Class

MySQLPreparedStatement

---

Description

Used to create a PreparedSQLStatement for a MySQL Database.

Methods

Name	Parameters	Returns	Shared
Bind	zeroBasedParam As Integer, value As Variant
BindType	zeroBasedIndex As Integer, type As Integer
ExecuteSQL	ParamArray bindValues() As Variant
SelectSQL	ParamArray bindValues() As Variant	RowSet

Method descriptions

---

MySQLPreparedStatement.Bind

Bind(zeroBasedParam As Integer, value As Variant)

Binds a value and its type for the prepared statement.

Use Database.Prepare to set up the bind.

This example creates a SQLite prepared statement to retrieve data from a Customers table. It then displays the data in a Listbox:

Var stmt As SQLitePreparedStatement

// note in a prepared statement you DO NOT put in the quotes
stmt = SQLitePreparedStatement(db.Prepare("SELECT * FROM Customers WHERE FirstName like ? "))

// have to tell sqlite what types the items being bound are so it does the right thing
stmt.BindType(0, SQLitePreparedStatement.SQLITE_TEXT)
stmt.Bind(0, TextField1.Text)

// perform the search
Var rs As RowSet = stmt.SQLSelect

ListBox1.RemoveAllRows
ListBox1.ColumnCount = rs.ColumnCount
ListBox1.HasHeader = True

Var hasHeadings As Boolean

While rs.AfterLastRow <> True
  ListBox1.AddRow("")

  For i As Integer = 0 To rs.ColumnCount-1
    If Not hasHeadings Then ListBox1.HeaderAt(i) = rs.ColumnAt(i+1).Name
    ListBox1.CellTextAt(ListBox1.LastAddedRowIndex, i) = rs.ColumnAt(i+1).StringValue
  Next

  rs.MoveToNextRow
  hasHeadings = True
Wend

---

MySQLPreparedStatement.BindType

BindType(zeroBasedIndex As Integer, type As Integer)

Specify types for multiple bind values. Each Database plug-in will have its own values.

---

MySQLPreparedStatement.ExecuteSQL

ExecuteSQL(ParamArray bindValues() As Variant)

Same as SelectSQL but does not return a result set. Executes and returns the result set of the prepared statement.

BindValues is optional and is intended for convenience only. If bindValues is not empty, ExecuteSQL will use the passed in values instead of the ones specified by calling Bind.

---

MySQLPreparedStatement.SelectSQL

SelectSQL(ParamArray bindValues() As Variant) As RowSet

Executes and returns the result set of the prepared statement.

The bindValues parameter is optional and is intended for convenience only. If bindValues is not empty SelectSQL will use the passed in values instead of the ones specified by calling Bind.

Interfaces

MySQLPreparedStatement implements the PreparedSQLStatement interface.

Notes

Note

The use of the prepared statement classes is rare because Database.SelectSQL and Database.ExecuteSQL utilize them automatically. See PreparedSQLStatement for information on cases where using prepared statement classes is appropriate.

MySQL uses the "?" character as the parameter indicator in the prepared statement, i.e. "SELECT * FROM Persons WHERE Name = ?".

You must bind the type of the parameters using BindType.

These are the constants to use with the BindType method:

Constant
MYSQL_TYPE_BLOB
MYSQL_TYPE_DATE
MYSQL_TYPE_DATETIME
MYSQL_TYPE_DOUBLE
MYSQL_TYPE_FLOAT
MYSQL_TYPE_LONG
MYSQL_TYPE_LONGLONG
MYSQL_TYPE_NULL
MYSQL_TYPE_SHORT
MYSQL_TYPE_STRING
MYSQL_TYPE_TIME
MYSQL_TYPE_TIMESTAMP
MYSQL_TYPE_TINY

If you add a MySQL database directly to your project, then you need to cast the result of the call to Database.Prepare to the MySQLCommunityServer class. If you do not cast you will get a NilObjectException when you try to use it (refer to the example below).

Sample code

The following sample connects to a MySQL database, adds a table and populates it. It then uses a Prepared Statement to query the table and get a RowSet.

