Excel Add-In for SendGrid

Executing Parameterized Queries

Parameterized queries can be reused and mitigate SQL injection attacks. You can execute SELECT and other SQL data manipulation statements as parameterized queries. Parameterized queries take arrays as input.

Example: Searching SendGrid

The following example macro executes a parameterized search: When you run the macro, you are prompted to enter a search value.

Sub DoSelectParams()
  On Error GoTo Error
  pId = InputBox("Id:", "Get Id")
  If pId = False Then
    Exit Sub
  End If
  Dim module As New ExcelComModule
  module.SetProviderName ("SendGrid")
  Cursor = Application.Cursor
  Application.Cursor = xlWait
  Dim nameArray
  nameArray = Array("IdParam")
  Dim valueArray
  valueArray = Array(pId)
  Query = "SELECT Title, Subject FROM MarketingCampaigns WHERE Id = @IdParam"
  module.SetConnectionString ("APIKey=abc123;")
  If module.Select(Query, nameArray, valueArray) Then
    Dim ColumnCount As Integer
    ColumnCount = module.GetColumnCount
    For Count = 0 To ColumnCount - 1
      Application.ActiveSheet.Cells(1, Count + 1).Value = module.GetColumnName(Count)

    Dim RowIndex As Integer
    RowIndex = 2
    While (Not module.EOF)
      For columnIndex = 0 To ColumnCount - 1
        If Conversion.CInt(module.GetColumnType(columnIndex)) = Conversion.CInt(vbDate) And Not IsNull(module.GetValue(columnIndex)) Then
          Application.ActiveSheet.Cells(RowIndex, columnIndex + 1).Value = Conversion.CDate(module.GetValue(columnIndex))
          Application.ActiveSheet.Cells(RowIndex, columnIndex + 1).Value = module.GetValue(columnIndex)
        End If
      RowIndex = RowIndex + 1
    MsgBox "The SELECT query was successful."
    MsgBox "The SELECT query failed."
  End If
  Application.Cursor = Cursor
  Exit Sub
    MsgBox "ERROR: " & Err.Description
    Application.Cursor = Cursor
  End Sub

