Re: SQL Injection Concern

  • From: Mladen Gogala <mgogala@xxxxxxxxxxxxxxxxxxxx>
  • To: DGoulet@xxxxxxxx
  • Date: Mon, 10 Jan 2005 11:49:22 -0500

Goulet, Dick wrote:

>       Yes that is a concern.  In our case data that goes into a table
>is only data to be passed to the procedure, not part of an execute
Oracle 10g has regular expressions, which can reduce the likelihood
of someone entering misformed SQL command and executing it on behalf of the

Mladen Gogala
Oracle DBA
Ext. 121


Other related posts: