Passing parameter to mysql stored procedure for Read Database

chakravarthy_ra
chakravarthy_ra New Altair Community Member
edited November 2024 in Community Q&A

I have following statement in the Build SQL query , for 'Read Database' operator, which gives result.

 

call tatvam_opms.volume_change(@customer_id_in=null);

How do i make that input into a prepared statement ? So user can key in 'null' or some other value ?

(null)

 

Best Answers

  • chakravarthy_ra
    chakravarthy_ra New Altair Community Member
    Answer ✓

    Ok so i created a macro with variable as customer_id_in. Then refrenced this in the SP execution as SPName(%{customer_id_in}).

     

    It worked. Thanks

  • Edin_Klapic
    Edin_Klapic New Altair Community Member
    Answer ✓

    Hi @chakravarthy_ra,

     

    In order to prevent SQL injection I propose to check prepare statement in the Read Database Operator.

    Then you can select a list of parameters (i.e. the values) you want to use in Read Database (see screenshot).

    Afterwards you need to replace the macro in the SQL statement with a question mark (?).

     

    Best,

    Edin

     

    image.png

     

     

     

Answers

  • chakravarthy_ra
    chakravarthy_ra New Altair Community Member
    Answer ✓

    Ok so i created a macro with variable as customer_id_in. Then refrenced this in the SP execution as SPName(%{customer_id_in}).

     

    It worked. Thanks

  • Edin_Klapic
    Edin_Klapic New Altair Community Member
    Answer ✓

    Hi @chakravarthy_ra,

     

    In order to prevent SQL injection I propose to check prepare statement in the Read Database Operator.

    Then you can select a list of parameters (i.e. the values) you want to use in Read Database (see screenshot).

    Afterwards you need to replace the macro in the SQL statement with a question mark (?).

     

    Best,

    Edin

     

    image.png

     

     

     

Welcome!

It looks like you're new here. Sign in or register to get started.

Welcome!

It looks like you're new here. Sign in or register to get started.