News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Gennady Feldman's Blog:
Oracle query validation
May 26, 2010 @ 11:47:06

Gennady Feldman has put together a new post for his site today looking at a recent situation he had with validating SQL queries for use with an Oracle database.

So we got an interesting use case at work where we have an admin interface to setup filters in our system. Our staff is able to enter expressions in the web interface and we have a way of checking that whatever they enter is valid or not. While trying to optimize the validation code to do stricter checking with lower overhead I ran into a little gotcha. oci_parse() function doesn't actually do validation. This was a huge surprise to me and something I didn't grok.

Frustrated by the fact that the oci_parse function didn't seem to really do much more than bind variables and prepare the SQL for insert, he searched until he came across an interesting optional flag for oci_execute, OCI_DESCRIBE_ONLY. This flag returns some explain information by default and, if the query is invalid, returns an error.

1 comment voice your opinion now!
oracle validation sql ociparse ociexecute


blog comments powered by Disqus

Similar Posts

NetTuts.com: Build Web Apps From Scratch With Laravel: Filters, Validations, and Files

Chris Hartjes' Blog: Simple User Registration in CakePHP 1.2, Part II

Alison Holloway's Blog: Zend Core for Oracle 2.0 Released

Martynas Jusevicius' Blog: Calculating great-circle distance in MySQL and Propel

PHPBuilder.com: Create a Dynamic Username Validator with PHP, MySQL and jQuery


Community Events





Don't see your event here?
Let us know!


api threedevsandamaybe install podcast application project configure community introduction release framework series list laravel library language developer interview wordpress code

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework