Devart Forums

We have a situation where we want to insert SQL-queries into a table, for execution later on.

We have a table called "future_queries", which has two columns "sqlquery" (text) and "executetime" (datetime).

We insert data into this table using this code;

SQL.Text := 'INSERT INTO future_queries (sqlquery, executetime) VALUES (:sqlquery, :executetime)';
ParamByName('sqlquery').AsString := SQLQuery;
ParamByName('executetime').AsDateTime := Now + 1;
Execute;

The problem is that we need to have the data in SQLQuery string to be prepared somehow, since the query sometime can hold binary data etc, the data must be escaped the way that the provider expects it to be.

We would need something like this;

q.SQL.Text := 'INSERT INTO whatevertable (filename, data) VALUES (:filename, :data)';
q.ParamByName('filename').AsString := 'test.xml';
q.ParamByName('data').ReadFromStream(filestream);
SQLQuery := q.PreparsedQuery;

That is, to make the UniDAC to do all parsing of the parameters, but not execute the query, just return it as a string.

Is this possible somehow? This would also be a nice feature to have when logging the "real" query, instead of logging the query before it was parsed.

Regards,

Peter Olsson

Most UniDAC providers send the parameter values separately from a SQL statement.

Parameter values are inserted into SQL only in the MySQL provider or in the PostgreSQL provider (if you set the UnpreparedExecute PostgreSQL-specific option to True).

Please specify whether you are using this code with MySQL. Anyway it is responsibility of the provider to escape the parameter values. You should not do this manually.

Yes, I understand this. What I'm trying to do is to make prepared statements for later execution, so I'd just need to call the escape_string-procedures manually.

But if this is handled by the driver itself, I understand it will probably cause some problems..

/Peter