Delphi: how to pass a list as a parameter to a SQL query?

Question

I have a list of integers or of strings and need to pass it as a parameter for a Delphi DataSet. How to do it?

Here is an example. MyQuery is something like:

Answer 1

Create a temporary table and insert your values in it. Then use that table as part of a subquery.

For example, create MyListTable in your database. Insert your values into MyListTable. Then do

select * from myTable where keyvalue in (select keyvalue from MyListTable)

This avoids SQL injection attacks. But it's not elegant, is not performance friendly because you have to insert records before running your query, and can lead to concurrency issues.

Not my first choice to deal with your situation but it addresses your concern about sql injection.