Execute statements with input parameters
An input parameter is a placeholder in an SQL statement that indicates that the actual value is provided at run time. You cannot list a host-variable name in the text of a dynamic SQL statement because the database server knows nothing about variables declared in the application. Instead, you can indicate an input parameter with a question mark (?), which serves as a placeholder, anywhere within a statement where an expression is valid. You cannot use an input parameter to represent an identifier such as a database name, a table name, or a column name.
- Your program must use a question mark (?) as a placeholder in
the text of the statement to indicate where to expect an input parameter.
For example, the following DELETE statement contains two input parameters:
EXEC SQL prepare dlt_stmt from 'delete from orders where customer_num = ? \ and order_date > ?';
The first input parameter is defined for the value of the customer_num column and the second for the value of the order_date column.
- Your program must specify the value for the input parameter when
the statement executes with the USING clause. To execute the DELETE
statement in the previous step, you can use the following statement:
EXEC SQL execute dlt_stmt using :cust_num, :ord_date;
- For a non-SELECT statement (such as UPDATE, INSERT, DELETE, or EXECUTE PROCEDURE) with input parameters, the EXECUTE...USING statement executes the statement and provides input parameter values.
- For a SELECT statement associated with a cursor or for a cursor function (EXECUTE FUNCTION), the OPEN...USING statement executes the statement and provides input parameter values.
- For a singleton SELECT statement or for a noncursor function (EXECUTE FUNCTION), the EXECUTE...INTO...USING statement executes the statement and provides input parameter values.