SQL Injection (dbms_assert)

28.02.2008 at 14:38 (10g, 11g, Oracle, PL/SQL, Security)

Using SQL injection, a hacker can pass string input to an application in hopes of gaining unauthorized access to a database. Here is a nice tutorial about this subject and how to prevent it. It shows also the use of the undocumented (in 10g not in 11g) dbms_assert Package.

Tutorial

Permalink Kommentar schreiben

Online SQL Formatter

04.09.2007 at 10:00 (Oracle, PL/SQL)

With the online SQL Formatter you can easily format your SQL’s to a nice format.

Before

SELECT D.Dept_Name, AVG(Getdate()-DOB) FROM EMPLOYEE E
/*Comment now comes an inner join*/ INNER JOIN DEPARTMENT D ON
E.DEPT_ID=DEPT_ID GROUP BY DEPT_ID;

After

SELECT  D.Dept_Name,

        AVG(Getdate()-DOB)

FROM    EMPLOYEE E

        /*Comment now comes an inner join */

INNER JOIN DEPARTMENT D

ON      E.DEPT_ID=DEPT_ID

GROUP BY DEPT_ID;

You can also download the desktop version which requires JRE 1.5.

Update:
Another SQL and PL/SQL Formatter.

Permalink Kommentar schreiben