Var db As New MySQLCommunityServer
db.Host = "127.0.0.0"
db.Username = "admin"
db.Password = "admin"

If Not db.Connect Then Return

db.SQLExecute("CREATE TABLE Persons (Name, Age)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 20)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 21)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 22)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 20)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 21)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 22)")
db.SQLExecute("COMMIT")

Var ps As PreparedSQLStatement = _
  db.Prepare("SELECT * FROM Persons WHERE Name = ? AND Age >= ?")

ps.BindType(0, MySQLPreparedStatement.MYSQL_TYPE_STRING)
ps.BindType(1, MySQLPreparedStatement.MYSQL_TYPE_LONG)
ps.Bind(0, "john")
ps.Bind(1, 20)

Var rs As RecordSet = ps.SQLSelect
If db.Error Then
  MessageBox(db.ErrorMessage)
Else
  While Not rs.EOF
    MessageBox("Name: " + rs.Field("Name").StringValue + _
      " Age: " + rs.Field("Age").StringValue)
    rs.MoveNext
  Wend
End If

---

This code passes the values to bind using the SQLSelect method rather than calling the Bind method:

Var db As New MySQLCommunityServer
db.Host = "127.0.0.0"
db.Username = "admin"
db.Password = "admin"

If Not db.Connect Then Return

db.SQLExecute("CREATE TABLE Persons (Name, Age)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 20)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 21)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 22)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 20)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 21)")
db.SQLExecute("INSERT INTO Persons (Name, Age) VALUES ('john', 22)")
db.SQLExecute("COMMIT")

Var ps As PreparedSQLStatement = _
  db.Prepare("SELECT * FROM Persons WHERE Name = ? AND Age >= ?")

ps.BindType(0, MySQLPreparedStatement.MYSQL_TYPE_STRING)
ps.BindType(1, MySQLPreparedStatement.MYSQL_TYPE_LONG)

Var rs As RecordSet = ps.SQLSelect("john", 20)
If db.Error Then
  MessageBox(db.ErrorMessage)
  Return
Else
  While Not rs.EOF
    MessageBox("Name: " + rs.Field("Name").StringValue + _
      " Age: " + rs.Field("Age").StringValue)
    rs.MoveNext
  Wend
End If

---

This code uses and reuses a Prepared Statement for the Insert:

Var db As New MySQLCommunityServer
db.Host = "127.0.0.0"
db.Username = "admin"
db.Password = "admin"

If Not db.Connect Then Return

db.SQLExecute("CREATE TABLE Persons(Name, Age)")

Var ps As PreparedSQLStatement = _
  db.Prepare("INSERT INTO Persons (Name, Age) VALUES (?, ?)")

ps.BindType(0, MySQLPreparedStatement.MYSQL_TYPE_STRING)
ps.BindType(1, MySQLPreparedStatement.MYSQL_TYPE_LONG)

ps.SQLExecute("john", 20)
ps.SQLExecute("john", 21)
ps.SQLExecute("john", 22)
ps.SQLExecute("john", 20)
ps.SQLExecute("john", 21)
ps.SQLExecute("john", 22)
db.SQLExecute("COMMIT")

ps = db.Prepare("SELECT * FROM Persons WHERE Name = ? AND Age >= ?")
ps.BindType(0, MySQLPreparedStatement.MYSQL_TYPE_STRING)
ps.BindType(1, MySQLPreparedStatement.MYSQL_TYPE_LONG)

Var rs As RecordSet = ps.SQLSelect("john", 20)
If db.Error Then
  MessageBox(db.ErrorMessage)
  Return
Else
  While Not rs.EOF
    MessageBox("Name: " + rs.Field("Name").StringValue + _
      " Age: " + rs.Field("Age").StringValue)
    rs.MoveNext
  Wend
End If

---

This code uses a MySQL Database that was added to the project, so it has to cast the result from db.Prepare.

Var ps As MySQLPreparedStatement
ps = MySQLPreparedStatement(CustomerDB.Prepare("SELECT * FROM Persons WHERE Name = ? AND Age >= ?"))
ps.Bind(0, "John")
ps.BindType(0, MySQLPreparedStatement.MYSQL_TYPE_STRING)
ps.Bind(1, 20)
ps.BindType(1, MySQLPreparedStatement.MYSQL_TYPE_LONG)

Var rs As RecordSet = ps.SQLSelect

Compatibility

All project types on all supported operating systems.

See also

Object parent class; Database, MySQLCommunityServer, PreparedSQLStatement