Results 1 to 10 of 10

Thread: Replacing a string within a CLOB - Oracle 9i

Thread Tools
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

Previous Post

Next Post

01-23-2007, 10:18 PM #9
gamyers

View Profile

View Forum Posts

Member
Join Date

Feb 2005

Posts

158
Code:

str2 := 'update ' || v_table_name || ' set ' || v_field_name || ' = '''||v_clob2||''' where rowid = ''' || v_row_id || ''''; EXECUTE IMMEDIATE str2;

Scary.
If that v_clob2 value contains single quotes and double dashes you could end up executing something like
update table set value ='I'--blah blah where rowid=....
and seriously screw up your database.
Even if you don't, using this sort of construct (dynamic sql without bind variables) can play havoc with your shared pool.
Reply With Quote

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is On

Click Here to Expand Forum to Full Width

Terms and Conditions | About Us | Privacy Notice | Contact Us | Advertise | Sitemap| California - Do Not Sell My Info

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

All times are GMT -4. The time now is 06:56 PM.