Search Results

Search found 25758 results on 1031 pages for 'oracle security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 427/1031 | < Previous Page | 423 424 425 426 427 428 429 430 431 432 433 434  | Next Page >

  • Oracle: what information can I derive from the SCN?

    - by Mark Harrison
    Given an SCN (system change number), and assuming an SCN for which the data is still in the undo logs, what information about the SCN can I derive? of course, SCN_TO_TIMESTAMP() gives an approximate time the data was committed. Is there any other information I can derive? What transaction, what tables, what data were affected? etc?

    Read the article

  • How to distinguish date at midnight from date w/o time in Oracle?

    - by Swiety
    I would like to distinguish date at midnight (i.e. '12/05/2010 00:00:00') from date without time specified (i.e. '12/05/2010'). This value is provided by user, sometimes it is only date which is important, sometimes it is date and time and later the application is expected to show the time only when it was explicitly provided. So for the following inputs I would expect the following outputs: for '12/05/2010' I would expect '12/05/2010' for '12/05/2010 09:23' I would expect '12/05/2010 09:23' for '12/05/2010 00:00' I would expect '12/05/2010 00:00' I know I can model it in two separate columns, date and time, but I was wondering was there any way of handling this in single date column?

    Read the article

  • Will these security functions be enough? (PHP)

    - by ggfan
    I am trying to secure my site so I don't have sql injections and xss scripting. Here's my code. //here's the from, for brevity, i just show a field for users to put firstname <form> <label for="first_name" class="styled">First Name:</label> <input type="text" id="first_name" name="first_name" value="<?php if (!empty($first_name)) echo $first_name; ?>" /><br /> //submit button etc </form> if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //then insert into the database. ....... } mysqli_real_espace_string: I know that this func escapes certain letters like \n \r, so when the data gets inputted into the dbc, it would have '\' next to all the escaped letters? --Will this script be enough to prevent most sql injections? just escaping and checking if the data is a string. For integers values(like users putting in prices), i just: is_numeric(). --How should I use htmlspecialchars? Should I use it only when echoing and displaying user data? Or should I also use this too when inputting data to a dbc? --When should I use strip_tags() or htmlspecialchars? SOO with all these function... if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //gets rid of any <,>,& htmlspecialchars($first_name); //strips any tags with the first name strip_tags($first_name) //then insert into the database. ....... } Which funcs should I use for sql injections and which ones should I use for xss?

    Read the article

  • Waiting for a submitted job to finish in Oracle PL/SQL?

    - by vicjugador
    I'm looking for the equivalent of Java's thread.join() in PL/SQL. I.e. I want to kick off a number of jobs (threads), and then wait for them to finish. How is this possible in PL/SQL? I'm thinking of using dbms_job.submit (I know it's deprecated). dbms_scheduler is also an alternative. My code: DECLARE jobno1 number; jobno2 number; BEGIN dbms_job.submit(jobno1,'begin dbms_lock.sleep(10); dbms_output.put_line(''job 1 exit'');end;'); dbms_job.submit(jobno2,'begin dbms_lock.sleep(10); dbms_output.put_line(''job 2 exit'');end;'); dbms_job.run(jobno1); dbms_job.run(jobno2); //Need code to Wait for jobno1 to finish //Need code to Wait for jobno2 to finish END;

    Read the article

  • Php security question

    - by Camran
    I have a linux server, and I am about to upload a classifieds website to it. The website is php based. That means php code adds/removes classifieds, with the help of the users offcourse. The php-code then adds/removes a classified to a database index called Solr (like MySql). Problem is that anybody can currently access the database, but I only want the website to access the database (solr). Solr is on port 8983 as standard btw. My Q is, if I add a rule in my firewall (iptables), to only allow connections coming from the servers IP to the Solr port nr, would this solve my issue? Thanks

    Read the article

  • Flash Security help needed

    - by Ela
    Hi, I am developing a player and i want to make it for only one domain usage for one download. If user needs again then again hew needs to download another version from my site. How can i make it. Please some one tell me

    Read the article

  • Equivalent of Oracle’s RowID in MySQL

    - by echo
    is there an equivalent of oracle's rowid in mysql? delete from my_table where rowid not in (select max(rowid) from my_table group by field1,field2) I want to make a mysql equivalent of this query!!! What i'm trying to do is, : The my_table has no primary key.. i'm trying to delete the duplicate values and impose a primary key (composite of field1, field2)..!!

    Read the article

  • how to get the second batch and 3rd batch in the same query result in oracle sql + yii framework?

