Thanks to everyone for their input /suggestions on this.
I definitely will put error checking into my program.
I did not do it at first because I wanted to see the errors. But as some of
you stated I will not see many of the errors from SQL as I normally would.
Also, I will know the data type of the field I am retrieving, so I think I
should be able to code accordingly to receive the value into a correct field
type (i.e. Alpha versus Numeric vs Binary etc. )
I hope I don't have to match the exact length, as long as the length of my
work field exceeds the length of the retrieved field??
I am going to try the suggestions I have so far and see where I get today
Thanks again
John
-----Original Message-----
From: rpg400-l-bounces@xxxxxxxxxxxx [mailto:rpg400-l-bounces@xxxxxxxxxxxx]
On Behalf Of Scott Klement
Sent: Thursday, November 12, 2009 7:55 PM
To: RPG programming on the IBM i / System i
Subject: Re: Looking for BASIC example of using embedded SQL for
retrievingfield value
I agree there's nothing wrong with using a cursor as needed, but... you
don't HAVE to use a cursor here. you could do this:
C eval W$SQLCmd = 'Values( Select '+ PARM5
C + ' from '+ PARM1
C + ' Where '+ PARM3 +'=?'
C + ') into ?';
C/Exec SQL Prepare MYSTMT from :W$SQLCmd
C/End-Exec
C/Exec SQL Execute MYSTMT Using :PARM4, :WRKFLD
C/End-Exec
Personally, trying to code this in fixed-format RPG causes my stomach to
churn :) But it should work without needing a cursor...
The danger of an SQL injection attack might be rather high if the
PARMxxx variables don't come from a trusted source, and you haven't
sanitized them.
rob@xxxxxxxxx wrote:
Just to repeat, you should check SQLSTT after every exec sql statement.
See my sample earlier.
Also, since you cannot do a 'select into' on a prepared statement you will
have to use a cursor.
midrange.com
