Your ‘PL/SQL Code’

Your 'PL/SQL Code'

Am I the only one who finds this help message vaguely insulting?

Jeffrey Kemp 14 November 2013

Forbidden PL/SQL

What’s the biggest clue you can give that your database is vulnerable to SQL injection? When your list of “forbidden words” looks suspiciously like a sample of SQL / PL/SQL keywords:

I notice that they haven’t forbidden BEGIN, CREATE, MERGE, or TRUNCATE …

Congressman Peters, your IT staff are doing it wrong.

Via: http://thedailywtf.com/Articles/Out-of-Service.aspx#pic4

Jeffrey Kemp 30 April 2012

humour / PL/SQL / SQL / what-not-to-do /

Code I Regret: Refactoring as Penance

Recently I refactored some PL/SQL for sending emails – code that I wrote way back in 2004. The number of “WTF“‘s per minute has not been too high; however, I’ve cringed more times than I’d like…

1. Overly-generic parameter types

When you send an email, it will have at least one recipient, and it may have many recipients. However, no email will have more than one sender. Yet, I wrote the package procedure like this:

TYPE address_type IS RECORD
 (name          VARCHAR2(100)
 ,email_address VARCHAR2(200)
 );
TYPE address_list_type IS TABLE OF address_type
 INDEX BY BINARY_INTEGER;
PROCEDURE send
 (i_sender     IN address_list_type
 ,i_recipients IN address_list_type
 ,i_subject    IN VARCHAR2
 ,i_message    IN VARCHAR2
 );

Why I didn’t have i_sender be a simple address_type, I can’t remember. Internally, the procedure only looks at i_sender(1) – if a caller were to pass in a table of more than one sender, it raises an exception.

2. Functional programming to avoid local variables

Simple is best, and there’s nothing wrong with using local variables. I wish I’d realised these facts when I wrote functions like this:

FUNCTION address
 (i_name          IN VARCHAR2
 ,i_email_address IN VARCHAR2
 ) RETURN address_list_type;
FUNCTION address
 (i_address       IN address_list_type
 ,i_name          IN VARCHAR2
 ,i_email_address IN VARCHAR2
 ) RETURN address_list_type;

All that so that callers can avoid *one local variable*:

EMAIL_PKG.send
 (i_sender     => EMAIL_PKG.address('joe','joe@company.com')
 ,i_recipients => EMAIL_PKG.address(
                  EMAIL_PKG.address(
                  'jill', 'jill@company.com')
                 ,'bob', 'bob@company.com')
 ,i_subject    => 'hello'
 ,i_message    => 'world'
 );

See what I did there with the recipients? Populating an array on the fly with just function calls. Smart eh? But rather useless, as it turns out; when we need to send multiple recipients, it’s usually populated within a loop of unknown sized, so this method doesn’t work anyway.

Go ahead – face your past and dig up some code you wrote 5 years ago or more. I think, if you don’t go “WTF!” every now and then, you probably haven’t learned anything or improved yourself in the intervening years. Just saying 🙂

Jeffrey Kemp 19 April 2012

code-snippet-of-the-day / design-antipattern / humour / introspection / PL/SQL / what-not-to-do /

Infinite Query

This is the query that never ends,
It just goes on and on, my friends.
Some people started fetching not knowing what it was,
And now they can’t stop fetching forever just because…

This is the query that never ends,
…

CREATE TYPE number_table_type IS TABLE OF NUMBER;

CREATE FUNCTION row_generator
RETURN number_table_type
PIPELINED IS
BEGIN
  LOOP
    FOR i IN 1..100 LOOP
      PIPE ROW (i);
    END LOOP;
  END LOOP;
  RETURN;
END;

SELECT * FROM TABLE(row_generator);

…inspired by…

Jeffrey Kemp 16 April 2011

humour / PL/SQL / SQL / the-feuerstein-challenge /

SQL Injection License Plate

Bobby Table’s got himself a car 🙂

My source: SQL Injection License Plate Hopes to Foil Euro Traffic Cameras

But, seriously: Bobby Tables: A guide to preventing SQL injection

I didn’t make this image, I got it from the gizmodo article. It seems to have been picked up a few times and republished since then 🙂

Jeffrey Kemp 23 March 2010

humour / SQL /

How to tell if someone’s a programmer

“A woman asks her husband, a programmer, to go shopping:
– Dear, please, go to the nearby grocery store to buy some bread. If they have eggs, buy 6.
– O.K., hun.
Twenty minutes later the husband comes back bringing 6 loaves of bread. His wife is flabbergasted:
– Dear, why on earth did you buy 6 loaves of bread?
– They had eggs.”

Source (deleted)

Jeffrey Kemp 22 May 2009

humour / stackoverflow /

Asia Down Under

Um, could someone either
(a) tell me when Australia became part of Asia? or
(b) send Oracle University to Geography 101… 🙂

“First Time in Asia! … Melbourne… Sydney… Brisbane”

Jeffrey Kemp 21 April 2008

humour /

“Applications Developer: Soccer or Tetrinet skills desirable”

“Applications Developer – desirable skills: Soccer or Tetrinet”

Job: Applications Developer
Location: Perth – South
Advertiser: Kwinana Software Company
Classification: I.T. & T > Analyst/Programmer
Description: Highly-regarded development house. Build broad & deep skills in Microsoft, Oracle and industrial technologies. Soccer or Tetrinet skills wouldn’t hurt
Link: http://it.seek.com.au/users/apply/index.ascx?Sequence=13&PageNumber=1&JobID=9618584&cid=jobmail

“We have comfy chairs, grunty machines and twin 22” wide-screens on every desk (with webcams, for Skyping between offices).”

Wow.

Jeffrey Kemp 11 June 2007

humour / jobs /

Mood Swings

An interesting column comment encountered:

MOOD_SWINGS_IND VARCHAR2(1) (Y/N) “indicates that the person was in a swinging mood at the time of the episode”

Jeffrey Kemp 20 November 2006

code-snippet-of-the-day / humour /