htf.anchor — Step-by-Step Guide for Oracle APEX
Published on 28 Oct 2025 by CHATURVEDINIDHI26@GMAIL.COM
htf.anchor — Step-by-Step Guide for Oracle APEX
1) Introduction
htf.anchor is a PL/SQL helper that generates an HTML <a> (anchor/link) tag. Use it in PL/SQL or SQL regions to create dynamic hyperlinks — for example, an Edit icon in a report that navigates to another APEX page and passes item values.
2) When and why to use it
- Create dynamic links from SQL or PL/SQL output.
- Common use case: show an Edit/View icon for each row in Classic or Interactive Reports.
- Advantage: keeps code readable and lets you pass APEX session and items in the URL.
3) Basic syntax
htf.anchor(
p\_link IN VARCHAR2, -- URL (href)
p\_text IN VARCHAR2 -- link text or HTML (what is visible)
) RETURN VARCHAR2;
Note: Some environments add extra parameters (attributes). If htf is not available, you can manually build an <a> tag or use APEX utilities.
4) APEX URL recap
Typical APEX navigation URL pattern:
f?p=APP\_ID:PAGE\_ID:SESSION:REQUEST:DEBUG:ARGUMENTS:ITEMS
Common tokens you will use:
&APP\_ID. or :APP\_ID — application id:APP\_SESSION — current session id- Items to set:
P475\_ITEM1,P475\_ITEM2:VALUE1,VALUE2
5) Readable version of the user's original expression
htf.anchor(
'f?p=' || :APP\_ID || ':475:' || :APP\_SESSION || ':MODIFY:' || :DEBUG || ':475:' ||
'P475\_CONTRACT\_ID,P475\_SUPPLIER\_ID,P475\_F\_DATE,P475\_T\_DATE,' ||
'P475\_SERVICE\_ID,P475\_SERVICE\_TYPE,P475\_PARENT\_PAGE:' ||
RV.CONTRACT\_ID || ',' || VENDOR\_ID || ',' || F\_DATE || ',' || T\_DATE || ',' ||
VENDOR\_ID || ',Accommodation,' || :APP\_PAGE\_ID || ':',
'
'
)
Explanation: The first argument is the APEX URL; the second argument is the visible HTML (an image icon).
6) Practical Classic Report example
Assume a table named VENDOR\_CONTRACTS with columns contract\_id, vendor\_id, f\_date, t\_date, service\_id. Add an edit link column to the report:
SELECT
contract\_id,
vendor\_id,
f\_date,
t\_date,
service\_type,
htf.anchor(
'f?p=' || :APP\_ID || ':' || 475 || ':' || :APP\_SESSION || ':MODIFY::' || 475 || ':' ||
'P475\_CONTRACT\_ID,P475\_SUPPLIER\_ID,P475\_F\_DATE,P475\_T\_DATE,P475\_SERVICE\_ID,P475\_SERVICE\_TYPE,P475\_PARENT\_PAGE:' ||
contract\_id || ',' || vendor\_id || ',' || TO\_CHAR(f\_date,'YYYY-MM-DD') || ',' ||
TO\_CHAR(t\_date,'YYYY-MM-DD') || ',' || service\_id || ',' || service\_type || ',' || :APP\_PAGE\_ID || ':',
''
) AS edit\_link
FROM VENDOR\_CONTRACTS;
In the report column properties, set Escape special characters = NO for the edit\_link column so the HTML icon renders.
7) Text link and attributes
If you prefer a text link or want attributes like title or class:
htf.anchor(
'f?p='||:APP\_ID||':475:'||:APP\_SESSION||'::NO:475:...',
'Edit',
'title="Edit contract" class="btn btn-sm" target="\_blank"'
)
Note: Not all implementations accept a third attribute parameter — if not, build the <a> tag manually.
8) Security and encoding (important)
- URL encoding: If values contain spaces or special characters, encode them. Use
apex\_escape.url or apex\_util.prepare\_url where available.
- HTML escaping: Escape link text from user input with
apex\_escape.html or similar.
- Session handling: Use
:APP\_SESSION or APEX APIs to avoid session leakage.
- Authorization: Show edit links only to users who are allowed to edit.
Example using apex\_util.prepare\_url to make the URL safer:
l\_url := apex\_util.prepare\_url(
'f?p='||:APP\_ID||':475:'||:APP\_SESSION||'::NO:475:P475\_CONTRACT\_ID:'||contract\_id
);
htf.anchor(l\_url, 'Edit');
9) Common pitfalls and fixes
- HTML output appears escaped → set Escape special characters = No for that column.
- Values with commas break item mapping → encode values or use different delimiters; prefer named item passing or prepare\_url.
- Session expired → links may fail if the session is invalid.
- Special characters in values → always URL-encode dynamic values.
10) Advanced: named items and alternatives
You can use substitution syntax like &P475\_CONTRACT\_ID. in some cases, but for dynamic runtime values, mapping items in the APEX URL is more reliable. If logic becomes complex, wrap link generation in a PL/SQL function and call that from your report.
11) Testing checklist
- Save the region with the query.
- Set Escape special characters = No for the link column.
- Open the page and confirm the icon is visible.
- Click the icon and confirm it opens the target page (e.g. Page 475).
- Verify items on the target page are pre-filled with the expected values.
- Test with different user roles to confirm authorization rules.
- Test edge cases: values with special characters, commas, or unusual date formats.
12) Ready-to-paste full example (clean)
SELECT
contract\_id,
vendor\_id,
TO\_CHAR(f\_date,'YYYY-MM-DD') AS f\_date,
TO\_CHAR(t\_date,'YYYY-MM-DD') AS t\_date,
service\_type,
htf.anchor(
apex\_util.prepare\_url(
'f?p=' || :APP\_ID || ':475:' || :APP\_SESSION || ':MODIFY::475:' ||
'P475\_CONTRACT\_ID,P475\_SUPPLIER\_ID,P475\_F\_DATE,P475\_T\_DATE,P475\_SERVICE\_ID,P475\_SERVICE\_TYPE,P475\_PARENT\_PAGE:' ||
contract\_id || ',' || vendor\_id || ',' ||
TO\_CHAR(f\_date,'YYYY-MM-DD') || ',' || TO\_CHAR(t\_date,'YYYY-MM-DD') || ',' ||
service\_id || ',' || service\_type || ',' || :APP\_PAGE\_ID || ':'
),
''
) AS edit\_link
FROM VENDOR\_CONTRACTS;
In the report, ensure Escape special characters = No for edit\_link.
13) Best practices (short)
- Always encode dynamic values.
- Use
apex\_util.prepare\_url / apex\_escape.url where possible.
- Don't show edit links to unauthorized users.
- Consider moving complex link generation into a PL/SQL function.
- Keep HTML escaping OFF only for trusted content and only for that column.
14) Troubleshooting tips
- Right-click link → Open in new tab → inspect the built URL to find problems.
- Use APEX debug mode to see incoming request parameters on the target page.
- If values are missing, verify the order of items listed in the URL matches the values order.