Re: Pass Complex Parameters | Your Suggestion Please
The best way to do this is to build the query dynamically, only adding where clauses for each element supplied by the user.
You would still use parameters for each user-supplied value, to prevent SQL Injection Attacks.
You might be able to do it purely in the query, but it would involve the use of 'OR's (to use the given value or not) which might very well make the resulting query perform [very] badly.
Regards, Phill W.
Subject
Written By
Posted
Re: Pass Complex Parameters | Your Suggestion Please
April 18, 2023 08:32AM
Sorry, only registered users may post in this forum.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.