Skip to Content
Nov 10, 2016 at 08:07 PM

Is there a way to add parameters to a RecordSet.DoQuery() method?


In .NET, we have the Command object which allows to add command parameters. One of the benefits of this is that it removes the risk of SQL Injection.

I know that I can execute queries with the DIAPI via the DoQuery method but I am curious if there is a way to add parameters just like we do with the .NET object and avoid the need of concatenate strings.