Obsessed with Oracle PL/SQL

Got this plea for help via our AskTOM PL/SQL Office Hours program: Dear Experts, I have below written below code: ---------------------------------------------- Declare v_Table all_tables.TABLE_NAME%type; v_Mnt varchar2(2):='08'; Type Cur_type is Ref Cursor; C Cur_type; Begin v_Table:='ddi_ticket_10_1018'; Open C for 'SELECT * from bill.'||v_Table||v_Mnt||'Where called_nbr=123'; End; ------------------------------------------------------------------- When executing this code, I face this Error message. ORA-00933-SQL Command not properly ended ORA-06512: At Line 9. Please check the above code and modify for syntax correction I could, at a glance, pretty well guess what the problem is. Can you? I am not trying to boast. I just encourage you to not read further and instead examine the code. What could be causing his pro...

Dynamic SQL means a SQL statement that is constructed, parsed and executed "dynamically" at run time (vs. "statically" at compile time). It's very easy to write static SQL in PL/SQL program units (one of the great joys of working with this database programming language). It's also quite easy to implement dynamic SQL requirements in PL/SQL. But that doesn't mean you should . The bottom line regarding dynamic SQL is: Construct and execute SQL at runtime only when you have to. There are several good reasons to avoid unnecessary dynamic SQL: Security : dynamic SQL opens up the door to SQL injection, which can lead to data corruption and the leaking of sensitive data. Performance : while the overhead of executing dynamic SQL has gone way down over the years, it is certainly still faster to use static SQL. Maintainability : the code you write to support dynamic SQL is more - literally more code - and harder to understand and maintain. Sometime...