SAP NetWeaver AS ABAP Release 740, ©Copyright 2014 SAP AG. All rights reserved.
ABAP Keyword Documentation →
ABAP − Reference →
Processing External Data →
ABAP Database Accesses →
Native SQL →
ADBC - ABAP Database Connectivity →
CL_SQL_STATEMENT - Execution of SQL Statements →
DDL and DML Statements
The CL_SQL_STATEMENT class provides the following instance methods for executing
DDL and DML statements;
The first method is for DDL statements such as CREATE, DROP,
or ALTER, whereas the second method is for the DML statements INSERT, UPDATE, and DELETE.
Both methods have an obligatory input parameter STATEMENT of type string
that must be passed to a syntactically correct SQL statement. The method EXECUTE_UPDATE also has a return value, ROWS_PROCESSED, that returns the number of table rows processed.
In DML statements, values passed to the database system can be given parameters using the placeholder
?. When the statement is executed, compatible ABAP Objects must be bound
to these parameters. This binding is made using the following methods of the class CL_SQL_STATEMENT, which expect a reference to an elementary, structured, or table-like data object and can be used as an alternative:
-
Before the SQL statement is executed, this method must be called exactly once for each placeholder
?. The order of the calls determines the assignment of the elementary data objects to the placeholders from left to right.
-
Before the SQL statement is executed, this method must be called exactly once. The components of the
structure are bound to the placeholders from left to right. The structure must contain appropriate components for the number and type of the placeholders.
-
This method is appropriate only for the modifying SQL statements INSERT,
UPDATE, and DELETE. It must be called exactly
once before the SQL statement is executed. As with a structure, the components of the internal table
are bound to the placeholders from left to right. The Native SQL interface converts the content of the table rows to appropriate bulk accesses, such as bulk inserts or bulk deletes.
After all SQL statements are executed, the binding is removed.
Notes
- The two methods EXECUTE_DDL and EXECUTE_UPDATE are technically different only in that EXECUTE_UPDATE
returns the number of rows processed. However, for reasons of readability of the program it is advisable to only use the methods as intended.
- A data reference to an indicator variable of the predefined type INT2 in ABAP Dictionary can be
passed to the optional input parameter IND_REF of the method SET_PARAM. If the value of this indicator variable is -1, the value 0 of a parameter on the database is converted to a null value.
- For security reasons, it is better to define the parameters of a DML statement using the placeholder ? rather than chaining dynamic content. This is also a way of preventing
SQL injections. If the
statement only contains static content from the program and dynamic content from outside the program is possible only in operand positions (using placeholders), the statement cannot be modified from outside.
Examples
See