Partilhar via


Statement.executeQuery(String) Method

Definition

Executes an SQL statement that returns an instance of the .

public:
 virtual Dynamics::AX::Application::ResultSet ^ executeQuery(System::String ^ _statement);
public virtual Dynamics.AX.Application.ResultSet executeQuery (string _statement);
abstract member executeQuery : string -> Dynamics.AX.Application.ResultSet
override this.executeQuery : string -> Dynamics.AX.Application.ResultSet
Public Overridable Function executeQuery (_statement As String) As ResultSet

Parameters

_statement
String

The string that contains the SQL statement that is used to retrieve the result set.

Returns

The object that contains the data returned from the query.

Remarks

If users control input to the executeQuery method, an SQL injection threat can occur. Therefore, this method runs under Code Access Security. Calls to this method on the server require permission from the . The following are safer alternatives for executing SQL statements:

  • Queries
  • Views
  • X++ select statements

Record level security is not enforced on the Statement class. If data is exposed to the user, perform explicit security validation.

The following example performs an SQL query on CustTable, which runs on the server. The result of the query is stored in the resultSet object.

server static void main(Args _args) 
{ 
    DictTable  dictTable; 
    Connection connection; 
    Statement  statement; 
    str        sql; 
    ResultSet  resultSet; 
    SqlStatementExecutePermission perm; 
    dictTable = new DictTable(tableNum(CustTable)); 
    if (dictTable != null) 
        { 
           connection = new Connection(); 
           sql = strfmt( "SELECT * FROM %1", dictTable.name(DbBackend::Sql) ); 
           perm = new SqlStatementExecutePermission(sql); 
           // Check for permission to use the statement. 
           perm.assert(); 
           statement = connection.createStatement(); 
           resultSet = statement.executeQuery(sql); 
           // End the scope of the assert call. 
           CodeAccessPermission::revertAssert(); 
        } 
}

Applies to