Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [SOLVED]Add VARIABLE to ORACLE Query

Read-Only Read-Only Topic
Go
Search
Notify
Tools
[SOLVED]Add VARIABLE to ORACLE Query
 Login/Join
 
QuickLearner
Gold member
posted
Can you add a WHERE CLAUSE variable to an Oracle query. I have 2 variables that I would like to add to a query and I wanted to know can this be done.
I know you can add it to the TABLE OUT, but I would like to add it earlier in the query.

ENGINE SQLORA SET CONNECTION_ATTRIBUTES EJSWAR
SQL SQLORA
select distinct INCIDENT_SUPPLEMENTS.APPROVAL_DATE, INCIDENTS.INC_REPORT_NUMBER,
INCIDENT_SUPPLEMENTS.CREATOR_ID, INCIDENT_TYPE_CODES.DESCRIPTION, OFFENSES.OFFNSE_CD_OFFENSE_STATUS_CODE,
INCIDENT_SUPPLEMENTS.ISC_STATUS_CODE, INCIDENTS.INCIDENT_ID, INCIDENTS.ITC_CODE,
OFFENSES.INC_INCIDENT_ID, EMPLOYEES.LOGIN_ID, EMP_SERVICE_HISTORIES.EJS_EMP_ID, EMPLOYEES.EJS_EMP_ID,
EMP_SERVICE_HISTORIES.SRV_ASSIGN_CODE , EMPLOYEES.OFFICER_ID,OFFICERS.CAD_EMP_ID
from EMPLOYEES, EMP_SERVICE_HISTORIES, INCIDENTS, INCIDENT_SUPPLEMENTS, INCIDENT_TYPE_CODES, OFFENSES , OFFICERS
where INCIDENTS.INCIDENT_ID=INCIDENT_SUPPLEMENTS.INC_INCIDENT_ID and
INCIDENTS.INCIDENT_ID=OFFENSES.INC_INCIDENT_ID and
EMPLOYEES.EJS_EMP_ID=EMP_SERVICE_HISTORIES.EJS_EMP_ID and
INCIDENT_TYPE_CODES.CODE=INCIDENTS.ITC_CODE and
INCIDENT_SUPPLEMENTS.CREATOR_ID = EMPLOYEES.LOGIN_ID and
INCIDENTS.ITC_CODE = INCIDENT_TYPE_CODES.CODE AND
offenses.OFFNSE_CD_OFFENSE_STATUS_CODE = '03' and
INCIDENT_SUPPLEMENTS.ISC_STATUS_CODE = 'A'
-*and INCIDENT_SUPPLEMENTS.APPROVAL_DATE >= trunc(sysdate) -2 and INCIDENT_SUPPLEMENTS.APPROVAL_DATE < trunc(sysdate)

[COLOR:RED]//Add the Beg_date_issue and End_date_issue[/COLOR]

AND APPROVAL_DATE FROM '&BEG_DATE_ISSUED.EVAL' TO '&END_DATE_ISSUED.EVAL'

AND OFFICERS.OFFICER_ID=EMPLOYEES.OFFICER_ID
group by EMPLOYEES.LNAME,INCIDENT_SUPPLEMENTS.APPROVAL_DATE, INCIDENTS.INC_REPORT_NUMBER,
INCIDENT_SUPPLEMENTS.CREATOR_ID, INCIDENT_TYPE_CODES.DESCRIPTION, OFFENSES.OFFNSE_CD_OFFENSE_STATUS_CODE,
INCIDENT_SUPPLEMENTS.ISC_STATUS_CODE, INCIDENTS.INCIDENT_ID, INCIDENTS.ITC_CODE, EMPLOYEES.FNAME,
OFFENSES.INC_INCIDENT_ID, EMPLOYEES.LOGIN_ID, EMP_SERVICE_HISTORIES.EJS_EMP_ID, EMPLOYEES.EJS_EMP_ID,
EMP_SERVICE_HISTORIES.SRV_ASSIGN_CODE , EMPLOYEES.OFFICER_ID,OFFICERS.CAD_EMP_ID;
-*and ROWNUM <= 10;

This message has been edited. Last edited by: QuickLearner,


WebFOCUS 7.6
Windows, All Outputs
 
Posts: 96 | Registered: October 13, 2014Report This Post
QuickLearner
Gold member
posted Hide Post
Solved the WHERE CLAUSE has to be added to the TABLE FILE


WebFOCUS 7.6
Windows, All Outputs
 
Posts: 96 | Registered: October 13, 2014Report This Post
MattC
Guru
posted Hide Post
quote:
Originally posted by QuickLearner:
Solved the WHERE CLAUSE has to be added to the TABLE FILE


That's not true. You can define entire WHERE clauses in a variable and have the variable part of your SQL.

