Ah ok, now that you say it, it makes a lot of sense.
Alright well, I am using string substitution in the form of
Code:
Where username like replace('&Username%','-','')
so I can do all kinds of string-manipulation,
but I am also using
Code:
Where access_type in (&Access)
exactly for the effect you mentioned,
so that the user can search for comma-delimited lists of values.
Typically the user base is just a bunch of IT Support persons, who don't know any SQL, but were given "PL/SQL Developer" to access a database.
I wrote them my query as a pseudo-application to access it without using any SQL, but still inside the the above application.
But now several other departments have shown interest in using this query, so I am going to try and make an actual application out of it, so they don't need to pay for "PL/SQL Developer" licenses.