0

I've two update statements launched by an "Execute Immediate" function. One works ok but the other throws an "SQL command not properly ended" error.

Statement working fine:

 EXECUTE IMMEDIATE 'UPDATE myTable SET column_xpto = ' ||my_var|| ' WHERE myTable.name_table = '''||nameT||'''';

Statement NOT working:

EXECUTE IMMEDIATE 'UPDATE myTable SET column_X = ' ||my_other_var|| ' WHERE myTable.name_table = '''||nameT||'''';

The variable 'my_var' is a NUMBER type while the variable 'my_other_var' is a timestamp(6), initializated with CURRENT_TIMESTAMP.

desc myTable 
Name             Null     Type          
---------------- -------- ------------- 
NAME_TABLE       NOT NULL VARCHAR2(200) 
column_xpto               NUMBER              
column_X                  TIMESTAMP(6)

Does anyone know why the second statement gives an error?

Improve this question
2
  • 1
    Please edit your question and show the SQL after variable substitution. Commented Mar 16, 2015 at 10:29
  • ... SET column_x = ''' ||my_other_var|| ''' ... worked for me. Commented Mar 16, 2015 at 10:41

2 Answers 2

Reset to default
3

I would use bind variables like one below, with USING keyword.

EXECUTE IMMEDIATE 'UPDATE myTable SET column_xpto = :my_other_var WHERE myTable.name_table = :nameT' 
        USING my_other_var, nameT;
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I tried that, and it seems to work fine too. But what is the advantage? Beside the simplest sintaxe without all that commas LOL
@AdamBrave, apart from the SQL injection vulnerability, another reason to use bind variables instead of concatenation is treatment of NULLs for numeric values: if you use simple concatenation you'll get a syntax error at runtime, whereas with bind variables it will at least run without error.
0

you have to use like below 

EXECUTE IMMEDIATE 'UPDATE myTable SET column_X = ''' ||my_other_var|| ''' WHERE myTable.name_table = '''||nameT||'''';

since timestamp should be used as string literal.

You can either user bind variable also as Lalith said.

Improve this answer

3 Comments

Better use bind variables.
Why? Whats the advantage?
The bind variable will supply the value to pre-compiled, it will supply the value to precompiled one, wherears in above is to be re-parse the statement again on runtime.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.