All
Accepted answers
Joel Solon · Mar 17 go to post

Ash is correct! I prefer to explain it slightly differently. I don't consider SQL injection as a "problem" with Dynamic SQL because you should simply never concatenate user input into a query (using IRIS or any other platform). Always use placeholders which eliminates the risk. And the other 2 SQL options (Embedded SQL and Class Queries) accept input via host variables like :minAge. All automatically sanitize the input.
One further clarification: years ago, it's true that Dynamic SQL was the only one of the 3 options that was compiled at runtime; the other two were compiled at class compile time. But since Runtime Plan Choice (v2021.2), queries with input parameters in the WHERE clause (as discussed in this post) are compiled at runtime, whether you use Dynamic, Embedded, or Class Queries.

Joel Solon · Mar 4 go to post

I get it now. The values for the p3 and p4 properties are invalid JSON. I think of the () around values as enabling us to embed ObjectScript inside JSON.

set myObject = { "p1":"abcd", "p2":true, "p3":(value), "p4":(sum+2) }
<- ObjScript -><-------------------- JSON----><ISOS-><-JSON><-ISOS><JSON>
Joel Solon · Mar 4 go to post

What do you mean by "the last two properties (p3, p4) are invalid JSON properties"? If you set the referenced variables, and add the required parentheses, it works, right?


USER>set value = 2, sum = 3
USER>set myObject = { "p1":"abcd", "p2":true, "p3":(value), "p4":(sum+2) }
USER>zw myObject
myObject={"p1":"abcd","p2":true,"p3":2,"p4":5} ;
Joel Solon · Feb 6 go to post

Nice article to blow my mind on a Friday!
Should the OnNew() methods be %OnNew()?
Shouldn't this:
Property myClassAccessObject = "";
Be this?
Property myClassAccessObject as MyClass;
 

Joel Solon · Feb 4 go to post

Without him, there wouldn't be Epic. Here's a quote I found...
An interesting historical connection links these early EHR systems to modern EHR giants. Judy Faulkner, future EPIC CEO, encountered MUMPS through Warner Slack MD, who had moved from Wisconsin to Beth Israel in Boston. Dr. Slack connected with Neil Pappalardo, co-developer of MUMPS and co-founder of Meditech. Through these relationships, Faulkner met Pappalardo and adopted MUMPS technology. As she later reflected, "I thought MUMPS was a good thing, and we took it on here at Epic."
And a detailed version of the above story is near the top of the long story about Epic's history here: https://www.acquired.fm/episodes/epic-systems-mychart

Joel Solon · Feb 3 go to post

and by "always" Tim means: "in some cases with a only little bit of work, but sometimes with a large amount of work"

Right, Tim?

Joel Solon · Jan 29 go to post

Nice article! Do you know if the Queues page in the Portal has been updated for this feature? Would someone monitoring a production be able to understand why the top message in the ER_Router queue is getting bypassed in favor of later messages? Could that person see the FIFO Group Identifier for a message?

Joel Solon · Jan 13 go to post

Thanks for the clarification, Julian. So despite the fact that I don't have any problem with @Robert Barbiaux's rules, my rules would be:

  1. Use #dim only when necessary for code completion, maybe even with a generic comment explaining that that's the reason, for newer developers. The cases I know of are:
    • Julian's case, where a method returns a particular object and the method's signature doesn't specify the exact class (it probably specifies a generic superclass, or the method doesn't exist yet.
    • The exception variable within a catch block.
  2. Since I'd use #dim sparingly, I would probably put the #dim right above the variable it applies to.
  3. No inline assignment.
Joel Solon · Jan 8 go to post

I clarified what I meant by "confusing" in my post. Maybe "useless" would have been better.

Joel Solon · Dec 30, 2025 go to post

VS Code sees the signature of EmployeeSearch() and knows that Employee is a DM.Employee, so you'll get code completion automatically here also.

