Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.

Tip of the Day
Language: SQL
Expertise: Beginner
Jun 3, 1997



Application Security Testing: An Integral Part of DevOps

Programming techniques: EXEC SQL and bind variables

I am having a problem with EXEC SQL. When I use the following code:

DIM var1 AS Integer
DIM var2 AS Integer
DIM var3 AS Integer
DIM sSQL AS String
sSQL = "SELECT 1, 2, 3 from :var1, :var2, :var3 from systable.dual"

it does not work. If I use the string directly after the EXEC SQL, everything is fine. What gives?

There isn't any problem with EXEC SQL. It can take a string variable, but when it does, it does no further parsing on the content of the string. This means that it interprets the ':var1' references as data rather than bind variable indicators.

It's easy to handle this situation once you are aware of it. All you have to do is to change the code so that you build a literal string in your variable, like this:

sSQL = "SELECT 1, 2, 3 from " & var1 & ", " & var2 & ", " & var3 & " from systable.dual"


This should work fine.

DevX Pro
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date