MSSQL not reading Statistic lables

When I use a statistic label in my query it does not work. When I type what should be returned by the statistic label it does work. I want the query to be 'dynamic'. So typing is no good. Any advise on the fix welcome.

What I get:

What I want:



In the first instance, instead of Preview mode, click Save and Run and see what happens....

What does {{statistic3.label}} actually render as? Is it a column or a selectedLabel?

Thanks, @ScottR

Save and Run doesn't seem to help. {{statistic3.lable}} renders as a string "Externalwalls" I want to pull this column from my 'Cost' table in my database

What is the result of

Does it contain all of those elements on the x axis and the values of the y axis?

maybe - though I don't know your data set you might want to run the query using

Would really need more info to try and test this...

Thanks, Scott.

It doesn't. The result is "".

Could this be the problem?

Hey @thomasatkinson!

By default, all of our SQL queries are converted to prepared statements to prevent SQL injection, meaning that table/database names and SQL functions aren't able to be defined using a string created dynamically. The main reason we currently convert all statements into prepared statements, is so that users can't enter malicious syntax (like DROP TABLE) into the variable fields.

You can disable this setting in the resource setup, but keep in mind the potential of submitting dangerous SQL through any of the variables referenced in a query. Disabling prepared statements can also break other existing queries. If that's something you'd like to explore, I often recommend setting up another copy of a resource with that setting enabled to help limit the surface area that you have to keep in mind SQL injection for.

Thanks, @Kenny - that's great. I'll set up a copy and try that.