Joel Solon · Dec 29, 2025 go to post

I'm still not a big fan of #dim. It was useful for code completion in Studio. But it hasn't been necessary for code completion in VS Code for a while. Check this post from last year for more details. Perhaps code clarity is the only remaining reason to use it, to help developers who are used to declaring variables in other languages (like Python type hints).

My main reason for discouraging its use is that it makes it seem like it's necessary to declare variables in ObjectScript, which it isn't. There is no variable declaration in ObjectScript, as you can read at the top of the documentation that @Vachan C Rannore cited. He is not the first developer to write something like this: "#DIM declares the variable and it's Data Type at COMPILE TIME." #dim causes confusion for developers.

As @Evgeny Shvarov says, the compiler skips #dim. But as the examples prove (thanks @Vitaliy Serdtsev), the compiler doesn't skip #dim that includes variable assignment, which it helpfully changes into Set statements. More confusion...

The first example looks a little weird because it uses #dim but doesn't include "as datatype".

#dim a,b,##class(Sample.Person).%New()

Why use #dim syntax that supposedly declares something, and then avoid declaring anything? Confusing. The compiler just changes it into this standard Set syntax. Just use the Set syntax in the first place.

set (a,b,c) ##class(Sample.Person).%New()

For the second example, I admit that it's slightly useful to get 3 different objects with a single statement. I never knew about this. The compiler turns this #dim statement into 3 separate Set statements, so it does save some typing.

set a ##class(Sample.Person).%New(), b ##class(Sample.Person).%New(), c ##class(Sample.Person).%New()

Some developers will like this "insider trick." But I think using an obscure non-command instead of just calling %New() 3 times for this one special case is not worth it. Just use Set statements.

By the way, what do you think this statement does? Note the %OpenId(20) at the end instead of %New(). 

#dim a,b,As Sample.Person ##class(Sample.Person).%OpenId(20)

Confusing. The addition of "As Sample.Person" has no effect when used with %OpenId(). How about this statement?

#dim a,b,As Sample.Company ##class(Sample.Person).%New()

Do you get 3 companies or 3 persons? Does it try to "cast" persons as companies? Do you get an error at compile time or run time? Would it work if Sample.Company extends Sample.Person? More confusion... The addition of "As Sample.Company" has the same effect as "As Sample.Person" or "As Bla.bla" would. No casting, no error, inheritance doesn't matter. You just get 3 new persons.

Joel Solon · Dec 22, 2025 go to post

Nice post. I just want to point out that "handle them carefully" does not mean "check your indexes every day to make sure they're in sync with the database. It does not mean "make sure you run %BuildIndices() on a regular basis to make sure the indexes are in sync with the database." Applications, old or new, ensure that any updates to the data (insert, update, delete) are automatically reflected in the indexes.
"Handle them carefully" does mean, as Karthick points out:

  • If you're running a query and you're not seeing data that you know is there, investigate whether the index is up to date. You can exclude the index like this: WHERE %NOINDEX Age = 26. If the missing records appear, you know that the index probably needs to be rebuilt. It would be good to investigate why the index got out of date, but that may be difficult. Which is why...
  • ...rarely if ever manipulate the index globals directly, like this: "we accidentally deleted two entries from the index structure (not from the main table)."
Joel Solon · Sep 15, 2025 go to post

COS? Creative ObjectScript? Comforting ObjectScript? Conventional ObjectScript? Contemplative ObjectScript? 😁🤣

Joel Solon · Sep 15, 2025 go to post

@David Hockenbroch What about setting that variable (say tlevel) equal to the $TLEVEL at the start of the Try, and then in the Catch, only if $TLEVEL = (tlevel +1) (meaning only your TSTART happened), do a TROLLBACK 1? Because if $TLEVEL is >= 2 more than tlevel, it means that your Try called a method that started its own transaction and didn't correctly commit it or roll it back, and perhaps that method called another method that did the same thing, etc. I think coping with that in your Catch is not really your code's job. Do you concur?

Joel Solon · Jul 7, 2025 go to post

I don't use docker compose. I just use a shell script and the docker command. I pass

--hostname ABC123

which shows up at the top left of the Portal (server ABC123).

