Re: "Best Practices" for Application SQL coding

If you read the entire thread (yes a loooong read) then you'd find
many approaches and most of them bad :)
We are actually using either contexts or somtehing similar to approach
proposed by Darko (without dreaded % in the front of predicates of
course! search in this thread for it).
The main idea is to keep binds, do not allow sql injection
possibilities and also keep different plans for different search
combinations. At least I personally don't know other techniques than
either using contexts or something similar as Darko proposed. Or of
course listing all possible combinations in your code :D

Gints Plivna
http://www.gplivna.eu

2008/10/30 Charles Schultz <sacrophyte@xxxxxxxxx>:
> Awesome, thanks!
>
> Given that Tom submitted that in 2001 under 8i, are people still using that
> method? Is this a rather current approach to this particular problem?
--
http://www.freelists.org/webpage/oracle-l


Other related posts: