Home
Search results “Declare sql variables oracle”
PL/SQL tutorial 2 : PL/SQL Variables in Oracle Database By Manish Sharma RebellionRider
 
05:37
Watch and learn how to declare a variable and different ways of initialize a variable in PL/SQL by Manish Sharma Rebellion Rider.com ------------------------------------------------------------------------ ►►►LINKS◄◄◄ Blog : http://bit.ly/variables-in-PL-SQL Previous Tutorial ► Block Types: https://youtu.be/rbarR4_gaH8 ------------------------------------------------------------------------- ►►►Let's Get Free Uber Cab◄◄◄ Use Referral Code UberRebellionRider and get $20 free for your first ride. -------------------------------------------------------------------------- ►Make sure you SUBSCRIBE and be the 1st one to see my videos! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ►►►Find me on Social Media◄◄◄ Follow What I am up to as it happens on https://twitter.com/rebellionrider https://www.facebook.com/imthebhardwaj http://instagram.com/rebellionrider https://plus.google.com/+Rebellionrider http://in.linkedin.com/in/mannbhardwaj/ http://rebellionrider.tumblr.com/ http://www.pinterest.com/rebellionrider/ You can also Email me at for E-mail address please check About section Please please LIKE and SHARE my videos it makes me happy. Thanks for liking, commenting, sharing and watching more of our videos This is Manish from RebellionRider.com ♥ I LOVE ALL MY VIEWERS AND SUBSCRIBERS
Views: 178959 Manish Sharma
Introduction to Oracle: PL-SQL - Declaring Variables and Constants
 
10:07
Introduction to Oracle: PL-SQL - Declaring Variables and Constants
Views: 3410 David Hays
PLS-4: PL/SQL Variables
 
24:47
For Full Course Experience Please Go To http://mentorsnet.org/course_preview?course_id=5 Full Course Experience Includes 1. Access to course videos and exercises 2. View & manage your progress/pace 3. In-class projects and code reviews 4. Personal guidance from your Mentors ---------------------------------------------------------------------------------------- A variable is nothing but a name given to a storage area that our programs can manipulate. Each variable in PL/SQL has a specific data type, which determines the size and layout of the variable's memory; the range of values that can be stored within that memory and the set of operations that can be applied to the variable. The name of a PL/SQL variable consists of a letter optionally followed by more letters, numerals, dollar signs, underscores, and number signs and should not exceed 30 characters. By default, variable names are not case-sensitive. You cannot use a reserved PL/SQL keyword as a variable name. PL/SQL programming language allows to define various types of variables, which we will cover in subsequent chapters like date time data types, records, collections, etc. For this chapter, let us study only basic variable types. With PL/SQL you can declare variables and then use them in SQL and procedural statements anywhere that an expression can be used. Variables can be used for the following: • Temporary storage of data: Data can be temporarily stored in one or more variables for use when validating data input and for processing later in the data flow process. • Manipulation of stored values: Variables can be used for calculations and other data manipulations without accessing the database. • Reusability: After they are declared, variables can be used repeatedly in an application simply by referencing them in other statements, including other declarative statements. • Ease of maintenance: When using %TYPE and %ROWTYPE (more information on %ROWTYPE is covered in a subsequent lesson), you declare variables, basing the declarations on the definitions of database columns. If an underlying definition changes, the variable declaration changes accordingly at run time. This provides data independence, reduces maintenance costs, and allows programs to adapt as the database changes to meet new business needs. More information on %TYPE is covered later in this lesson. Types of Variables" All PL/SQL variables have a data type, which specifies a storage format, constraints, and valid range of values. PL/SQL supports four data type categories—scalar, composite, reference, and LOB (large object)—that you can use for declaring variables, constants, and pointers. • Scalar data types hold a single value. The main data types are those that correspond to column types in Oracle server tables; PL/SQL also supports Boolean variables. • Composite data types, such as records, allow groups of fields to be defined and manipulated in PL/SQL blocks. • Reference data types hold values, called pointers, that designate other program items. Reference data types are not covered in this course. • LOB data types hold values, called locators, that specify the location of large objects (such as graphic images) that are stored out of line. LOB data types are discussed in detail later in this course.
Views: 42161 Oresoft LWC
PL/SQL : Methods of Declaring a Variable
 
09:36
In this tutorial, you'll learn how to declare a variable in PL/SQL
Views: 5967 radhikaravikumar
PL/SQL tutorial 6: Bind Variable in PL/SQL By Manish Sharma RebellionRider.com
 
