cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
JMP Wish List

We want to hear your ideas for improving JMP software.

  1. Search: Please search for an existing idea first before submitting a new idea.
  2. Submit: Post your new idea using the Suggest an Idea button. Please submit one actionable idea per post rather than a single post with multiple ideas.
  3. Kudo & Comment Kudo ideas you like, and comment to add to an idea.
  4. Subscribe: Follow the status of ideas you like. Refer to status definitions to understand where an idea is in its lifecycle. (You are automatically subscribed to ideas you've submitted or commented on.)

We consider several factors when looking for what ideas to add to JMP. This includes what will have the greatest benefit to our customers based on scope, needs and current resources. Product ideas help us decide what features to work on next. Additionally, we often look to ideas for inspiration on how to add value to developments already in our pipeline or enhancements to new or existing features.

Choose Language Hide Translation Bar
0 Kudos

Provide a mechanism for parameterized SQL queries

Status: New Submitted by on ‎11-03-2021 01:11 PM
Comment

ODBC libraries typically provide the ability to create parameterized queries that pass the query and parameters to the database separately.  This basically eliminates the risk of SQL injection attacks, but is also very convenient from a programming standpoint.  Because JMP has ODBC queries, it should also have parameterized queries so that you can do:

 

Execute SQL(database, 
    "Select * from Employees where Name like ? and Status=?",
    "BobList", 
    {"Bob", "Active"}
);

pyodbc's parameterized queries:

https://github.com/mkleehammer/pyodbc/wiki/Getting-started#parameters

 

The .NET ecosystem's parameterized queries:

https://docs.microsoft.com/en-us/dotnet/api/system.data.odbc.odbccommand.parameters?redirectedfrom=M...