The following code example shows how to bind parameters to create parameterized statements.

Single-Use Statements

The query method accepts an additional array parameter for binding query parameters to values.

db.open("...", (err) => {
     db.query(
        "SELECT AccountId, Name FROM AdAccounts WHERE Name = ?",
        ["Act Name"],
        (err, rows, moreRows) => {
        for (var i = 0; i < rows.length; i++) {
            console.log("AccountId = " + rows["AccountId"]);
            console.log("Name = " + rows["Name"]);
        }

        if (!moreRows) {
            console.log("All rows have been processed");
        }
    });
});

Reusable Statements

The prepare method creates prepared ODBCStatement objects, which can be re-used across multiple execute and executeNonQuery calls.

When you execute an ODBCStatement, your callback receives an ODBCResult object which is used to fetch results. It can be used to fetch all results at once into an array, or it can fetch rows one at a time.

db.open("...", (err) => {
    db.prepare(
        "SELECT AccountId, Name FROM AdAccounts WHERE Name = ?",
        (err, stmt) => {
        function printData(result, done) {
            result.fetch((err, row) => {
                if (row === null) done();

                console.log("AccountId = " + row["AccountId"]);
                console.log("Name = " + row["Name"]);
                printData(result);
            }
        }

        stmt.executeQuery("Act Name 1", (err, result) => {
            printData(result, () => {
                stmt.executeQuery("Act Name 2", (err, result) => {
                    printData(result);
                });
            });
        });
    });
});