07:56
Watch and learn what are bind variables in PL/SQL how to declare or create them using Variable command, Initialize them using Execute (exec)command and different ways of displaying current values of a bind variable for example using AutoPrint parameter. ------------------------------------------------------------------------ ►►►LINKS◄◄◄ Blog : http://bit.ly/bind-variable Previous Tutorial ► Constants in PL/SQL https://youtu.be/r1ypg7WH4GY ►User Variables :https://youtu.be/2MNmodawvnE ------------------------------------------------------------------------- ►►►Let's Get Free Uber Cab◄◄◄ Use Referral Code UberRebellionRider and get $20 free for your first ride. ------------------------------------------------------------------------- ►►►Help Me In Getting A Job◄◄◄ ►Help Me In Getting A Good Job By Connecting With Me on My LinkedIn and Endorsing My Skills. All My Contact Info is Down Below. You Can Also Refer Me To Your Company Thanks ------------------------------------------------------------------------- ►Make sure you SUBSCRIBE and be the 1st one to see my videos! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ►►►Find me on Social Media◄◄◄ Follow What I am up to as it happens on https://twitter.com/rebellionrider https://www.facebook.com/imthebhardwaj http://instagram.com/rebellionrider https://plus.google.com/+Rebellionrider http://in.linkedin.com/in/mannbhardwaj/ http://rebellionrider.tumblr.com/ http://www.pinterest.com/rebellionrider/ You can also Email me at for E-mail address please check About section Please please LIKE and SHARE my videos it makes me happy. Thanks for liking, commenting, sharing and watching more of our videos This is Manish from RebellionRider.com ♥ I LOVE ALL MY VIEWERS AND SUBSCRIBERS
Views: 101650 Manish Sharma
Dynamic sql table name variable
 
11:59
Text version of the video http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable.html Slides http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable_20.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All SQL Server Tutorial Videos https://www.youtube.com/playlist?list=PL08903FB7ACA1C2FB All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists In this video we will discuss how to pass table name dynamically for stored procedure in sql server. This is one of the sql questions that is very commonly asked. I have a web page with a textbox. When I enter a table name in the textbox and when I click "Load Data" button, we want to retrieve data from that respective table and display it on the page. Copy the SQL Script to create the tables from my blog using the link below http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable.html Create the following stored procedure. Notice we are passing table name as a parameter to the stored prcoedure. In the body of the stored procedure we are concatenating strings to build our dynamic sql statement. In our previous videos we discussed that this open doors for SQL injection. Create procedure spDynamicTableName @TableName nvarchar(100) As Begin Declare @sql nvarchar(max) Set @sql = 'Select * from ' + @TableName Execute sp_executesql @sql End So the obvious question that comes to our mind is, why are we not creating parameterised sql statement instead. The answers is we can't. SQL Server does not allow table names and column names to be passed as parameters. Notice in the example below, we are creating a parameterised query with @TabName as a parameter. When we execute the following code, the procedure gets created successfully. Create procedure spDynamicTableName1 @TableName nvarchar(100) As Begin Declare @sql nvarchar(max) Set @sql = 'Select * from @TabName' Execute sp_executesql @sql, N'@TabName nvarchar(100)', @TabName = @TableName End But when we try to execute it we get an error - Must declare the table variable "@TabName" Execute spDynamicTableName1 N'Countries' Add a Web Page to the project that we have been working with in our previous video. Name it "DynamicTableName.aspx". Copy and paste the HTML from my blog using the link below http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable.html Copy and paste the code from my blog in the code-behind page http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-table-name-variable.html At this point, run the application and type the following text in the "Table Name" textbox and click "Load Data" button. Notice "SalesDB" database is dropped. Our application is prone to SQL injection as we have implemented dynamic sql in our stored procedure by concatenating strings instead of using parameters. Employees; Drop database SalesDB One way to prevent SQL injection in this case is by using SQL Server built-in function - QUOTENAME(). We will discuss QUOTENAME() function in detail in our next video. For now understand that by default, this function wraps that string that is passed to it in a pair of brackets. SELECT QUOTENAME('Employees') returns [Employees] Modify the stored procedure to use QUOTENAME() function as shown below. Alter procedure spDynamicTableName @TableName nvarchar(100) As Begin Declare @sql nvarchar(max) Set @sql = 'Select * from ' + QUOTENAME(@TableName) Execute sp_executesql @sql End At this point, type the following text in the "Table Name" textbox and click "Load Data" button. Notice you will see a message - Invalid object name 'Employees; Drop database SalesDB'. Also "SalesDB" database is not dropped. Employees; Drop database SalesDB The entire text in "Table Name" textbox is wrapped in a pair of brackets by the QUOTENAME function and is treated as table name. Since we do have a table with the specified name, we get the error - Invalid object name.
Views: 29652 kudvenkat
SQL Variables
 
