I'm trying to use the trigger_start_time variable in the query as the 2nd parameter to a function of lookup activity.
How can I do this?
2 Answers
Please try @concat('select schema.fn_up_watermark(',Parameter_name,',',variable_name, ') from dual') in add dynamic content.
I just make this example with the query you provide me. You could test that not use the parameter and variable to check where missing the right parentheses.
Now, I'm glad to hear the issue is resolved now.
1 Comment
PhilHibbs
How do you protect against injection attacks? Does ADF have a quote_literal or quote_ident function to wrap values safely?
You can do away with the variable and simply write:
select schema.fn_up_watermark('@{item().table_name}','@{pipeline().TriggerTime}') from dual
assuming both parameters are string.
You could still do SQL injection if you can affect the outer lookup that feeds this ForEach block - you could sanitise the table_names on entering this loop possibly.
concat()to build the query. What's the whole query statements? Where did want to put the variable TriggerTime?@concat('select schema.fn_up_watermark(',Parameter_name,',',variable_name, ') from dual')in add dynamic content .