ARTICLE
DDL and DML Statements
The CL_SQL_STATEMENT class provides
the following instance methods for executing DDL
and DML statements;
EXECUTE_DDL
EXECUTE_UPDATE
The first method is for DDL statements such as CREATE ,
DROP , or ALTER , whereas the second method is for the
DML statements INSERT , UPDATE , and DELETE .
Both methods have an obligatory input parameter STATEMENT of type
string that must be passed to a syntactically correct SQL
statement. The method EXECUTE_UPDATE also has a return value,
ROWS_PROCESSED , that returns the number of table rows processed.
In DML statements, values passed to the database system can be
given parameters using the placeholder ? . When the statement is
executed, compatible ABAP Objects must be bound to these parameters.
This binding is made using the following methods of the class
CL_SQL_STATEMENT , which expect a reference to an elementary,
structured, or table-like data object and can be used as an alternative:
SET_PARAM
Before the SQL statement is executed, this method must be called
exactly once for each placeholder ? . The order of the calls
determines the assignment of the elementary data objects to the
placeholders from left to right.
SET_PARAM_STRUCT
Before the SQL statement is executed, this method must be called
exactly once. The components of the structure are bound to the
placeholders from left to right. The structure must contain appropriate
components for the number and type of the placeholders.
SET_PARAM_TABLE
This method is appropriate only for the modifying SQL statements
INSERT , UPDATE , and DELETE . It must be called
exactly once before the SQL statement is executed. As with a
structure, the components of the internal table are bound to the
placeholders from left to right. The Native SQL interface
converts the content of the table rows to appropriate bulk accesses,
such as bulk inserts or bulk deletes.
After all SQL statements are executed, the binding is removed.
Notes
The two methods EXECUTE_DDL and EXECUTE_UPDATE are
technically different only in that EXECUTE_UPDATE returns the
number of rows processed. However, for reasons of readability of the
program it is advisable to only use the methods as intended.
A data reference to an indicator variable of the predefined type
INT2 in ABAP Dictionary can be passed to the optional input parameter
IND_REF of the method SET_PARAM . If the value of this
indicator variable is -1, the value 0 of a parameter on the database is
converted to a null value.
For security reasons, it is better to define the parameters of a DML
statement using the placeholder ? rather than chaining
dynamic content. This is also a way of preventing
SQL injections . If the statement
only contains static content from the program and dynamic content from
outside the program is possible only in operand positions (using
placeholders), the statement cannot be modified from outside.
Examples
See
ADBC, DDL, and DML
ADBC, Parameter Binding
ADBC, Bulk Access
Documentation extract taken from SAP system, � Copyright SAP AG. All rights reserved