Re: Pass Complex Parameters | Your Suggestion Please
The best way to do this is to build the query dynamically, only adding where clauses for each element supplied by the user.
You would still use parameters for each user-supplied value, to prevent SQL Injection Attacks.
You might be able to do it purely in the query, but it would involve the use of 'OR's (to use the given value or not) which might very well make the resulting query perform [very] badly.
Regards, Phill W.
Subject
Written By
Posted
Re: Pass Complex Parameters | Your Suggestion Please
April 18, 2023 08:32AM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.