04:15
Jamie King of Neumont University briefly describing how to declare variables in T-SQL.
Views: 3449 Jamie King
How to Declare and Initialize Variables in T-SQL - Part 1
 
10:31
This video is part of LearnItFirst's Transact-SQL Programming: SQL Server 2008/R2 course. More information on this video and course is available here: http://www.learnitfirst.com/Course161 In order to best demonstrate the differences between the data types, Scott first shows you how to create variables. What is a variable, and what are the differences between scalar and table variables? Is a variable declared in one session available for access in other sessions? What is a good rule of thumb for deciding whether to use SELECT or SET for variable assignment? Scott clarifies all of that and more in this video. Highlights from this video: - Global variable vs. local variable - Understanding "scope" - How the batch terminator affects variables - Using SELECT and SET for variable assignment - Declaring multiple variables and much more...
Views: 4182 LearnItFirst.com
SQL:  How to Use Variables With Select Statements
 
06:28
Describes how to use variables with Select
Views: 6394 A Estrada
How To Declare and Initialize Variables in T-SQL (Part 1)
 
10:31
This video is part of LearnItFirst's Transact-SQL Programming: SQL Server 2008/R2 course. More information on this video and course is available here: http://www.learnitfirst.com/Course161 In order to best demonstrate the differences between the data types, Scott first shows you how to create variables. What is a variable, and what are the differences between scalar and table variables? Is a variable declared in one session available for access in other sessions? What is a good rule of thumb for deciding whether to use SELECT or SET for variable assignment? Scott clarifies all of that and more in this video. Highlights from this video: - Global variable vs. local variable - Understanding "scope" - How the batch terminator affects variables - Using SELECT and SET for variable assignment - Declaring multiple variables and much more...
Views: 36543 LearnItFirst.com
SQL 12c Tutorial 8 : SQL Substitution variables
 
05:51
SQL 12c Tutorial 8 : SQL Substitution variables SQL 12c Tutorial Oracle SQL Tutorial for beginners
Views: 1057 TechLake
Oracle PL/SQL - Variables - Part 1/2
 
10:27
http://plsqlzerotopro.com This tutorial explains you the concept of a variable. You will learn what a variable is, how to define a variable, how to initialize a variable and how to replace a value in a variable with a new one.
Views: 23827 HandsonERP
When Should You Use SQL Bind Variables? Always!
 
02:21
When is the right time to use Bind Variables in your SQL statements? "Pretty much all the time," says Mark Williams. Mark, a Method R evangelist with Cintra Software and Services, explains it all in this 2 Minute Tech Tip recorded at ODTUG Kscope 2018 at Walt Disney World in Orlando, Florida. https://developer.oracle.com/ https://cloud.oracle.com/en_US/tryit
Views: 604 Oracle Developers
Oracle Forms Training : Global variable
 
06:27
Oracle Training in Bangladesh Oracle Developer and Database Training in Bangladesh Oracle Training at Dev Net IT Oracle forms Training for details http://www.devnet-it.com
Views: 3764 devnetbd devnetit
How to declare Variable in MS SQL
 
03:54
How to declare Variable in MY SQL and use those variable
Views: 534 Suman Shrestha
Introduction to Oracle: PL-SQL - Assigning a Value to a Variable with a Query
 
04:38
Introduction to Oracle: PL-SQL - Assigning a Value to a Variable with a Query
Views: 706 David Hays
Oracle DBA Justin - PL/SQL # 3: How to use variables
 
11:31
How to use variables
Views: 1813 jbleistein11
Oracle PL/SQL Tutorials | Bind Variable in PL/SQLSQL Bind Variable | Mr.Vaman Deshmukh
 
09:26
** For Online Training Registration: https://goo.gl/r6kJbB ► Call: +91-8179191999 ► Visit Our Website for Classroom Training: https://nareshit.in ► For Online Training: https://nareshit.com/ #OraclePLSQLTutorials #BindVariableinPLSQL -------------------------- ► About NareshIT: "Naresh IT is having 14+ years of experience in software training industry and the best Software Training Institute for online training, classroom training, weekend training, corporate training of Hadoop, Salesforce, AWS, DevOps, Spark, Data Science, Python, Tableau, RPA ,Java, C#.NET, ASP.NET, Oracle, Testing Tools, Silver light, Linq, SQL Server, Selenium, Android, iPhone, C Language, C++, PHP and Digital Marketing in USA,Hyderabad, Chennai and Vijayawada,Bangalore India which provides online training across all the locations -------------------------- ► Our Online Training Features: 1.Training with Real-Time Experts 2.Industry Specific Scenario’s 3.Flexible Timings 4.Soft Copy of Material 5. Share Videos of each and every session. -------------------------- Please write back to us at [email protected]/[email protected] or Call us at USA: +1404-232-9879 or India: +918179191999 ** Check The Below Links** ► For Course Reg: https://goo.gl/r6kJbB ► Subscribe to Our Channel: https://goo.gl/q9ozyG ► Circle us on G+: https://plus.google.com/NareshIT ► Like us on Facebook: https://www.facebook.com/NareshIT ► Follow us on Twitter: https://twitter.com/nareshitech ► Follow us on Linkedin: https://in.linkedin.com/company/naresh-i-technologies ► Follow us on Instagram: https://www.instagram.com/nareshitech/ -------------------------------------------------------------------------------------------------------- #oracletutorials #oracletraining #sqltrainingvideos #sqltutorials #oraclevideos
Oracle developer g11  21  Declaring PL SQL variable
 
18:17
Learn Oracle developer g11 كورس Oracle developer g11
Views: 243 MyVideo Walid
DYN3: Method 2 Dynamic SQL - Non-query DML with bind variables (PL/SQL Channel)
 
26:03
One of the most common forms of dynamic SQL is method 2: non-query DML (constructed at runtime) with a fixed number of bind variables. With method 2, you need the USING clause of EXECUTE IMMEDIATE and this video shows you how. This video was taken from PLSQLChannel.com, originally recorded before Steven Feuerstein re-joined Oracle in March 2014. ======================================== Practically Perfect PL/SQL with Steven Feuerstein Copyright © 2015 Oracle and/or its affiliates. Oracle is a registered trademark of Oracle and/or its affiliates. All rights reserved. Other names may be registered trademarks of their respective owners. Oracle disclaims any warranties or representations as to the accuracy or completeness of this recording, demonstration, and/or written materials (the “Materials”). The Materials are provided “as is” without any warranty of any kind, either express or implied, including without limitation warranties or merchantability, fitness for a particular purpose, and non-infringement.
PL/SQL tutorial 47: How to declare user-define exception using a EXCEPTION variable
 
05:53
How to declare user-define exception using a variable of EXCEPTION datatype in Oracle Database By Manish Sharma from RebellionRider.com ------------------------------------------------------------------------ ►►►LINKS◄◄◄ Blog : http://bit.ly/user-define-exception-1 Previous Tutorial ► Introduction to Exception Handling: https://youtu.be/jBzhLOCBuuA ------------------------------------------------------------------------- ►Make sure you SUBSCRIBE and be the 1st one to see my videos! ------------------------------------------------------------------------- ►►►Find me on Social Media◄◄◄ Follow What I am up to as it happens on https://twitter.com/rebellionrider http://instagram.com/rebellionrider https://plus.google.com/+Rebellionrider http://in.linkedin.com/in/mannbhardwaj/ ___Facebook Official Page___ https://www.facebook.com/RebellionRider.official/ You can also Email me at for E-mail address please check the About section Please please LIKE and SHARE my videos it makes me happy. Thanks for liking, commenting, sharing and watching more of our videos This is Manish from RebellionRider.com ♥ I LOVE ALL MY VIEWERS AND SUBSCRIBERS
Views: 22282 Manish Sharma
Bind Variables and Application Performance
 
31:22
Bind Variables and Application Performance Walter Couto - Embarcadero Thursday, June 26, 2014 - 10am Not many people are familiar with Bind Variables or how they can be used. Find out how bind variables can be used effectively to make your SQL perform more efficiently and why they can achieve this performance. Walter Couto is a Software Development Manager at Embarcadero Technologies for the Embarcadero DB Power Studio family of products and has been with the company for over 12 years. He has over 18 years of development experience with a wide range of technologies.
PL/SQL Tutorial 4- PL_SQL variable declare in Oracle Database By JavaInHand
 
08:52
variable declaration and initialization in pl/sql
Views: 725 JavaInHand
Oracle developer g11- 21- Declaring PL SQL variable
 
