Building the SQL string

Hi, i stumbled over the following while developing my application. As we all know, it's not a good idea to do the following
String sql = "insert into mytable values ('";
sql += object.getStringValue1() + "','";
sql += object.getStringValue2() + "','";
// more...instead we should do it like this
StringBuffer sql = "insert into mytable values ('";
sql.append(object.getStringValue1()).append("',");
sql.append(object.getStringValue2()).append("',");
// more...If you agree so far, my question now: on how many appends is it worth the effort? I mean, it's clear to me, that i would use StringBuffer when appending many strings. But should i use StringBuffer to append two strings? Three strings?
Has anybody come up with some experience in this field?
Thanks in advance for your comments.
Markus

For me it's not worth the effort to do either of those things. Instead, I use this:String sql = "insert into mytable values (?,?,?,?,?)";
PreparedStatement ps = conn.prepareStatement(sql);and later in the program:ps.setString(1, object.getStringValue1());
ps.setString(2, object.getStringValue2());
// more...
ps.executeQuery();You only have to create the PreparedStatement once and you can reuse it as often as you like. Don't close it until you don't need to use it any more.

Similar Messages

Building an SQL string

Hi, I have run into a problem where i'm not sure how to start. I'm generating reports based on what criteria a user chooses. Here is a list of variables that are possible criteria.
String rep
String callType
String action String phone
String name
String startDate
String endDate
String endTime
String startTime
All the following variables are populated based on user input. The reports give information on calls taken by Internet HelpDesk staff. For example, lets say a manager wants to see "all calls that were created by a representative with the name of "ANDY" that was created on the date of 10/13/2001. This means that rep = "Andy"; and startDate = "10/13/2001;, and that all other variables are null or empty strings. After checking all variables, the SQL statment should look something like "SELECT (table fields) FROM (tables) WHERE Representative ='"+rep+"' and Date = '"+startDate+"'"
My problem is building that sql string because it can be so many different things. If all variables are null, Then there should be no 'WHERE' and no quotes anywhere just "SELECT (table fields) FROM (tables)" you see what i mean
I'm not sure what the best way to approch this is. I'm pretty sure i can do it with some crazy if statements but am also more sure that thats not the best way to do it.
Any suggestions on how to approch this?
Thanks in advance

I don't think you/anybody could find a better way to
do that because you have so many possible criteria.
How do you know you are more sure there is the "best
way" to do that? If you are sure, how to do that?
Never mind if you are not sure. :-)Thanks jrodi

Building the varchar string to return from a pl sql function

i'm new with pl/sql and i'm having trouble trying to build the string that i want to return from a function that is inside a package. it seems my problem stems from the fact that i'm trying to incorporate a variable (varchar2) into the string to be returned. below are two attempts that i've made which do not work:
function test_policy (p_schema_name IN varchar2, p_object_name IN varchar2) return varchar2 as
predicate_value varchar2(2000);
user_name varchar2(100);
begin
select first_name
into user_name
from employees
where first_name = SYS_CONTEXT('hr_app_context', 'username');
predicate_value := 'first_name = ' || user_name;
predicate_value := 'first_name = ' || '' || user_name || '';
return predicate_value;
end test_policy;
Can someone help me with the proper syntax to build my string for the return value? Thanks.

this function implements the code for a policy i've created. basically, the policy says that when i do a select on the employees table, i should only see a record whose first_name = sys_context('hr_app_context', 'username'). so, when i perform a simple select * from employees, i get an error which says policy predicate has error. i'm pretty sure the error is caused by how i'm building the return value for that function. if i hard code some return value like:
predicate_value := 'first_name = ''HR''' ;
the select statement above works fine, and i only see the record from employees where first_name = 'HR'

Condition Concatination with the SQL String

Hi Friends,
I am facing problem in concatinating the below sring
[ ','||:id1||',' like '%,'''||hou.name||''',%' ] in the below query in the place of [ hou.name =:id1 ]
My Query :
Declare
TYPE cur_typ IS REF CURSOR;
c cur_typ;
query_str VARCHAR2(4000);
v_part_num varchar2(40);
v_inventory_item_id number;
v_customer_name varchar2(30);
v_op_name varchar2(240);
begin
query_str := 'SELECT partno part_num ,
item_id inventory_item_id ,
customer customer_name ,
hou.name op_name
FROM hr_organization_units hou,
oe_transaction_types_all sot ,
ra_customers rc ,
ra_addresses_all ra ,
ra_site_uses_all rsu ,
oe_order_headers_all h ,
oe_order_lines_all l ,
pwr_sod50 ps
WHERE hou.name =:id1 -- in this place the string need to be concatinated
and ps.group_id = 9999999
AND hou.organization_id=h.org_id
AND ps.line_id =l.line_id
AND l.header_id =h.header_id
AND h.invoice_to_org_id=rsu.site_use_id
AND rsu.address_id =ra.address_id
AND ra.customer_id =rc.customer_id
AND h.order_type_id =sot.transaction_type_id
and rownum<5';
OPEN c FOR query_str using v_op_name;
loop
FETCH c INTO v_part_num,v_inventory_item_id,v_customer_name;
EXIT WHEN c%NOTFOUND;
dbms_output.put_line(v_part_num||','||v_inventory_item_id||','||v_customer_name||','||v_op_name);
end loop;
CLOSE c;
end;
Thanks In Advance!
Thanks & Regards
Ramya Nomula

Hi,
Code seems Ok, What is the error u get when you execute it?
Check Execute the SQL Query individually and look into it.
Check it with sample value to the string which to be concatenated in your code.
SET SERVEROUTPUT ON;
DECLARE
    TYPE cur_typ IS REF CURSOR;
    c cur_typ;
    query_str VARCHAR2(4000);
    v_part_num varchar2(40);
    v_inventory_item_id number;
    v_customer_name varchar2(30);
    v_op_name varchar2(240);
BEGIN
    query_str := '
    SELECT partno part_num ,
        item_id inventory_item_id ,
        customer customer_name ,
        hou.name op_name
    FROM hr_organization_units hou,
        oe_transaction_types_all sot ,
        ra_customers rc ,
        ra_addresses_all ra ,
        ra_site_uses_all rsu ,
        oe_order_headers_all h ,
        oe_order_lines_all l ,
        pwr_sod50 ps
    WHERE hou.name =:id1 -- in this place the string need to be concatinated
        and ps.group_id = 9999999
        AND hou.organization_id=h.org_id
        AND ps.line_id =l.line_id
        AND l.header_id =h.header_id
        AND h.invoice_to_org_id=rsu.site_use_id
        AND rsu.address_id =ra.address_id
        AND ra.customer_id =rc.customer_id
        AND h.order_type_id =sot.transaction_type_id
        and rownum<5';
    OPEN c FOR query_str USING v_op_name;
    LOOP
        FETCH c INTO v_part_num,v_inventory_item_id,v_customer_name;
        EXIT WHEN c%NOTFOUND;
        dbms_output.put_line(v_part_num||','||v_inventory_item_id||','||v_customer_name||','||v_op_name);
    END LOOP;
    CLOSE c;
END;Thanks,
Dharan V

Building SQL String ?

I am trying to build a SQL String and send it to the database...
this is how i am trying to form a query string
StringBuffer sBuff = new StringBuffer(250);
sBuff.append("old information")
sBuff.append("new history added twice");
String caseObjId = "2567034";
StringBuffer queryBuff = new StringBuffer(250);
queryBuff.append("UPDATE table_case ");
queryBuff.append("SET case_history =" + sBuff);
queryBuff.append("WHERE objid =" + caseObjId);
i am getting SQL Exception saying
com.sybase.jdbc2.jdbc.SybSQLException: Incorrect syntax near 'information'.
let me know what where i am doing mistake
thanks
KM

The previous posters are right on target for debugging your problem; if you printed out the query that's giving you problems, you would see:
UPDATE table_case
SET case_history =old informationnew history added twice
WHERE objid =2567034 and the problem then becomes obvious that the string/varchar data needs to be quoted.
That will fix your immediate problem.
However, since you are obviously a newbie, I'll tell you how to fix 2 or 3 more problems; don't use Statement, use PreparedStatement and bind your parameter values.
<rant>
First, when a database executes a SQL statement for the first time, it has to "parse" it. "parsing" is an awful like compiling in that it often takes 100 times longer or more to compile a bit of code than it does to execute it. A good database will check a cache of parsed SQL to see if it doesn't need to parse again, but it often relies on an exact match of the SQL. If you use Statement and change the value of case_history or objid, it's not an exact match. However, if you use PreparedStatements, your values aren't part of the SQL; therefore you get a lot more matches in the parse cache and the database saves a huge amount of work.
Second, when you build up SQL with embedded values like you're doing, you have to deal with any special characters appropriately; in particular the single quote character; for example, if you have a LAST_NAME column, you need to support the name "O'Conner"; the single-quote in the middle has to be recognized and properly escaped. This problem simply goes away with parameter bindings; the code and the data are widely seperated and there's no question where the boundary is.
Third, building up SQL in the way you did is the technique that causes a major security hole an poorly coded applications. Let's say you're building an e-commerce site that will keep customer credit card numbers on file (risky) and want a function to display credit card numbers given an account number (not really a good idea, but it illustrates the technique). You have code like:
StringBuffer queryBuff = new StringBuffer();
queryBuff.append("SELECT CC_FIRST_NAME, CC_LAST_NAME, CC_NUMBER, CC_EXP ");
queryBuff.append("FROM CARD_DATA);
queryBuff.append("WHERE account_number =" + acct_number);this will work just great when a user enters their account number of "1234567", and it will work just great (for the hacker) when the account number is entered as "1234567 or (CC_FIRST_NAME = 'Bill' and CC_LAST_NAME = 'Gates')"; the hacker's add-ons are treated as code, not data, and the e-commerce site spits up a customer's data to an authorized person. Again, parameter binding prevents this and add-ons get treated as part of the account number, probably generating a data-type error on the database. Obviously, you can validate the data to numerics in this example, but if you use PreparedStatement instead, you don't have to think, it takes care of itself.
</rant>

How to modify the pre generated SQL string in Db adapter

Hello All,
I am using a DB adapter to poll a database. So in the configuration of adapter, i have specified the option of logical delete, i want to update to a field PF as 'Y'. In my BPEL process, I want to update those records as 'Y' for their process_Completion field after i am done doing logic on those records.. Actually in the database adapter configuration, we get the SQL string right ?. So inorder to edit that SQL how should we go ahead ?
I mean i want to poll the database, i want to get like 1000 records for my BPEL Process Instance, and after all those 1000 gets processed and completed. Iwant to get the next 1000. So i want to write a query something like...
select seqid, id, field1, field2..... from STable a where a.PF = 'N' and exists(select 1 from STable b where b.seqid = a.seqid - 1 and b.PF = 'Y' and b.process_Completion = 'Y')
So, how to write my custom quesries while polling the database. cant we write custom quesries while we are doing Inbound operation with Dbadapter. Please help me with this thing.
Thanks,
N

Whenever you use a JCA DB Adapter in JDeveloper it creates an OR mapping xml that contains the select/polling query that you might have.
Below is an example of one such query. You can edit the sql here manually and redeploy your process.
<querying xsi:type="query-policy">
<queries>
<query name="DBConnSelect" xsi:type="read-all-query">
<call xsi:type="sql-call">
<sql>SELECT MESSAGE_ID,BU_ID,CREATED_BY FROM MESSAGE_BUFFER where BU_ID IN (3232,4747) and 3 > rownum</sql>
</call>
<reference-class>DBConn.MessageBuffer</reference-class>
<container xsi:type="list-container-policy">
<collection-type>java.util.Vector</collection-type>
</container>
</query>
</queries>
In case you need to add parameters to your query you should be able to do that as well while you are creating your DB Adapter.
Edited by: Arun Pareek on Jun 15, 2011 9:34 AM

SQL Strings in Where Clause - single quotes issue

All,
Im having issues related to SQL String literals when trying to deploy to flash. The complication works fine but I then get a message (see below) stating that a ; is missing. The SQL query and the iview runs fine when we use numeric values or do not apply a where clause on the table.
I am using Visual Composer that has been packaged with NW2004sSP7_Preview
VC & Flex Version: 645.7.0.3
The Error message is get is;
Error in executing a process for Flex compilation, Error 1033: ';' expected
(C:usrsapJ2EJC01j2eeclusterserver0GUIMachine_Business_Packagestest_48731FLEX_COMPILATION_FOLEDRAADCN.mxml:269)
Error 1205: The statement 'Test' is incomplete.
(C:usrsapJ2EJC01j2eeclusterserver0GUIMachine_Business_Packagestest_48731FLEX_COMPILATION_FOLEDRAADCN.mxml:269)
Failed to compile AADCN.mxml
When I goto the deployment file it has the below line;
<i>'<Request type="EXECUTE_RELATIONAL" system="BI_JDBC" system_type="SAP_BI_JDBC" maxrows="500" templateid="BIR_SQL"><Objects type="INPUT" shape="OBJ" role="INPUT"><Object type="INPUT_FIELD" id="SQL_STATEMENT" appName="SQL" mapped="0" value=""/></Objects><Objects type="OUTPUT" shape="SET" role="OUTPUT"><Object type="OUTPUT_FIELD" id="name" appName="name"/></Objects><Objects id="1" type="TEMPLATE_PARAMETER"><Object id="2" type="SQL" value="select name from pub.srcompany where name ='Test Company'"/></Objects></Request>';</i>
It seems that the parser for the flash deployment is prematurely finishing the parse when it hits the single quotation in the SQL string!
We had a similar error where if we had a carriage return in the SQL (e.g. between the from & the where clause) then the deployment parser was stating that the line finished prematurely. In the deployment file the carriage return forced a new line thus making the message incomplete. Removing the carriage return resolve that issue
The SQL Preview in the SQL Editor within VC works fine with the string literals in the where clause.
The functionality compiles & deploys in web dynpro however it does not return the results to the table
Questions
1:> Has anyone successfully used flash with string literals in the SQL where clause or had seen this issue in the past?
2:> Is there a setting to get the SQL working on Web dynpro for the information to be returned that I may have missed?
Any assistance would be greatly appreciated.
Best Regards,
Ian.

