The following code example shows how to bind parameters to create parameterized statements.

Binding Parameters

Use the SQLBindParameter function to bind the specified parameter position to the specified variable. Note that the parameter order starts at 1.

Example

The following example executes a parameterized SELECT and iterates over the results. You can use SQLExecDirect to execute any parameterized statement.

  SQLHENV henv;
  SQLHDBC hdbc;
  SQLHSTMT hstmt;
  char sListId[30] = {0};
  SQLLEN cbsListId = 0;
  char param[30] = {0};
  strcpy(param, "500000-1111111111");
  SQLLEN cbParam = SQL_NTS;
  if (SQLAllocHandle(SQL_HANDLE_ENV, 0 ,&henv) == SQL_SUCCESS) {
    SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (void*)SQL_OV_ODBC3, 0); 
    if (SQLAllocHandle(SQL_HANDLE_DBC, henv ,&hdbc) == SQL_SUCCESS) {
      if (SQLConnect(hdbc, "CData QuickBooksPOS Source", SQL_NTS, 0, 0, 0, 0) == SQL_SUCCESS) {
        if (SQLAllocHandle(SQL_HANDLE_STMT, hdbc ,&hstmt) == SQL_SUCCESS) {
          SQLBindParameter(hstmt, 1, SQL_PARAM_INPUT, SQL_C_CHAR, SQL_CHAR, 100, 0, (SQLPOINTER)param, 30, &cbParam);
          if (SQLExecDirect(hstmt, "SELECT ListId FROM Customers WHERE LastName = ?", SQL_NTS) == SQL_SUCCESS) {
            while(SQLFetch(hstmt) == SQL_SUCCESS) {
              if (SQLGetData(hstmt, 1, SQL_C_CHAR, (SQLPOINTER)sListId, 255, &cbsListId) == SQL_SUCCESS) {
                printf("ListId: %s\n", sListId);
              }
            }
          }
          SQLFreeHandle(SQL_HANDLE_STMT, hstmt);
        }
        SQLDisconnect(hdbc);
      }
      SQLFreeHandle(SQL_HANDLE_DBC, hdbc);
    }
    SQLFreeHandle(SQL_HANDLE_ENV, henv);
  }