Subject Re: [firebird-support] EXECUTE STATEMENT problem understanding
Author Mark Rotteveel
On Fri, 26 Jul 2013 11:26:31 +0100, Alan J Davies
<Alan.Davies@...> wrote:
> Thanks Mark, it appears that what I want to do is not possible. i.e.
> have the table name as a replaceable parameter. Using your example I
> would still have 3 separate statements (as now) but in a different
> format in the SP.
> What I really would like to be able to do is (paraphrase):
> declare table_to_use varchar(20);
> if my_input_parameter='T' then table_to_use='q_tool'
> else if my_input_parameter='G' then table_to_use='q_gauge'
> else if my_input_parameter='P' then table_to_use='q_ppap'
> end;
> and then this code only once in the SP.
> s = 'update :table_to_use set tgp_no = :tgp_no, del_date = :del_date
> where pjs_no = :pjs_no'
> EXECUTE STATEMENT (s) (tgp_no := tgp_no, del_date := del_date, pjs_no
> := pjs_no);

You can't pass the table name as parameter to EXECUTE STATEMENT, but
nothing stops you from dynamically building the statement itself. Just be
sure that the tablename is not userinput, otherwise you open yourself to
SQL injection.

s = "UPDATE " || table_to_use || " SET ..." -- etc