Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
TEXTMERGE with variables
Message
 
To
05/07/2011 05:37:54
Victor Chignes
Inteliventas
Peru
General information
Forum:
Visual FoxPro
Category:
Coding, syntax & commands
Title:
Re: TEXTMERGE with variables
Miscellaneous
Thread ID:
01517278
Message ID:
01517500
Views:
97
Likes (1)
While sergey's concept works, it's not a good idea to embed strings in this way.

You're opening yourself up to SQL injection and there are all sorts of issues with strings being embedded that way: You have to handle quotes properly, you can't have a string literal longer than 255 characters.

Why not use:
qp1 = "Lima"
Sql = "Select * from customer where city =  ?qp1"
? Sql
which is both faster and safer.

+++ Rick ---

>Hello.
>
>I'm trying to create a end user query generator. For that I need to let the user enter variables and then select statements using those variables.
>
>After that I have to create the final select statement.
>
>So far I have this:
>
>qp1 = "Lima"
>Sql = "Select * from customer where city =  '<<qp1>>' "
>TEXT TO lcSQL NOSHOW TEXTMERGE
>  <<Sqlt>>
>ENDTEXT
>?    lcSQL
>
> I was hoping to obtain "Select * from customer where city = 'Lima' " but I get
Select * from customer where city =  '<<qp1>>'
instead.
>
>Any help or equivalent approach?
+++ Rick ---

West Wind Technologies
Maui, Hawaii

west-wind.com/
West Wind Message Board
Rick's Web Log
Markdown Monster
---
Making waves on the Web

Where do you want to surf today?
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform