I am using dynamic soql where I am reading the conditions from an XML and getting those as a String
but I am not able to find it who the query will structure
String query = 'SELECT id, Name FROM CustomObject__c WHERE Status__c =: InProgress';
Database.query(query);
It throws error message as
System.QueryException: Variable does not exist: InProgress
Best Answer
use variable binding
it is preferable to use variable binding than string concatenation in order to prevent SOQL Injections. Also, if it not necessary to use dynamic SOQL use static SOQL.