Hey,
I have worked with SQL Editor a lot. Here's a how to guide I put together on it:
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/6339e7d4-0a01-0010-1c98-db00e52e989a
Let me know if that helps...
Prakash

Build dynamic SQL query in Database Adapter.

Hi All,
I have a requirement to build dynamic sql query at Database Adapter.
My BPEL process is getting search spec as input from siebel. I need to process this searchspec in BPEL and need to build the SQL query dynamically at Database Adapter to fetch the records from DB.
it goes like this....
1. Sieble Search Spec: city1 OR city2 OR city3 OR city4 .....
I need to build query as
select * from S_ADDR_PER where city like 'city1' OR city like 'city2' OR city like 'city3' OR city like 'city4' ......
2. Siebel Search spec: city1 AND country1 AND state1....
I need to build query as
Select * from S_ADDR_PER where city like 'city1' AND country like 'country1' AND state like 'state1' ....
3. Siebel Search spec: state
I need to build query as
select * from S_ADDR_PER where state like '%state%';
Is it feasible in Database Adapter? if its Yes.
Any guidelines to achieve this?
Thank you
Chandra

Hi All,
I have a requirement to build dynamic sql query at Database Adapter.
My BPEL process is getting search spec as input from siebel. I need to process this searchspec in BPEL and need to build the SQL query dynamically at Database Adapter to fetch the records from DB.
it goes like this....
1. Sieble Search Spec: city1 OR city2 OR city3 OR city4 .....
I need to build query as
select * from S_ADDR_PER where city like 'city1' OR city like 'city2' OR city like 'city3' OR city like 'city4' ......
2. Siebel Search spec: city1 AND country1 AND state1....
I need to build query as
Select * from S_ADDR_PER where city like 'city1' AND country like 'country1' AND state like 'state1' ....
3. Siebel Search spec: state
I need to build query as
select * from S_ADDR_PER where state like '%state%';
Is it feasible in Database Adapter? if its Yes.
Any guidelines to achieve this?
Thank you
Chandra

Converting XML structure to SQL string

Hi,
how can I convert an existing XML structure into a SQL string? It's important to do this manually, because there are additional data necessary to complete the recordset.
The XML structure is:
<File>
<Recordset>
<Column>Data</Column>
</Recordset>
</File>
The additional data are 4 columns for each recordset to implement into the SQL string.
The SQL string should be something like
"INSERT INTO table (Add_Column, Column, Column, Column) VALUES (Add_Data, Data, Data, Data)"
If anyone has source code performing operations like that I'd be grateful 'cause I'm quite new to Java and have not the experience in such transform ops.

Which package includes xml sax?You can download it from,
http://java.sun.com/xml/download.html.
I can send you some sample pgms too, if you want.If you would, I'd be grateful.
Marko

I want Query from QueryDataSet by SQL string, Is it possible ??

if the sql string is :
"select * from QueryDataset1 " and store the results in another QueryDataSetRR
is it possible or not ?
What ara the alternatves of store the retrived data from database and store it in (??) instead querdataset1 and use these data again using SQL string ??
Regards,

Well, most SQL servers allow some kind of temporary table to be generated, and you can always load a table from the results of a select
INSERT results(f1, f2) SELECT f1, f2 FROM maindata WHERE .....
But most database systems also allow a subquery which allows you, amongst other things, to further refine a SELECT by taking FROM from a subquery rather than a table.

