SetDatabaseString()

Syntax

SetDatabaseString(#Database, StatementIndex, Value$)
Description
Set a string as a bind variable for the next call to DatabaseQuery() or DatabaseUpdate().

Parameters

#Database The database to use.
StatementIndex The index of the bind variable within the statement. The first variable has index 0.
Value$ The value to use for the bind variable.

Return value

None.

Remarks

Bind variables make constructing statements with variable data easier, because there is no need to add the data into the string. The statement string can contain the placeholders and the data is bound before executing the statement. This method also avoids vulnerabilities due to possible SQL injection which can be done if data (such as strings) is directly inserted in the statement text. Since the statement only contains the placeholder, there is no danger.

See DatabaseQuery() and DatabaseUpdate() for examples how to specify bind variables in an SQL statement.

See Also

SetDatabaseLong(), SetDatabaseQuad(), SetDatabaseFloat(), SetDatabaseDouble() SetDatabaseBlob(), SetDatabaseNull(), DatabaseQuery(), DatabaseUpdate()

Supported OS

All

<- SetDatabaseQuad() - Database Index - UseODBCDatabase() ->