available list of parameters
• By reference each parameter by name using the ParamByName method
The following is an example of using the index positions of the parameters to populate the data values for an INSERT SQL statement:
The next block of code is an example of using the TEDBQuery ParamByName method in order to populate the data values for a SELECT SQL statement:
Preparing Parameterized Queries
It is usually recommended that you manually prepare parameterized queries that you intend to execute many times with different parameter values. This can result in significant performance improvements since the process of preparing a query can be time-consuming. The following is an example of inserting 3 rows with different values using a manually-prepared, parameterized query:
Specifying Parameters in SQL
Parameter markers can be used in SQL SELECT, INSERT, UPDATE, and DELETE statements in place of constants. Parameters are identified by a preceding colon (:). For example:
SELECT Last_Name, First_Name FROM Customer WHERE (Last_Name=:LName) AND (First_Name=:FName)
Parameters are used to pass data values to be used in WHERE clause comparisons and as update values in updating SQL statements such as UPDATE or INSERT. Parameters cannot be used to pass values for Identifiers. The following example uses the TotalParam parameter to pass the data value that needs to be assigned to the ItemsTotal column for the row with the OrderNo column equal to 1014:
UPDATE Orders SET ItemsTotal = :TotalParam WHERE (OrderNo = 1014)
Populating Parameters with the TEDBQuery Component
You can use the TEDBQuery Params property to populate the parameters in an SQL statement with data values. You may use two different methods of populating parameters using the Params property:
• By referencing each parameter by its index position in the available list of parameters
• By reference each parameter by name using the ParamByName method
The following is an example of using the index positions of the parameters to populate the data values for an INSERT SQL statement:
{
MyQuery->SQL->Clear();
MyQuery->SQL->Add("INSERT INTO Country (Name, Capital, Population)");
MyQuery->SQL->Add("VALUES (:Name, :Capital, :Population)");
MyQuery->Params[0]->AsString="Lichtenstein";
MyQuery->Params[1]->AsString="Vaduz";
MyQuery->Params[2]->AsInteger=420000;
MyQuery->ExecSQL();
}The next block of code is an example of using the TEDBQuery ParamByName method in order to populate the data values for a SELECT SQL statement:
{
MyQuery->SQL->Clear();
MyQuery->SQL->Add("SELECT *");
MyQuery->SQL->Add("FROM Orders");
MyQuery->SQL->Add("WHERE CustID = :CustID");
MyQuery->ParamByName("CustID")->AsFloat=1221;
MyQuery->Open();
end;Preparing Parameterized Queries
It is usually recommended that you manually prepare parameterized queries that you intend to execute many times with different parameter values. This can result in significant performance improvements since the process of preparing a query can be time-consuming. The following is an example of inserting 3 rows with different values using a manually-prepared, parameterized query:
{
MyQuery->SQL->Clear();
MyQuery->SQL.Add("INSERT INTO Customer (CustNo, Company");
MyQuery->SQL.Add("VALUES (:CustNo, :Company)");
// Manually prepare the query
MyQuery->Prepare();
MyQuery->ParamByName("CustNo")->AsInteger=1000;
MyQuery->ParamByName("Company")->AsString="Chocolates, Inc.";
MyQuery->ExecSQL();
MyQuery->ParamByName("CustNo")->AsInteger=2000;
MyQuery->ParamByName("Company")->AsString="Flowers, Inc.";
MyQuery->ExecSQL();
MyQuery->ParamByName("CustNo")->AsInteger=3000;
MyQuery->ParamByName("Company")->AsString="Candies, Inc.";
MyQuery->ExecSQL();
}
More Support Options
This web page was last updated on Thursday, November 16, 2023 at 10:39 AM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ?  E-mail us at info@elevatesoft.com |
