Entering content frame

 Dynamic SQL Statements with Parameters 

Use

You can set parameters for dynamic SQL statements, so that any values unknown during the programming phase can be exchanged between the application program and the database instance.

Procedure

...

1.       Replace the values that need to be exchanged with the placeholder ? in the statement.

2.       Use the PREPARE statement to prepare the dynamic SQL statement for execution, and assign it a statement name.

3.       Execute the dynamic SQL statement with the EXECUTE statement or OPEN CURSOR statement.
Use the USING clause to assign values to the previously unknown parameters at runtime, for example, from a program variable of your choice. This does not have to be a host variable.
You can execute a prepared SQL statement as often as you want, specifying new values as parameters each time.

If, during the programming phase, you do not know the table columns addressed by a dynamic SQL statement, and, therefore, the required parameters, then also use a descriptor.

EXEC SQL BEGIN DECLARE SECTION;

int hno;

char name[16];

float price;

char cmd[100];

char *stmt;

EXEC SQL END DECLARE SECTION;

strcpy (cmd, "INSERT (INTO???) hotel VALUES(10, 'Excelsior', \
79000, 'Atlanta', 135.00)");

EXEC SQL PREPARE STMT1 FROM :cmd;

EXEC SQL EXECUTE STMT1;

hno = 10;

strcpy (cmd, "SELECT name, price INTO ?, ? \
FROM hotel WHERE hno=?");

stmt = "STMT2";

EXEC SQL PREPARE :stmt FROM :cmd;

EXEC SQL EXECUTE :stmt USING :name, :price, :hno;

 

Leaving content frame