For optimal performance you want to have your DB do most of the work to bring back the least amount of results to your server to process.


Here's an example.


 
-SET &WhereEmpNum = IF '&WhereEmpNum.EVAL' EQ '' THEN '' ELSE  'AND EMPLOYEE_NBR = ' | '''' | '&WhereEmpNum.EVAL' | '''';
-SET &WhereSite = IF '&WhereStore.EVAL' EQ '' THEN '' ELSE  'AND STORE = ' | '''' |  '&WhereStore.EVAL' | '''';
-TYPE WhereSite =(&WhereSite);
-TYPE WhereEmpNum =(&WhereEmpNum);


-INCLUDE hr_shared_sqlora
SQL
SELECT
    EMPLOYEE_NBR,
    NAME,
    JOBCODE,
    EARN_CODE,
    ATTEND_DATE,
    EARNS_END_DT,
    PAY_END_DT,
    PAY_END_DT + 5 AS ORA_PAY_END,
    PUNCH_TIME_IN,
    PUNCH_TIME_OUT,
    UPDATED_BY,
    UPDATE_DTTM,
    HOURS_QTY,
    STORE,
    CAST(COST_CENTRE AS CHAR(10)) AS COST_CENTRE,
    TL_SOURCE,
    SEQ_NBR,
    PAYROLL_SOURCE
    FROM TPDATA.TABLENAME
   WHERE TL_SOURCE IN ( 'T', 'A')
    AND BRAND = 'WEN'
    AND PAY_END_DT IN
         (SELECT DISTINCT PAY_END_DT
           FROM TPDATA.TABLENAME
            WHERE ATTEND_DATE BETWEEN '&BegDate3' AND '&EndDate3'
             AND TL_SOURCE IN ( 'T', 'A')
             AND BRAND = 'WEN'
           &WhereEmpNum
           &WhereSite
          )
&WhereEmpNum
&WhereSite
ORDER BY EMPLOYEE_NBR, ATTEND_DATE, SEQ_NBR
;
TABLE
ON TABLE HOLD AS PNCHPULL FORMAT ALPHA
END
-RUN


WebFOCUS 8.1.05
 
Posts: 496 | Registered: January 04, 2008Report This Post
Wep5622
Virtuoso
posted Hide Post
You can add the variable right where you tried to do just that. Didn't that work? Of course, you would need to use SQL syntax for your condition and not FOCUS syntax.

Any problem you apparently encountered in doing so is most likely due to your use of .EVAL where you just want variable substitution.

As people in many programming languages chant: ".EVAL is evil!".

That's probably no less true for dialog manager.

EVAL is definitely a good candidate for SQL injection, especially in the scenario of pass-through SQL (as is the case here). For example, someone might just send the string '1 OR 1 IN (DELETE FROM EMPLOYEES)' as a value, which then becomes part of the SQL query after evaluation.

This message has been edited. Last edited by: Wep5622,


WebFOCUS 8.1.03, Windows 7-64/2008-64, IBM DB2/400, Oracle 11g & RDB, MS SQL-Server 2005, SAP, PostgreSQL 11, Output: HTML, PDF, Excel 2010
: Member of User Group Benelux :
 
Posts: 1669 | Location: Enschede, Netherlands | Registered: August 12, 2010Report This Post
QuickLearner
Gold member
posted Hide Post
quote:
Originally posted by Wep5622:
You can add the variable right where you tried to do just that. Didn't that work? Of course, you would need to use SQL syntax for your condition and not FOCUS syntax.

Any problem you apparently encountered in doing so is most likely due to your use of .EVAL where you just want variable substitution.

As people in many programming languages chant: ".EVAL is evil!".

That's probably no less true for dialog manager.

EVAL is definitely a good candidate for SQL injection, especially in the scenario of pass-through SQL (as is the case here). For example, someone might just send the string '1 OR 1 IN (DELETE FROM EMPLOYEES)' as a value, which then becomes part of the SQL query after evaluation.


Perfect. Thank you for the heads up.


WebFOCUS 7.6
Windows, All Outputs
 
Posts: 96 | Registered: October 13, 2014Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [SOLVED]Add VARIABLE to ORACLE Query

Copyright © 1996-2020 Information Builders