...
For simple statements, this is recommended. Phixflow automatically converts this into a parameterized statement that ensures special characters are handled correctly and protects against SQL injection attacks.
In this case, the query sent to the database would be "select a,b,c from table where x=?" and the xValue variable would be sent as a query parameter.
...
| Argument | Type | Description |
|---|---|---|
| Statement | String | The SQL statement that is to be submitted including ? placeholders for Query Parameters. |
| Query Parameters | String | One or more Parameters, delimited by a comma, to be added to the Statement to replace the ? placeholders. Replacement is done in sequential order. |
...
You can also return a list of results, such as with a the list shown here:
| Code Block |
|---|
${
[
sql("update foo set (column = ?) where age > ?", in.newAge, in.age),
sql("update bar set (column = ?) where value > ?", in.newValue, in.value)
]
} |
...