I think that would be hostname: ABC123 in a docker compose file.

Joel Solon · Jun 30, 2025 go to post

One quick answer is a helper ObjectScript class with a wrapper classmethod for each macro. If the helper class can inherit from the class that provides the macros (for example: CustomPackage.TestCase extends %UnitTest.TestCase) then you can replace $$$Macro(args) with self.Macro(args). Otherwise, your helper class must include the INC file that defines the macros, and other classes can call the class methods directly: iris.CustomPackage.HelperClass.Macro(args).

Joel Solon · Jun 16, 2025 go to post

Suggestion: Since IRIS is the flagship product for 5+ years, calling the programming language "Caché ObjectScript" doesn't make much sense anymore. "ObjectScript" is enough.

Joel Solon · Jun 6, 2025 go to post

I'd use LIKE and OR directly in the query. If there are more than 2-3 comparisons (which would make something like InLike() useful), I'd write a class method that uses Dynamic SQL to add an OR for each comparison to the final WHERE clause.

Joel Solon · May 2, 2025 go to post

Are you asking this out of curiosity? Or is there another reason for the question? How would you like to use $this?

Joel Solon · May 2, 2025 go to post

Clarification: you can't use * alone as a global mapping. If you want NS1 to get all of its globals from DB1, then the "Default database for globals" field should be DB1. You can then add mappings for certain globals (using * at the end if you want) to additional databases.


(changing your question a little) If you add a mapping B* to DB1, and a mapping of BA* to DB2, BA* mapping takes precedence.

Joel Solon · Apr 7, 2025 go to post

Can also be used as #include inside a method (applies only to that method)

Joel Solon · Mar 12, 2025 go to post

...and it makes sense that using $listbuild to add at the end would be better than the other two options, which are general purpose ("find the position in the list and put something there").

Joel Solon · Feb 10, 2025 go to post

As @Yaron Munz and @Alexander Koblov correctly pointed out, you can use Embedded SQL or Dynamic SQL. You can also use Class Queries.

Using Embedded SQL, host variables in IRIS (:varname) can be inputs or outputs, just like host variables in SQL Server and Oracle, but without any DECLARE statement. Host variables used as inputs are automatically sanitized. Examples:

WHERE amount > :var1
INSERT INTO ... VALUES (:var1, :var2, :var3)
SELECT ... INTO :var1, :var2 FROM ...

Dynamic SQL allows ? placeholders for inputs only instead of host variables, also automatically sanitized. Examples:

WHERE amount > ?
INSERT INTO ... VALUES (?, ?, ?)

Dynamic SQL returns output values in the result set object it returns, which you can access and copy into variables. Examples:

set resultSet = ##class(%SQL.Statement).%ExecDirect(, sql, values for any placeholders)
while resultSet.%Next() {
    set var1 = resultSet.column1
    set var2= resultSet.column2
}

Class queries use host variables (:varname) for inputs (like Embedded SQL), and return output values in the result set object (like Dynamic SQL).

Joel Solon · Jan 10, 2025 go to post

I think the other commenters clarified it all, but I thought I'd add a little more.

Try this variant, with the variable x intentionally undefined.

write (1=0) && (x = 0)
0

Since 1=0 is 0, you don't get an <UNDEFINED> for x, since the right-hand (x=0) expression is ignored, and the entire statement is 0. Now try this:

write 1=0 && x=0
1

which, as @Roger Merchberger showed, is really

write (((1=0) && x) = 0)

Since 1=0 is 0, you again don't get an <UNDEFINED> for x, since the x expression (only) is ignored, and the ((1=0) && x) expression is 0. Finally, 0=0 is 1.

Joel Solon · Nov 15, 2024 go to post

Thanks for the thoughts! To clarify, I was primarily asking about where to install IRIS itself. Within the context of that question, it's always good to include information about directories for the other important stuff, such as Journals and databases, so thanks for that.

Joel Solon · Nov 11, 2024 go to post

Thanks for posting this Joel! I've been wondering about this for a while too! 🤣