| title | description | author | ms.author | ms.date | ms.service | ms.subservice | ms.topic | helpviewer_keywords | |||
|---|---|---|---|---|---|---|---|---|---|---|---|
SQL Statements Entered by the User |
SQL Statements Entered by the User |
David-Engel |
davidengel |
01/19/2017 |
sql |
connectivity |
conceptual |
|
Applications that perform ad hoc analysis also commonly allow the user to enter SQL statements directly. For example:
SQLCHAR * Statement, SqlState[6], Msg[SQL_MAX_MESSAGE_LENGTH];
SQLSMALLINT i, MsgLen;
SQLINTEGER NativeError;
SQLRETURN rc1, rc2;
// Prompt user for SQL statement.
GetSQLStatement(Statement);
// Execute the statement directly. Because it will be executed only once,
// do not prepare it.
rc1 = SQLExecDirect(hstmt, Statement, SQL_NTS);
// Process any errors or returned information.
if ((rc1 == SQL_ERROR) || rc1 == SQL_SUCCESS_WITH_INFO) {
i = 1;
while ((rc2 = SQLGetDiagRec(SQL_HANDLE_STMT, hstmt, i, SqlState, &NativeError,
Msg, sizeof(Msg), &MsgLen)) != SQL_NO_DATA) {
DisplayError(SqlState, NativeError, Msg, MsgLen);
i++;
}
}
This approach simplifies application coding; the application relies on the user to build the SQL statement and on the data source to check the statement's validity. Because it's difficult to write a graphical user interface that adequately exposes the intricacies of SQL, simply asking the user to enter the SQL statement text may be a preferable alternative. However, this requires the user to know not only SQL but also the schema of the data source being queried. Some applications provide a graphical user interface by which the user can create a basic SQL statement and also provide a text interface with which the user can modify it.