1. Use parameterization to pass parameters
First look at a piece of sql
select TABLE_COLUMN_NAME from CSV_PARA_MAPPING where TABLE_NAME = ':v_tabName' and CSV_PARA_NAME = ':v_date' union select TABLE_COLUMN_NAME from CSV_PARA_MAPPING where TABLE_NAME = ':v_tabName' and CSV_PARA_NAME = ':v_time'
This spelling is wrong and should not use single quotes. The fields TABLE_NAME and CSV_PARA_NAME are of type VARCHAR2, but do not use single quotation marks. My understanding is that the parameter passed in is itself typed and there is no need to put single quotes to indicate that this is a string. That is , the way to pass in parameters is not a simple string concatenation, but a data type . So the correct spelling is as follows
select TABLE_COLUMN_NAME from CSV_PARA_MAPPING where TABLE_NAME = :v_tabName and CSV_PARA_NAME = :v_date union select TABLE_COLUMN_NAME from CSV_PARA_MAPPING where TABLE_NAME = :v_tabName and CSV_PARA_NAME = :v_time
look at the code again
cmd.Parameters.Add(new OracleParameter("v_tabName", tableName)); cmd.Parameters.Add(new OracleParameter("v_date", dateParaName)); cmd.Parameters.Add(new OracleParameter("v_time", timeParaName));
Error: ORA-01008: not all variables bound, it seems that not enough values have been assigned to the parameters. There are 4 parameters, but 2 are reused, so there are really only 3 parameters. One of the pitfalls here is that the name of the parameter will not be distinguished, that is to say, the two: v_tabName are considered to be different parameters. When assigning a parameter, it is based on this rule. The nth assigned value is assigned to the first n parameters, do not look at the name of the parameter at all. So of course it will be wrong. If you want to assign a value according to the name of the parameter, you need to add the following statement
cmd.BindByName = true;