Availability
This routine is available starting with katl-commons 1.0, changed in 2.5.8.
Syntax
sql(datasourceName, sqlstring, [...])
Description
Executes the SQL phrase over the defined datasource. For selects returning multiple rows, it concatenates the values (i.e. you select 2 values and the select returns 4 rows, you will have 2*4 = 8 values). For updates, it returns the update count.Parameters
Parameter name | Type | Required | Description |
---|---|---|---|
datasourceName | string | yes | The datasource name or JNDI name. For JIRA database, this is set to "jdbc/JiraDS" by default |
sqlstring | string | yes | the SQL string |
Starting with katl-commons 2.5.8, the routine accepts multiple parameters, in this case the sql statement being pushed as prepared into the database (check the second example below for right syntax). The old syntax is still functional too.
Returns
string []
Example
Example 1
string [] results = sql("datasourceName", "select project_id from project_lookaside where project_code='" + project + "'"); //Note: this example is open to SQL injection if 'project' is not the standard issue project (derived) but a variable supplied by user. Take care.
Example 2
string [] results = sql("datasourceName", "select project_id from project_lookaside where project_code=?", project); //this is better. No sql injection possible.
Example 3
It is tedious to iterate over a result in its flat form. The better way is to do it like this:
struct Person { string fName; string lName; number age; } Person [] results = sql("datasourceName", "SELECT fName, lName, age FROM person WHERE group_member = 'Y'"); //checks to see if there are results there are skipped for brevity, but //now you can iterate over and use the dot notation, and 'age' is really a number. string firstResult = results[0].fName + " " + results[0].lName + " " + results[0].age;
Notes
To see how you should configure the data source, check the corresponding configuration chapter: SQL Data Sources.
See also