Due to recent updates, all users are required to create an Altair One account to login to the RapidMiner community. Click the Register button to create your account using the same email that you have previously used to login to the RapidMiner community. This will ensure that any previously created content will be synced to your Altair One account. Once you login, you will be asked to provide a username that identifies you to other Community users. Email us at Community with questions.

Passing parameter to mysql stored procedure for Read Database

chakravarthy_rachakravarthy_ra Member Posts: 6 Contributor II
edited February 2020 in Help

I have following statement in the Build SQL query , for 'Read Database' operator, which gives result.

 

call tatvam_opms.volume_change(@customer_id_in=null);

How do i make that input into a prepared statement ? So user can key in 'null' or some other value ?

(null)

 

Best Answers

  • chakravarthy_rachakravarthy_ra Member Posts: 6 Contributor II
    Solution Accepted

    Ok so i created a macro with variable as customer_id_in. Then refrenced this in the SP execution as SPName(%{customer_id_in}).

     

    It worked. Thanks

  • Edin_KlapicEdin_Klapic Employee, RMResearcher, Member Posts: 299 RM Data Scientist
    Solution Accepted

    Hi @chakravarthy_ra,

     

    In order to prevent SQL injection I propose to check prepare statement in the Read Database Operator.

    Then you can select a list of parameters (i.e. the values) you want to use in Read Database (see screenshot).

    Afterwards you need to replace the macro in the SQL statement with a question mark (?).

     

    Best,

    Edin

     

    image.png

     

     

     

Sign In or Register to comment.