Get Example source ABAP code based on a different SAP table
ARTICLE
ADBC - ABAP Database Connectivity ADBC is an API for the Native SQL interface of the AS ABAP that is based on ABAP Objects. The ADBC methods can be used to pass Native SQL statements to the database interface. The make it possible to
send database-specific SQL commands to a database system and process the result
establish and administer database connections. The ADBC classes all begin with the prefix CL_SQL_ or CX_SQL_ and are documented. The following paragraphs briefly introduce the most important classes.
CL_SQL_CONNECTION - Administration of Database Connections
CX_SQL_EXCEPTION - Exception Class
ABAP_PGL Using Open SQL
Notes
ADBC can always be used when access to a database using the Native SQL interface instead of the Open SQL interface is necessary.
ADBC does not support automatic client handling. The client ID of a database table must be specified explicitly. Note that application programs should only use data from the current client. In Multitenancy systems, this is checked by the ABAP runtime environment. (See also Cross-Client Database Access).
Alongside ADBC, it is also possible to embed Native SQL statically between EXEC SQL and ENDEXEC in ABAP programs. The recommendation, however, is to used ADBC.
While the static embedding of Native SQL offers exclusively static access to the Native SQL interface, ADBC makes modern object-orientated and dynamic access possible.
New developments and improvements, such as optimized performance using bulk access across internal tables, are now made only for ADBC. The existing static embedding of Native SQL statements is still supported but should no longer be used in new programs.
Security notes
ADBC is one of the dynamic programming techniques. ABAP Code Snippet If used wrongly, dynamic programming techniques can present a serious security risk. Any dynamic content that is passed to a program from the outside must be checked thoroughly or escaped before being used in dynamic statements. This can be done using the system class CL_ABAP_DYN_PRG or the predefined function escape. ABAP Code Snippet
To be sure of stopping SQL injections in ADBC, no parts of an SQL command that is not an operand position can come from outside of the program. Variable parts in operand positions can only be implemented using ? placeholders and the associated SET_PARAM methods, which in ADBC are not just possible in prepared statements, unlike in JDBC.
See also SQL Injections Using ADBC INTHINT Any utterance that prepared statements can prevent INTHINT SQL injections better than normal statements INTHINT is wrong in ADBC because placeholders ? are possible INTHINT in normal statements as well. In JDBC, they are only INTHINT possible in prepared statements.
Examples The program ADBC_DEMO demonstrates the most important ADBC methods. For examples from the ABAP example library, see ADBC Examples.
