cancel
Showing results for 
Search instead for 
Did you mean: 

dbms_assert

SOLVED
Highlighted
Adventurer

dbms_assert

How can I use Oracle package dbms_assert... we wan to move an schema, but make use of that package.

1 ACCEPTED SOLUTION

Accepted Solutions
EDB Team Member

Re: dbms_assert

I think some of your code objects using Oracle dbms_assert function to handle SQL Injection. Currently, dbms_asssert package is not support directly in EDB Postgres. 

 

We can achieve some of the dbms_assert functionalities in EDB Postgres using SQL/Protect module. SQL/Protect has a set of function to handle different types of SQL injection attacks.  If you want to migrate your code objects with minimal changes then you need to create a package and function by wrapping up the SQL/Protect module functions. It may be some manual work to migrate those objects.

 

Here are few reference links which might give some insight about the module. 

https://www.enterprisedb.com/docs/en/10.0/EPAS_Guide_v10/EDB_Postgres_Advanced_Server_Guide.1.48.htm...

http://info.enterprisedb.com/rs/enterprisedb/images/Data_Sheet_SQL_Protect_20111111.pdf?_ga=2.105370...

 

--Raghav

4 REPLIES
EDB Team Member

Re: dbms_assert

Hello,

 

Could you please confirm your requirement, dbms_assert package in oracle is used to sanitize inputs just before actual query execution.

Do you want to use same package in postgresql or Do you already have this package in your postgresql.. or  do you want to use dbms_assert package to move schema in postgresql..? 

 

Thanks & Regards

Siva M.

Adventurer

Re: dbms_assert

I currently use dbms_assert on my Oracle RDBMS and I want to migrate to PostgreSQL (EDB).

 

I want to migrate to EDB but some functions are using dbms_assert

 

I want to use the functions on EDB with minimal changes.

EDB Team Member

Re: dbms_assert

I think some of your code objects using Oracle dbms_assert function to handle SQL Injection. Currently, dbms_asssert package is not support directly in EDB Postgres. 

 

We can achieve some of the dbms_assert functionalities in EDB Postgres using SQL/Protect module. SQL/Protect has a set of function to handle different types of SQL injection attacks.  If you want to migrate your code objects with minimal changes then you need to create a package and function by wrapping up the SQL/Protect module functions. It may be some manual work to migrate those objects.

 

Here are few reference links which might give some insight about the module. 

https://www.enterprisedb.com/docs/en/10.0/EPAS_Guide_v10/EDB_Postgres_Advanced_Server_Guide.1.48.htm...

http://info.enterprisedb.com/rs/enterprisedb/images/Data_Sheet_SQL_Protect_20111111.pdf?_ga=2.105370...

 

--Raghav

Silver Adventurer

Re: dbms_assert

hi @OUTON, you can check the orafce extension 

have a module name dbms_assert

 

This package protect user input against SQL injection.

  • dbms_assert.enquote_literal(varchar) varchar - Add leading and trailing quotes, verify that all single quotes are paired with adjacent single quotes.

  • dbms_assert.enquote_name(varchar [, boolean]) varchar - Enclose name in double quotes. Optional second parameter ensure loweralize of name. Attention - On Oracle is second parameter capitalize!

  • dbms_assert.noop(varchar) varchar - Returns value without any checking.

  • dbms_assert.qualified_sql_name(varchar) varchar - This function verifies that the input string is qualified SQL name.

  • dbms_assert.schema_name(varchar) varchar - Function verifies that input string is an existing schema name.

  • dbms_assert.simple_sql_name(varchar) varchar -This function verifies that the input string is simple SQL name.

  • dbms_assert.object_name(varchar) varchar - Verifies that input string is qualified SQL identifier of an existing SQL object.