You're reading from Developing Robust Date and Time Oriented Applications in Oracle Cloud A comprehensive guide to efficient date and time management in Oracle Cloud

Product type Paperback

Published in May 2023

Publisher Packt

ISBN-13 9781804611869

Length 464 pages

Edition 1st Edition

Languages

SQL

Tools

Oracle Database

Concepts

Databases

Author (1):

Michal Kvet

View More author details

Table of Contents (26) Chapters

Preface

1. Part 1: Discovering Oracle Cloud

2. Chapter 1: Oracle Cloud Fundamentals FREE CHAPTER

3. Chapter 2: Data Loading and Migration Perspectives

4. Part 2: Understanding the Roots of Date and Time

5. Chapter 3: Date and Time Standardization Principles

6. Chapter 4: Concepts of Temporality

7. Part 3: Modeling, Storing, and Managing Date and Time

8. Chapter 5: Modeling and Storage Principles

9. Chapter 6: Conversion Functions and Element Extraction

10. Chapter 7: Date and Time Management Functions

11. Chapter 8: Delving into National Language Support Parameters

12. Part 4: Modeling Validity Intervals

13. Chapter 9: Duration Modeling and Calculations

14. Chapter 10: Interval Representation and Type Relationships

15. Chapter 11: Temporal Database Concepts

16. Chapter 12: Building Month Calendars Using SQL and PL/SQL

17. Part 5: Building Robust and Secure Temporal Solutions

18. Chapter 13: Flashback Management for Reconstructing the Database Image

19. Chapter 14: Building Reliable Solutions to Avoid SQL Injection

20. Part 6: Expanding a Business Worldwide Using Oracle Cloud

21. Chapter 15: Timestamp Enhancements

22. Chapter 16: Oracle Cloud Time Zone Reflection

23. Assessments

24. Index

Why subscribe?

25. Other Books You May Enjoy

Solutions to limit SQL injection

In the previous section, you learned about SQL injection creation. We showed what it can cause and what the consequences are. This section will drive you through the available solutions by introducing bind variables and explicit conversions. We will also discuss the DBMS_ASSERT package, which allows you to sanitize input values.

Using bind variables

Bind variables provide the relevant solution to limit SQL injection. Instead of concatenating the character strings forming the statement, the input value is applied using a bind variable, as shown in the following code block, which defines a GET_EMPLOYEES procedure. The condition in the where clause is related to the Date_from attribute and procedure parameter (p_date). This is not concatenated, but rather treated as a bind variable:

create or replace procedure GET_EMPLOYEES(p_date DATE)
is
 v_statement varchar2(10000);
 v_cursor sys_refcursor;
 v_ns varchar(100);
 v_pid varchar(11);
begin
 v_statement...

The rest of the chapter is locked

You're reading from Developing Robust Date and Time Oriented Applications in Oracle Cloud A comprehensive guide to efficient date and time management in Oracle Cloud

Table of Contents (26) Chapters

Solutions to limit SQL injection

Using bind variables

Authors (1)

Personalised recommendations for you

You're reading from Developing Robust Date and Time Oriented Applications in Oracle Cloud A comprehensive guide to efficient date and time management in Oracle Cloud

Table of Contents (26) Chapters

Solutions to limit SQL injection

Using bind variables

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you