Parameterized queries are Structured Query Language (SQL) queries written for reusability. They contain parameter markers as placeholders for data that will change from execution to execution. The following is an example of a parameterized query:
INSERT INTO DMTABLE (Customer_ID, Customer_Name) VALUES (?, ?)
This example is usually used instead of multiple INSERT statements to increase performance. When using parameterized queries, the database only needs to parse the INSERT statement once and incur the associated processing costs once. The multiple rows of data to be inserted can than be handed over to the database in a binary format to be inserted. The data can be provided either as a whole or several rows at a time. Some of the databases that support this functionality are Oracle, DB2 UDB, Sybase Adaptive Server, Sybase IQ and SQL Server.
The Strategy Query Engine supports parameterized insert statements in several places. They can be used with bulk export, datamarts, multisourcing or (starting in 10.5) even to avoid SQL injection attacks with FFSQL reports using value prompts. The 'Use parameterized queries' setting can be enabled at the Database Connections level in Strategy Developer to facilitate usage of parameterized queries by the Query Engine.
Edit Database Instance > Click 'Modify' Database connection > go to 'Advanced' tab > Enable 'Use parameterized queries'
See the screenshot below:
