Wiki source code of Datenbank (SQL Statement)
Show last authors
author | version | line-number | content |
---|---|---|---|
1 | {{figure image="sql_en.png" width="300" clear="h1"/}} | ||
2 | |||
3 | Actions of type //Database query// allow you to write custom SQL queries and execute them against a database. The database connection must have been setup in the [[database connection menu>>Formcycle.UserInterface.Data.DBConnections]]. The SQL statement may contain [[variables>>Formcycle.UserInterface.Variables]]. | ||
4 | |||
5 | == Options | ||
6 | |||
7 | ; Statement | ||
8 | : The SQL statement to be executed. | ||
9 | |||
10 | == Note == | ||
11 | |||
12 | |||
13 | The statement will be executed as a so called //prepared statement//, which prevents SQL injection attacks. You do not need to use simple quotation marks ({{code language="none"}}'{{/code}}). | ||
14 | |||
15 | (% style="color: rgb(56, 118, 29);" %)**Correct** | ||
16 | |||
17 | {{code language="sql"}} | ||
18 | insert into test_tabelle (firstName, lastName) values ([%tfFirstName%], [%tfLastName%]) | ||
19 | {{/code}} | ||
20 | |||
21 | (% style="color: rgb(204, 0, 0);" %)**Wrong** | ||
22 | |||
23 | {{code language="sql"}} | ||
24 | insert into test_tabelle (firstName, lastName) values ('[%tfFirstName%]', '[%tfLastName%]') | ||
25 | {{/code}} |