When you’re working with data-bound fields, the SLX Provider handles names or other data with apostrophes—like “O’Reilly”—or fields with Null values in them, without you needing to worry about it.
If you’re doing explicit string SQL Inserts or Updates, however—or using fields that could have apostrophes/nulls in them in your WHERE clauses—you’re probably used to passing the field values through Replace functions, and either testing for Nulls or kludg-ily concatenating empty strings onto the end of each field.
If you use parameterized queries instead of SQL strings, you can go back to not worrying about stuff like that.
Sage actually uses exactly that method in the OTB “System:SLX Lead Support” script, but it’s full of a lot of other unrelated code. In bare-bones terms, parameterized queries in VBScript look like this:
Dim strCommand Dim objParams Dim objCmd Dim objRs ... Set objCmd = CreateObject("ADODB.Command") 'DNL Set objCmd.ActiveConnection = Application.GetNewConnection objCmd.CommandType = adCmdText objCmd.Prepared = True strCommand = "SELECT Lastname FROM Contact " _ & "WHERE AccountID = ? AND IsPrimary = ?" objCmd.CommandText = strCommand objCmd.Parameters.Refresh Set objParams = objCmd.Parameters objParams.Item(0).Value = strAccountID objParams.Item(1).Value = blnIsPrimary Set objRs = objCmd.Execute ... Set objRs = Nothing Set objParams = Nothing Set objCmd = Nothing
It works exactly the same way for Inserts and Updates, just (obviously) without the objRs recordset.
If you’re getting weird errors, the Very First Thing to check is that the number of question-marks in the command string is equal to the number of parameters you’ve added.
And if you’ve ever wondered, the “DNL” that you see all over the place in SalesLogix OTB code stands for “Do Not Localize”—i.e., for strings which are just used internally and cannot be translated into other languages without having hugely detrimental effects on the program, as opposed to UI strings which can/should be localized into the user’s preferred language.
So it’s not just some developer’s initials. 🙂