Hello Sergey,
the problem is that the string will not be converted to a list. So '01,02' is interpreted a one value and not as two separate values.
It would work if the query string would be directly added to the query statement instead of setting it with the setString method, but that would open a gap regarding SQL injections. So that is no real solution.
I tried a solution which splits up the string into the separate values stored in an array. For each entry the prepared statement is then executed. To avoid duplicate results in case the query parameter has duplicate values the duplicates are removed before the statement execution.
var search = $.request.parameters.get('query');
var query_values = search.split(",");
//remove duplicates
var query_values_wo_duplicates = [];
query_values.forEach(function(item) { if(query_values_wo_duplicates.indexOf(item) < 0) { query_values_wo_duplicates.push(item); }
});
var conn = $.db.getConnection();
var query = "SELECT C1, C2 FROM \"_SYS_BIC\".\"xxxtrial.misc.data::data.TEST1\" WHERE C2 IN (?)";
var pstmt = conn.prepareStatement(query);
var j = 0;
query_values_wo_duplicates.forEach(function(item){ pstmt.setString(1, item.toString()); var rs = pstmt.executeQuery(); while(rs.next()){ j++; } rs.close();
});
pstmt.close();
conn.close();
var result = "results: " + j;
$.response.setBody(result);
Best Regards,
Florian