5 Links from Around the Web (2007-05-25)

• 1 – SQL Injections: How Not To Get Stuck
  SQL injection is one of the most common security vulnerabilities for web applications today. This article shows ways to solve the problem, including a new technique called “Disabling Literals”, and lists new attacks.
• 2 – PL/SQL Interface Generator
  Oracle PL/SQL Code Generator for Table Encapsulation that would handle all DML operations. It would generate production level code for a table that could be incorporated in any application.
• 3 – Code Generation: Declaring War on Deja Code
  One way to avoid “deja code”, that feeling you’d written this algorithm before, is to generate code rather than write it manually.
• 4 – Business Logic: To Store or not to Store, that is the Question
  Choice between stored procedures, functions, views, triggers and Inline SQL.
• 5 – Database Design Basics
  Database design is more art than science. An excerpt from Professional Oracle Programming.

More from my bookmarks on del.icio.us

Share this:

• Share

• Twitter
• Facebook
• LinkedIn
• Email
• StumbleUpon
• Google +1

Related articles:

• 5 Links from Around the Web (2007-04-10)
• links for 2007-02-23
• 5 Links from Around the Web (2007-05-04)

Filed in Links on 25 May 07 | Tags: pl/sql, sql-injection

---

Reader's Comments

1. steven feuerstein | 25 May 2007 12:58 pm

   Eddie, Thanks for steering people to my codegen link. I agree that it is really important to avoid writing code whenever you can generate it, and table APIs are especially good candidates for generation.

   HOWEVER, I really need to update that page. Because PL/Generator is very old and is completely superseded and improved upon by the freeware Quest CodeGen Utility:

   http://www.qcgu.net

   Thanks! SF

2. Eddie Awad | 25 May 2007 2:41 pm

   Steven, thanks for the pointer to http://www.qcgu.net. A link from the old codegen page to qcgu would be a good idea.

   We are currently writing a big system in PL/SQL (and other technologies). qcgu can be a great time saver for us and help us follow standards and best practices.

   As always, your contributions to the Oracle community are greatly appreciated.

3. steven feuerstein | 25 May 2007 8:44 pm

   Well, Eddie, that is a really good piece of advice! So I updated that page. Long overdue. Thanks for the prompting…

   SF

4. Patrick Barel | 26 May 2007 1:29 am

   I know CodeGen can be a real time saver. In our company we are using CodeGen to generate pieces of Delphi Code for our framework application. We are also using CodeGen to generate QDA packages to build code easier. If you have any questions, don’t hesitate to ask .