    - by sasori
    let' say i have 20 results in the sql query. if am gonna use the limit in the yii active record, I'll obviously get the first four from the result, but what if i wanna get the 2nd four and then 3rd four in the same query result ? how to query that via sql ? e.g $criteria2 = new CDbCriteria(); $criteria2->select = 'USERID, ADID ,ADTYPE, ADTITLE, ADDESC, PAGEVIEW, DISPPUBLISHDATE'; $criteria2->addCondition("STATUS = 1"); $criteria2->order = '"t".PAGEVIEW DESC,"t".PUBLISHDATE DESC'; $criteria2->limit = 4; $criteria2->with = array('subcat','adimages'); $result = $this->findAll($criteria2); return $result;

    Read the article

  • Security issue with tiny browser

    - by jasmine
    I have used tinybrowser with tiny mce as a plugin (My panel is php based). When uploading, there is link like this: www.****.com/dashboard/tiny_mce/plugins/tinybrowser/tinybrowser.php?type=image This link can open in all browser without permission. What is the solution in this case? Could I use admin panel's session control in tinyMce plugins?? Thanks in advance

    Read the article

  • How to use Externel Procedures in Triggers on Oracle 11g..

    - by RBA
    Hi, I want to fire a trigger whenever an insert command is fired.. The trigger will access a pl/sql file which can change anytime.. So the query is, if we design the trigger, how can we make sure this dynamic thing happens.. As during the stored procedure, it is not workingg.. I think - it should work for 1) External Procedures 2) Execute Statement Please correct me, if I am wrong.. I was working on External Procedures but i am not able to find the way to execute the external procedure from here on.. SQL> CREATE OR REPLACE FUNCTION Plstojavafac_func (N NUMBER) RETURN NUMBER AS 2 LANGUAGE JAVA 3 NAME 'Factorial.J_calcFactorial(int) return int'; 4 / @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ SQL> CREATE OR REPLACE TRIGGER student_after_insert 2 AFTER INSERT 3 ON student 4 FOR EACH ROW How to call the procedure from heree... And does my interpretations are right,, plz suggest.. Thanks.

    Read the article

  • SVN access/security concern

    - by user167850
    I'm considering using a third party hosting company to house an SVN repository. (I'm looking at Dreamhost but this may apply to other hosts as well.) The hosting company sets up the repository at http://svn.yourdomain.com/path. The problem I have noticed is that anyone could come along and export the files using: svn export http://svn.yourdomain.com/path Obviously I will need to export the files myself, but is there a way to secure this on a shared host so others don't have the ability to export this over http? Or is the real solution to manage your own SVN server? Thanks for your thoughts.

    Read the article

  • Oracle export problem

    - by Abhiram
    I use exp username/password@servername owner={ownername} file=backuppath; The parameters given are correct but still not able to connect Below is the error trace: EXP-00056: ORACLE error 12545 encountered ORA-12545: Connect failed because target host or object does not exist EXP-00000: Export terminated unsuccessfully What can be the possible reasons?

    Read the article

  • A Security (encryption) Dilemma

    - by TravisPUK
    I have an internal WPF client application that accesses a database. The application is a central resource for a Support team and as such includes Remote Access/Login information for clients. At the moment this database is not available via a web interface etc, but one day is likely to. The remote access information includes the username and passwords for the client's networks so that our client's software applications can be remotely supported by us. I need to store the usernames and passwords in the database and provide the support consultants access to them so that they can login to the client's system and then provide support. Hope this is making sense. So the dilemma is that I don't want to store the usernames and passwords in cleartext on the database to ensure that if the DB was ever compromised, I am not then providing access to our client's networks to whomever gets the database. I have looked at two-way encryption of the passwords, but as they say, two-way is not much different to cleartext as if you can decrypt it, so can an attacker... eventually. The problem here is that I have setup a method to use a salt and a passcode that are stored in the application, I have used a salt that is stored in the db, but all have their weaknesses, ie if the app was reflected it exposes the salts etc. How can I secure the usernames and passwords in my database, and yet still provide the ability for my support consultants to view the information in the application so they can use it to login? This is obviously different to storing user's passwords as these are one way because I don't need to know what they are. But I do need to know what the client's remote access passwords are as we need to enter them in at the time of remoting to them. Anybody have some theories on what would be the best approach here? update The function I am trying to build is for our CRM application that will store the remote access details for the client. The CRM system provides call/issue tracking functionality and during the course of investigating the issue, the support consultant will need to remote in. They will then view the client's remote access details and make the connection

    Read the article

  • Can an Oracle user get a list of its own running sessions without access to v$session?

    - by Nick Pierpoint
    I have an application that runs a process and I only want one process to run at a time. Some options are: Use an object lock to prevent subsequent processes running. This would be fine, but I want the calling session to return immediately and not wait for the running session to complete. Use a custom Y/N to set whether a process is running or not. I set a "Y" flag at the start of the process and set it to "N" when it finishes or fails. Also fine but feels like I'm re-inventing the wheel and doesn't feel like the way to go. It also falls short if the running session is killed as the flag stays at "Y". Use dbms_application_info.set_module This approach seems the most robust, but if I'm to know there's an existing running process I think I need to be able to query v$session and I don't want this application to have such wide access. Any ideas?

    Read the article

  • What is the security risk of object reflection?

    - by Legend
    So after a few hours of workaround the limitation of Reflection being currently disabled on the Google App Engine, I was wondering if someone could help me understand why object reflection can be a threat. Is it because I can inspect the private variables of a class or are there any other deeper reasons?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 423 424 425 426 427 428 429 430 431 432 433 434  | Next Page >