sql - Oracle Procedure Escape characters -

-

i stuck escape characters give different values.please me solve problem.please me why same query giving different results.

query :

select * app_realm_entries id in (select id app_entries app_ext_code ='ttl1' , version_number='1.0.1');

result : single row result comes

sql block :

declare  appcode varchar2(20); version_number varchar2(20); type rc ref cursor; table_cursor rc; rec_table realm_entries%rowtype; begin appcode := 'ttl1'; version_number := '1.0.1'; open table_cursor 'select * realm_entries id in (select id app_entries app_ext_code ='''||appcode||''||'and version_number='||version_number||''')'; loop     fetch table_cursor rec_table;     dbms_output.put_line('rowcount ' ||  table_cursor%rowcount );      exit when table_cursor%notfound;   end loop;    close table_cursor; end;

result : rowcount 0

as justin suggested use bind variables. you'll achieve 2 things doing that, won't need worry getting number of quotes correct, , more importantly, you'll close door sql injection vulnerabilities. can changing open statement following:

open table_cursor 'select * realm_entries id in (select id app_entries app_ext_code =:appcode , version_number=:version_number)' using appcode, version_number;

Comments

Post a Comment

Popular posts from this blog

javascript - Karma not able to start PhantomJS on Windows - Error: spawn UNKNOWN -

-
i lost "unknown" error: karma.conf.js: frameworks: ['mocha', 'should'], plugins: ['karma-mocha', 'karma-should', 'karma-phantomjs-launcher'], ... browsers: ['phantomjs'], error: 23 07 2015 14:35:37.691:warn [karma]: no captured browser, open http://localhost:9876/ 23 07 2015 14:35:37.701:info [karma]: karma v0.13.3 server started @ http://localhost:9876/ 23 07 2015 14:35:37.707:info [launcher]: starting browser phantomjs 23 07 2015 14:35:37.738:error [karma]: { [error: spawn unknown] code: 'unknown', errno: 'unknown', syscall: 'spawn' } error: spawn unknown @ exports._errnoexception (util.js:749:11) @ childprocess.spawn (child_process.js:1093:11) @ exports.spawn (child_process.js:933:9) @ object._execcommand (c:\users\jinga4x\git\mdl-sample-project\node_modules\karma\lib\launchers\process.js:63:21) @ object._start (c:\users\jinga4x\git\md...
Read more

Nuget pack csproj using nuspec -

-
i want create nuget package contains specified in nuspec file, still version csproj. in order use token have pack like: nuget pack myproj.csproj but when adds dependencies , creates unwanted folder in nuget package. nuspec file is: <?xml version="1.0" encoding="utf-8"?> <package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd"> <metadata> <id>test</id> <version>$version$</version> <title>test</title> <authors>test</authors> <owners>test</owners> <requirelicenseacceptance>false</requirelicenseacceptance> <description>test</description> <summary>test</summary> <releasenotes>test</releasenotes> <copyright>test</copyright> </metadata> <files> <file src="bin\debug\*.dll" target="lib\net45" /> <file s...
Read more

c# - Display ASPX Popup control in RowDeleteing Event (ASPX Gridview) -

-
i have aspxgridview includes new , delete button. delete button includs gv_rowdeleting event. want show aspxpopupcontrol (id="pupconfirm"). want user have confirm password delete item. tried: protected void gv_rowdeleting(object sender, devexpress.web.data.aspxdatadeletingeventargs e) { pupconfirm.showonpageload = true; } but nothing happened. please me. !!! you can create template column javascript prompt confirmation. <itemtemplate> <asp:linkbutton id="btndelete" runat="server" text="delete" commandname="delete" onclientclick="javascript:if(!confirm('are sure want delete record?')){return false;}"> </asp:linkbutton> </itemtemplate>
Read more