Can I "see" the query string built by PreparedStatement?

Hi all.
When using a PreparedStatement, is there a way to see the SQL String built by the class, that is the query that's going to be executed by the "executeQuery()"?
I'd need it for debugging reasons...
Any help will be very appreciated!!

http://www.javaworld.com/javaworld/jw-01-2002/jw-0125-
overpower.htmlThis works great , that's was I was looking for.
Thanks hermione!!
I can't but recommend it to everyone that want to accomplish the same.

How to make 3 similar fun's does generate different sql string in 1 db call

Hi All,
In my sql package I'm using 3 different functions to create two different sql strings and the 3rd function does some percentage calculations. My Db architect on code review suggest me that those two functions are almost the same except the sql string it does generate. So she asked me to write one function that does everything in one db call.
"_Function 1_"
FUNCTION get_class_select_text
     in_report_parameter_id IN NUMBER
RETURN VARCHAR2
IS
my_class_select_text VARCHAR2(10000);
my_class_select_value VARCHAR2(10000);
CURSOR class_select_text IS
     SELECT 'SUM(DECODE(bin_id, ' || report_parameters.report_parameter_value
                    || ', bin_value, 0)) "Class ' || report_parameters.report_parameter_value || '" '
FROM report_parameters
WHERE report_parameters.report_parameter_id = in_report_parameter_id
AND report_parameters.report_parameter_group = 'CLASS'
AND report_parameters.report_parameter_name = 'CLASS'
GROUP BY
report_parameters.report_parameter_value
ORDER BY
CAST(report_parameters.report_parameter_value AS NUMBER);
BEGIN
my_class_select_text := '';
OPEN class_select_text;
LOOP
FETCH class_select_text INTO my_class_select_value;
EXIT WHEN class_select_text%NOTFOUND;
my_class_select_text := my_class_select_text || ', ' || my_class_select_value;
END LOOP;
CLOSE class_select_text;
RETURN my_class_select_text;
END get_class_select_text;
FUNCTION 2:
FUNCTION get_class_sum_text
     in_report_parameter_id IN NUMBER
RETURN VARCHAR2
IS
my_class_sum_text VARCHAR2(10000);
my_class_sum_value VARCHAR2(10000);
CURSOR class_sum_text IS
     SELECT 'SUM(NVL("Class ' || report_parameters.report_parameter_value || '", 0)) "Class ' || report_parameters.report_parameter_value || '" '
FROM report_parameters
WHERE report_parameters.report_parameter_id = in_report_parameter_id
AND report_parameters.report_parameter_group = 'CLASS'
AND report_parameters.report_parameter_name = 'CLASS'
GROUP BY
report_parameters.report_parameter_value
ORDER BY
CAST(report_parameters.report_parameter_value AS NUMBER);
BEGIN
my_class_sum_text := '';
OPEN class_sum_text;
LOOP
FETCH class_sum_text INTO my_class_sum_value;
EXIT WHEN class_sum_text%NOTFOUND;
my_class_sum_text := my_class_sum_text || ', ' || my_class_sum_value;
END LOOP;
CLOSE class_sum_text;
RETURN my_class_sum_text;
END get_class_sum_text;
FUNCTION 3:
FUNCTION get_class_perc_text
     in_report_parameter_id IN NUMBER
RETURN VARCHAR2
IS
my_class_perc_text VARCHAR2(10000);
my_class_perc_value VARCHAR2(10000);
CURSOR class_perc_text IS
SELECT 'ROUND((("Class ' || report_parameters.report_parameter_value || '" / "Total") * 100), 2) "Class ' || report_parameters.report_parameter_value || '" '
FROM report_parameters
WHERE report_parameters.report_parameter_id = in_report_parameter_id
AND report_parameters.report_parameter_group = 'CLASS'
AND report_parameters.report_parameter_name = 'CLASS'
GROUP BY
report_parameters.report_parameter_value
ORDER BY
CAST(report_parameters.report_parameter_value AS NUMBER);
BEGIN
my_class_perc_text := '';
OPEN class_perc_text;
LOOP
FETCH class_perc_text INTO my_class_perc_value;
EXIT WHEN class_perc_text%NOTFOUND;
my_class_perc_text := my_class_perc_text || ', ' || my_class_perc_value;
END LOOP;
CLOSE class_perc_text;
my_class_perc_text := my_class_perc_text || ', ' || 'DECODE("Total", -1, 0, 100) "Total" ';
RETURN my_class_perc_text;
END get_class_perc_text;
Could anyone help me?
Thanks in advance.

