Executes an SQL query on a database. The function returns the number of rows affected by the executed query. With this function, you can execute any SQL query or command supported by the SQL database. If it returns some data (as for SELECT query), the data is ignored.
This function is a blocking function and should not be called from a foreground task.
Queries which are built on the basis of user data, for example inputed by users via graphics pages or forms, may be prone to SQL Injection attacks. In such case, try to limit the risk by using CiCode functions from parameterized queries group and refer to a professional advice in this matter.
|
NOTICE |
|
SECURITY BREACH VIA SQL INJECTION - Validate all textbox entries using validation controls, regular expressions and code Failure to follow these instructions can result in equipment damage. |
Syntax
SQLCall(hGeneral, sSelect)
hGeneral:
The handle either to the DB connection object (returned from either SQLCreate() or SQLConnect() function) or to the query handle (returned from SQLQueryCreate()). When it is the connection handle and sSelect is an empty string, the operation is performed on the first query in that DB connection object. When it is the query handle, the operation is performed on that query through the DB object which is associated to it.
sSelect:
The SQL query to be sent to the SQL database.
Return Value
The number of affected records or -1 if an error is detected. (For details call the SQLErrMsg() function). The presence of error code can be tested by calling the IsError() CiCode function.
Related Functions
SQLCreate, SQLOpen, SQLClose, SQLDispose, SQLConnect, SQLDisconnect, SQLInfo, SQLSet, SQLAppend, SQLExec, SQLGetRecordset, SQLCall, SQLGetScalar, SQLEnd
See Also
Published June 2018