I wasn't able to parameterize our queries because our database schema uses a lot of CHAR types on key fields, but was told to use the LIKE operator instead of =. This did allow the parameterized queries to work, but I'm concerned how this will effect performance?
Ug. Chars :(
Assuming you mean you're not padding the variables with spaces and doing something like:
where char_col like :var || '%'
I'd be more concerned about correctness than performance! In general these won't return the same results:
create table t (
x char(10)
);
insert into t values ('test');
insert into t values ('testtest');
var v varchar2(10);
exec :v := 'test';
select * from t
where x = :v;
no rows selected
select * from t
where x like :v || '%';
X
----------
test
testtest
select * from t
where x = cast(:v as char(10));
X
----------
test You may still encounter issues with performance too though. The cardinality calculations are different for equalities (=) and like. So you may end up with different than using =. This isn't necessarily a bad thing. But it's not good either.
Assuming you can't get rid of the chars (easily), either pad your variables or cast them to the appropriate length. Then compare using =.