Hi ,
Thanks a lot for your reply and tips how to post the code.
As you know that previously I used 3 different variables called
my_class_select_text,
my_class_sum_text,
my_class_perc_text
to get corresponding values. I'm using these values in a dynamic SQL like below in the code.
      SELECT 3 "Rank", '
    || '            ''Final Row'' "Row Type", '
    || '            TRUNC(edr_rpt_tmp_bin_periods.bin_start_date_time ) "Date", '
    || '            MAX(edr_rpt_tmp_bin_periods.bin_end_date_time) - numtodsinterval(0.000000001, ''SECOND'') "Date/Time", '
    || '            '''' "Lane", '
    || '            ''Total'' "Hour" '
    ||              my_class_sum_text
    || '                           , '
    || '             SUM(NVL(" ", 0)) " " '
    || '           FROM ( '
    || '                  SELECT edr_class_by_hour_report_data.bin_start_date_time start_date_time '
    ||                               my_class_select_text || ', '
    || '                             SUM(NVL(edr_class_by_hour_report_data.bin_value, 0)) " " '
    || '                    FROM edr_class_by_hour_report_data '
    || '             GROUP BY edr_class_by_hour_report_data.bin_start_date_time '
    || '                ) results '
   As per your new function it returns in a single parameter called 'my_class_perc_text' . Now I dont know how to use single variable in these places?
Hope you could understand my question.
I used to display code. :)
   Thanks once again.
Edited by: user10641405 on May 21, 2009 2:06 PM

PL/SQL String - To see what's in?

Hello,
I have a long sql-statement in a region source.
The type ist "SLQ Query(PL/SQL function...)
Example of my code:
declare q varchar(4000);
begin
q:= ' SELECT org ';
If :P110_EMPLOYEE = '%null%' and :P110_WRKCTRL1 = '%null%' then q:=q||' BUKRS Name, '; else null;
end if;
q:=q||' FROM csdb.v_user_org, csosap.pa2_mon a WHERE 1=1';
if :P110_WRKCTRL1 <> '%null%' then q:=q||' and ARBPL = :P110_WRKCTRL1 '; else null; end if;
return q;
end;
In "q" ist the long sql string. Now I get some error messages.
It is very difficult to find a solutions because "q" ist very long.
Is it possible, to get someting like messagebox. popup or print a file to see what's in "q" (the sql stringer)?
Thanks a lot.
Andre

Hello Andre,
Please check if the following have any relevance to your situation - Re: ORA-06550 recieved when trying to modify existing page after 3.1 Apex u .
>> Is it possible, to get the content from the item (:P110_Enddate) and
not the name?
You can try using a substitution string notation e.g. “& P110_Enddate.”. The trailing period is part of the syntax.
Regards,
Arie.

NDS - Maximum Limit in SQL String

When executing NDS I usually just use EXECUTE IMMEDIATE, but now I've had to use the OPEN FOR statement and
execute a SQL string that I read in from a column in a table. Now I know I've encountered an error before that states
I've exceed a limit in the number of characters the SQL string can have before "opening" it via NDS.
Does anyone the max I should set my VARCHAR2 column that holds the SQL statements? I recall it was 255 bytes I
think.
Thanks,
Gio
null

Max of SQL statement length is 64K
more limitations here http://www.itsystems.lv/gints/oracle_limits.htm

How to build dynamic query strings in the query using DB adapter 'Pure SQL'

Dear Forum,
I am building an application which will access DB to fetch some result set. The query involves retrieving data from multiple tables(nearly 10 tables). So I have created a DB adapter using 'execute pure sql' option. With this query works fine, but my inputs parameters will vary. So I need to make my query dynamic to append the query strings at runtime depending on the inputs.
For example I have 3 input variables - input1,input2 and input3 (in my request xsd) which are used in the pure sql query. Now if I get a 4th input parameter input4 in the request, I need to append this to query string as 'AND input4=[some value]' at runtime. Otherwise my query should have only 3 parameters. Please suggest how this can be achieved.
Regards,
Satya.

This is a strange requirement, depending on the columns you have and what are optional in them, one way is to have separate operations and each opeartion will have different inputs and for each operation , a different DB Adapter is called. But this way, it results in more number of operations for the service as well as more number of references in the composite. Even if you pass the column inputs to the SQL procedure, it will result in a large number of if-else cases..
Thanks,
N

Building the SQL string

Similar Messages

Maybe you are looking for