Database Fundamentals

Calling a SQL stored procedure

It’s straightforward to use conn:execute{} to call a stored procedure.

How It Works

The only thing you need to be careful of is to make sure that values coming from external sources are properly escaped. We will use the conn:quote{} function to do this. The conn:quote{} function quotes all returned strings, so you must not add quotes around strings in SQL query text.

Other than this, all you have to do is join strings together to create the stored procedure call:

As you can see that that the embedded apostrophe (‘) character in LastName is correctly escaped.

Sample Code

You can load this sample project file:

Or you can use this sample_data.txt data file, and copy the Call a DB stored procedure code sample from our repository.

Leave A Comment?

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.