Dynamic SQL, while not the first tool to pick when solving a problem, can be invaluable. However, it can have some hidden dangers besides allowing SQL injection. One such danger is that sometimes dbms_sql.parse also executes the statement: It’s in the documentation for 11g: “All statements are parsed immediately. In addition, DDL statements are run […]