THE WORLD DISCUSSES #PYTHIAN ON TWITTER. HAVE A QUESTION? USE OUR HASHTAG AND ASK AWAY.

How to Dynamically Call PL/SQL Procedure in Oracle

Posted by Alex Gorbachev on Jun 4, 2009

Just got an interesting note on Twitter that you can’t call a stored procedure dynamically in Oracle from a PL/SQL block like passing the procedure name in a variable.

Well, yes we can!

And the answer is EXECUTE IMMEDIATE — it can be used to run anonymous PL/SQL blog and not just a SQL statement. However, you will want to think many many times before doing so… if you love your data.

Let’s create the test procedures:

SQL> create or replace procedure bingo as
  2  begin
  3  dbms_output.put_line('Bingo!');
  4  end;
  5  /

Procedure created.

SQL> create or replace procedure bambam as
  2  begin
  3  dbms_output.put_line('BAM BAM!');
  4  end;
  5  /

Procedure created.

Now let’s create a wrapper that we will call passing a procedure name: Read the rest of this entry . . .

13 Comments »

MMUG: Second Meeting Review and Slides

Posted by Nicklas Westerlund on Aug 29, 2008

The Malta MySQL User Group (MMUG) met for the second time this Thursday, and compared to last time, we had a much better venue: Ixaris Systems let us use their board room, so we had all the tools we needed to have a good meeting.

We managed to get a group picture before everyone has arrived, so I guess we can call the people in this picture “early birds”.

MMUG: Second Meeting

Once we all arrived, however, Sandro Gauci from EnableSecurity gave us a very interesting talk on SQL Injection security, and general security flaws from a developer point a view. You can find the slides here: sql-injection.pdf.

Here’s a picture of Mr. Gauci while presenting. (Sorry for the obvious problem with the over-white picture — seems like I forgot to turn down the flash, and this was the only non-blurry shot I got.)

Read the rest of this entry . . .

3 Comments »

Database Security Using White-Hat Google Hacking

Posted by Sheeri Cabral on Apr 17, 2008

Here are the slides and links I am using for the “Database Security Using White-Hat Google Hacking” at the 2008 MySQL Users Conference and Expo.

pdf slides

Where to Start:
http://johnny.ihackstuff.com/ghdb.php

i-hacked.com/content/view/23/42

for the impatient

Google’s Terms of Service
Google Operators

More Googlehacks to run:
Page 35 of http://www.sdissa.org/downloads/San%20Diego%20ISSA%20Google%20Hacking%20and%20Beyond%20May%202006-rhd.pdf

http://pauldotcom.com/wiki/index.php/Episode81#Tech_Segment:_Google_Queries_To_Run_Against_Your_Own_Domain

http://ferruh.mavituna.com/makale/sql-injection-cheatsheet/

Goolag

Google Hacks sofware

Google Hacks Honey Pot

www.robotstxt.org

Wikto

Nikto

Be the first to comment »

Start NowWith Pythian - database design, management and emergency handling capabilities...

Papers & Books

MySQL Administrator's Bible by Sheeri K. Cabral

Oracle RAC Workload Management whitepaper by Alex Gorbachev

8 Rules for Designing More Secure Applications with MySQL by Augusto Bott and Nick Westerlund

Live Updates

pythian: RT @sheeri: #confoo talk "Bending Queries to your Will with EXPLAIN" slides http://bit.ly/explainslides & handout
more



Testimonials

  • Serge Racine

    DBA, Brookfield Energy

    We are very satisfied by the service given to us by Andre and Shakir in support of our recent data quality and reorganization initiative.... more