18:17
============ رابط دورة C#: http://goo.gl/SFrRC8 رابط دورة aps.net: http://goo.gl/NtH3q5 رابط دورة Wordpress: http://goo.gl/6hYT0q رابط دورة artisteer: http://goo.gl/Lnax8k رابط دورة Visual basic 2012: http://goo.gl/fXYjcT رابط دورة MCITP: http://goo.gl/4vcmgM رابط دورة Autoplay media studio8: http://goo.gl/hFbdil رابط دورة dreamweaver cs5: http://goo.gl/p8EIle رابط دورة Oracle developer g11: http://goo.gl/NY2a64 رابط دورة Access 2007: http://goo.gl/gtQdr1 رابط دورة sql 2008: http://goo.gl/hjdXM0 رابط دورة primavira: http://goo.gl/Abq8eA رابط دزورة Linux: http://goo.gl/uJqkH2 رابط دورة Photoshop cs6: http://goo.gl/2UAb7P رابط دورة التسويق الشبكي: http://goo.gl/9F9PA2 رابط دورة التنمية الإدارية: http://goo.gl/6bJnHW ------------ لمتابعة باقي دورات موقعنا يمكنك زيارتنا على موقع وصفحة وقف أون لاين http://www.waqfonline.com http://www.facebook.com/Waqfonline
02-  Oracle PL/SQL Arabic course – Variables Part 1 المتغيرات – الجزء الأول
 
09:16
تعتبر المتغيرات (Variables) واحدة من أهم الموضوعات فى أى لغة برمجة و لن تجد أى لغة برمجة لا تستخدم المتغيرات. فى درس اليوم من سلسلة دروس دورة شرح PL/SQL نتحدث عن المتغيرات و نتطرق الى الموضوعات التالية: 1- ماهى المتغيرات (Variables) ؟ 2- تعريف المتغيرات (Variable Declaration). 3- كيف تكتب اسم متغير بطريقة سليمة (valid variable name) . 4- ما هى الثوابت (Constants). -------------------------------------------------------------------------------------------- تواصل معانا علي الفيس بوك من هنا : https://www.facebook.com/askgad .......................................­.................... تواصل معانا علي موقعنا من هنا : https://www.askgad.com
Views: 7979 Ask Gad
02-Oracle PL-SQL (Declaring PL/SQL Variables) By Eng-Helal Ahmed
 
47:33
02-Oracle PL-SQL (Declaring PL/SQL Variables) By Eng-Helal Ahmed www.facebook.com/free4arab http://www.free4arab.com http://twitter.com/free4arab1 https://plus.google.com/114278484973373035289/posts نور الهدى لتكنولوجيا المعلومات
Table valued parameters in SQL Server
 
06:46
table valued parameters example send table variable to stored procedure pass table variable as parameter to stored procedure pass table variable to sql stored procedure In this video we will discuss table valued parameters in SQL Server. Table Valued Parameter is a new feature introduced in SQL SERVER 2008. Table Valued Parameter allows a table (i.e multiple rows of data) to be passed as a parameter to a stored procedure from T-SQL code or from an application. Prior to SQL SERVER 2008, it is not possible to pass a table variable as a parameter to a stored procedure. Let us understand how to pass multiple rows to a stored procedure using Table Valued Parameter with an example. We want to insert multiple rows into the following Employees table. SQL Script to create the Employees table Create Table Employees ( Id int primary key, Name nvarchar(50), Gender nvarchar(10) ) Go Step 1 : Create User-defined Table Type CREATE TYPE EmpTableType AS TABLE ( Id INT PRIMARY KEY, Name NVARCHAR(50), Gender NVARCHAR(10) ) Go Step 2 : Use the User-defined Table Type as a parameter in the stored procedure. Table valued parameters must be passed as read-only to stored procedures, functions etc. This means you cannot perform DML operations like INSERT, UPDATE or DELETE on a table-valued parameter in the body of a function, stored procedure etc. CREATE PROCEDURE spInsertEmployees @EmpTableType EmpTableType READONLY AS BEGIN INSERT INTO Employees SELECT * FROM @EmpTableType END Step 3 : Declare a table variable, insert the data and then pass the table variable as a parameter to the stored procedure. DECLARE @EmployeeTableType EmpTableType INSERT INTO @EmployeeTableType VALUES (1, 'Mark', 'Male') INSERT INTO @EmployeeTableType VALUES (2, 'Mary', 'Female') INSERT INTO @EmployeeTableType VALUES (3, 'John', 'Male') INSERT INTO @EmployeeTableType VALUES (4, 'Sara', 'Female') INSERT INTO @EmployeeTableType VALUES (5, 'Rob', 'Male') EXECUTE spInsertEmployees @EmployeeTableType That's it. Now select the data from Employees table and notice that all the rows of the table variable are inserted into the Employees table. In our next video, we will discuss how to pass table as a parameter to the stored procedure from an ADO.NET application Text version of the video http://csharp-video-tutorials.blogspot.com/2015/09/table-valued-parameters-in-sql-server.html Slides http://csharp-video-tutorials.blogspot.com/2015/09/table-valued-parameters-in-sql-server_17.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists
Views: 69683 kudvenkat
SQL ORACLE 07 variables de sustitucion y comando DEFINE
 
13:08
SQL Oracle 07 - Variables de sustitución y comando DEFINE -------------------------------------------------- Curso de Sql usando la base de datos Oracle 11g r2 -------------------------------------------------- En este tutorial veremos como crear scripts que nos permitan sustituir valores para las variables que definamos en nuestras sentencias select. Espero les guste
Views: 2927 Jesus Luque Medina
PL-SQL tutorial 17 - how to declare variable via %type datatype and print values
 
06:05
Hi guys this videos very helpful for everyone i am going to explain how to declare variable via %type datatype and print values. Oracle database Unbeatable,Unbreakable Platform..
Views: 283 Oracle World
014-Oracle SQL 12c: Substitution variables part 1
 
08:27
تعلم اوراكل حتى الاحتراف تعلم اوراكل من الصفر
Views: 5877 khaled alkhudari
PLSQL Basico - Variables
 
14:56
En este video veremos la declaracion de variables usando los distintos tipos, escalares, de referencia, compuestos y LOB.
Views: 12314 Daniel Nieto
Dynamic SQL in Stored Procedure
 
09:32
In this video we will discuss, using dynamic sql in a stored procedure and it's implications from sql injection perspective. We will discuss performance implications of using dynamic sql in a stored procedure in a later video. Text version of the video http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-in-stored-procedure.html Slides http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-in-stored-procedure_11.html All SQL Server Text Articles http://csharp-video-tutorials.blogspot.com/p/free-sql-server-video-tutorials-for.html All SQL Server Slides http://csharp-video-tutorials.blogspot.com/p/sql-server.html All SQL Server Tutorial Videos https://www.youtube.com/playlist?list=PL08903FB7ACA1C2FB All Dot Net and SQL Server Tutorials in English https://www.youtube.com/user/kudvenkat/playlists?view=1&sort=dd All Dot Net and SQL Server Tutorials in Arabic https://www.youtube.com/c/KudvenkatArabic/playlists Consider the following stored procedure "spSearchEmployees". We implemented this procedure in Part 139 of SQL Server tutorial. This stored procedure does not have any dynamic sql in it. It is all static sql and is immune to sql injection. Create Procedure spSearchEmployees @FirstName nvarchar(100) = NULL, @LastName nvarchar(100) = NULL, @Gender nvarchar(50) = NULL, @Salary int = NULL As Begin Select * from Employees where (FirstName = @FirstName OR @FirstName IS NULL) AND (LastName = @LastName OR @LastName IS NULL) AND (Gender = @Gender OR @Gender IS NULL) AND (Salary = @Salary OR @Salary IS NULL) End Go Whether you are creating your dynamic sql queries in a client application like ASP.NET web application or in a stored procedure, you should never ever concatenate user input values. Instead you should be using parameters. Notice in the following example, we are creating dynamic sql queries by concatenating parameter values, instead of using parameterized queries. This stored procedure is prone to SQL injection. Let's prove this by creating a "Search Page" that calls this procedure. Create Procedure spSearchEmployeesBadDynamicSQL @FirstName nvarchar(100) = NULL, @LastName nvarchar(100) = NULL, @Gender nvarchar(50) = NULL, @Salary int = NULL As Begin Declare @sql nvarchar(max) Set @sql = 'Select * from Employees where 1 = 1' if(@FirstName is not null) Set @sql = @sql + ' and FirstName=''' + @FirstName + '''' if(@LastName is not null) Set @sql = @sql + ' and LastName=''' + @LastName + '''' if(@Gender is not null) Set @sql = @sql + ' and Gender=''' + @Gender + '''' if(@Salary is not null) Set @sql = @sql + ' and Salary=''' + @Salary + '''' Execute sp_executesql @sql End Go Add a Web Page to the project that we have been working with in our previous video. Name it "DynamicSQLInStoredProcedure.aspx". Copy and paste the HTML and code available on my blog at the following link http://csharp-video-tutorials.blogspot.com/2017/04/dynamic-sql-in-stored-procedure.html At this point, run the application and type the following text in the "Firsname" text and click "Search" button. Notice "SalesDB" database is dropped. Our application is prone to SQL injection as we have implemented dynamic sql in our stored procedure by concatenating strings instead of using parameters. ' Drop database SalesDB -- In the following stored procedure we have implemented dynamic sql by using parameters, so this is not prone to sql injecttion. This is an example for good dynamic sql implementation. Create Procedure spSearchEmployeesGoodDynamicSQL @FirstName nvarchar(100) = NULL, @LastName nvarchar(100) = NULL, @Gender nvarchar(50) = NULL, @Salary int = NULL As Begin Declare @sql nvarchar(max) Declare @sqlParams nvarchar(max) Set @sql = 'Select * from Employees where 1 = 1' if(@FirstName is not null) Set @sql = @sql + ' and [email protected]' if(@LastName is not null) Set @sql = @sql + ' and [email protected]' if(@Gender is not null) Set @sql = @sql + ' and [email protected]' if(@Salary is not null) Set @sql = @sql + ' and [email protected]' Execute sp_executesql @sql, N'@FN nvarchar(50), @LN nvarchar(50), @Gen nvarchar(50), @sal int', @[email protected], @[email protected], @[email protected], @[email protected] End Go On the code-behind page, use stored procedure spSearchEmployeesGoodDynamicSQL instead of spSearchEmployeesBadDynamicSQL. We do not have to change any other code. At this point run the application one more time and type the following text in the "Firstname" textbox and click the "Search" button. ' Drop database SalesDB -- Notice "SalesDB" database is not dropped, So in this case our application is not succeptible to SQL injection attack. Summary : Whether you are creating dynamic sql in a client application (like a web application) or in a stored procedure always use parameters instead of concatnating strings. Using parameters to create dynamic sql statements prevents sql injection.
Views: 37945 kudvenkat
02-Oracle PL/SQL (Declaring PL/SQL Variables) By Eng-Helal Ahmed
 
54:18
02-Oracle PL/SQL (Declaring PL/SQL Variables) By Eng-Helal Ahmed https://www.facebook.com/free4arab http://www.free4arab.com https://twitter.com/free4arab1 https://plus.google.com/114278484973373035289 نور الهدى لتكنولوجيا المعلومات
Oracle tutorial : Bind variables in PL SQL
 
08:00
Oracle tutorial : Bind variables in PL SQL oracle tutorial for beginners This Oracle tutorial video will show you how to use bind variables in SQL. You can improve SQL query performance by Using Bind Variables. Bind variables Improved Security of SQL queries. Bind variables matter for performance. Before running SQL statement oracle checks that it is valid or not. and analyse how to access the tables. If a plan already exists for a query in that case Oracle not need to go through the optimization process again. so the oracle reuse the existing plan. It increase the performance. For more tutorial please visit #techquerypond https://techquerypond.com https://techquerypond.wordpress.com https://twitter.com/techquerypond
Views: 2516 Tech Query Pond
SQL Server - Temp Tables Vs Table Variables
 
28:31
We provide online Training and Classroom Training on MSBI, SQL Server, Hadoop, .NET, Java, Oracle, Tableau etc. Contact: [email protected] Ph No: +91 9000075637
Views: 6747 Bhaskar Jogi
9/125 Oracle PLSQL: Declaring PLSQL Variables 4
 
21:47
Learn Oracle PLSQL EXAM 1Z0-144
Views: 2432 khaled alkhudari
PL/SQL tutorial 5: PL/SQL Constants in Oracle Database  By Manish Sharma RebellionRider.com
 
04:34
Constant is a user defined identifier whose value remains unchanged throughout the program. Watch and learn proper way of initializing and declaring a constant in PL/SQL by Manish Sharma in PL/SQL Tutorial 5 for beginners. ------------------------------------------------------------------------ ►►►LINKS◄◄◄ Blog : http://bit.ly/constants-in-pl-sql Previous Tutorial ► Anchored Datatype (%type) https://youtu.be/Zt0vlmTqhP4 ------------------------------------------------------------------------- ►►►Let's Get Free Uber Cab◄◄◄ Use Referral Code UberRebellionRider and get $20 free for your first ride. ------------------------------------------------------------------------- ►Make sure you SUBSCRIBE and be the 1st one to see my videos! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ►►►Find me on Social Media◄◄◄ Follow What I am up to as it happens on https://twitter.com/rebellionrider https://www.facebook.com/imthebhardwaj http://instagram.com/rebellionrider https://plus.google.com/+Rebellionrider http://in.linkedin.com/in/mannbhardwaj/ http://rebellionrider.tumblr.com/ http://www.pinterest.com/rebellionrider/ You can also Email me at for E-mail address please check About section Please please LIKE and SHARE my videos it makes me happy. Thanks for liking, commenting, sharing and watching more of our videos This is Manish from RebellionRider.com ♥ I LOVE ALL MY VIEWERS AND SUBSCRIBERS
Views: 87370 Manish Sharma
10/125 Oracle PLSQL: Declaring PLSQL Variables 5
 
14:36
Learn Oracle PLSQL EXAM 1Z0-144
Views: 2263 khaled alkhudari
ORACLE DATA INTEGRATOR ODI Variables
 
01:02:20
ORACLE DATA INTEGRATOR ODI Variables
Views: 2344 srinu bondada
Oracle : Stored Procedure with Input and Output Parameters
 
04:04
Java Source Code here: http://ramj2ee.blogspot.com/2015/07/oracle-stored-procedure-with-input-and.html Oracle : Stored Procedure with Input and Output Parameters JavaEE Tutorials and Sample code - Click here : http://ramj2ee.blogspot.in/
Views: 40176 Ram N
PL/SQL tutorial 4: Anchored Datatype (%TYPE) in PL/SQL By Manish Sharma RebellionRider
 
06:10
Anchored datatype or %TYPE in PL/SQL are those data type which you assign to a variable based on a database object. Watch this PL/SQL Tutorial 4 and leanr about %TYPE with examples By Manish Sharma from wwww.RebellionRider.com ------------------------------------------------------------------------ ►►►LINKS◄◄◄ Blog : http://bit.ly/anchored-datatype Previous Tutorial ► SELECT...INTO statement in PL/SQL https://youtu.be/F5eMJhwmCQs ------------------------------------------------------------------------- ►►►Let's Get Free Uber Cab◄◄◄ Use Referral Code UberRebellionRider and get $20 free for your first ride. ------------------------------------------------------------------------- ►Make sure you SUBSCRIBE and be the 1st one to see my videos! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ►►►Find me on Social Media◄◄◄ Follow What I am up to as it happens on https://twitter.com/rebellionrider https://www.facebook.com/imthebhardwaj http://instagram.com/rebellionrider https://plus.google.com/+Rebellionrider http://in.linkedin.com/in/mannbhardwaj/ http://rebellionrider.tumblr.com/ http://www.pinterest.com/rebellionrider/ You can also Email me at for E-mail address please check About section Please please LIKE and SHARE my videos it makes me happy. Thanks for liking, commenting, sharing and watching more of our videos This is Manish from RebellionRider.com ♥ I LOVE ALL MY VIEWERS AND SUBSCRIBERS
Views: 113026 Manish Sharma
Oracle 10g PL SQL Class 2-Declaring Variables
 
11:51
Website: http://javaknowledge.info Source code: http://www.trainingwithliveproject.com FB Page: https://www.facebook.com/javaknowledgeshare FB Group: https://www.facebook.com/groups/PBPTBD
Views: 484 Java Knowledge
PL-SQL tutorial 18 - How to use the Global variable in PL/SQL
 
03:25
Hi guys this videos very helpful for everyone i am going to explain How to use the Global variable in PL/SQL .Oracle database Unbeatable,Unbreakable Platform..
Views: 908 Oracle World
PLS-2: My First PL/SQL Program
 
11:34
For Full Course Experience Please Go To http://mentorsnet.org/course_preview?course_id=5 Full Course Experience Includes 1. Access to course videos and exercises 2. View & manage your progress/pace 3. In-class projects and code reviews 4. Personal guidance from your Mentors Goal is to write your first PL/SQL program. The basic program unit in PL/SQL is the block. A PL/SQL block is defined by the keywords DECLARE, BEGIN, EXCEPTION, and END. These keywords partition the block into a declarative part, an executable part, and an exception-handling part. Example of a Block DECLARE bonus NUMBER(8,2); emp_id NUMBER(6) := 100; BEGIN SELECT salary * 0.10 INTO bonus FROM employees WHERE employee_id = emp_id; Exception When NO_DATA_FOUND THEN null ; END; This is a typical PL/SQL block where 10% of salary is selected and stored on a temp variables bonus. If for some reason there is no employee with empid = 100 then the control will come to exception area and the code in the exception area will be executed. These blocks can be entirely separate or nested one within another. The basic units (procedures and functions, also known as subprograms, and anonymous blocks) that make up a PL/SQL program are logical blocks, which can contain any number of nested sub blocks. Therefore, one block can represent a small part of another block, which in turn can be part of the whole unit of code. Anonymous Blocks Anonymous blocks are unnamed blocks. They are declared at the point in an application where they are to be executed and are passed to the PL/SQL engine for execution at run time. You can embed an anonymous block within a pre-compiler program and within iSQL*Plus or Server Manager. Triggers in Oracle Developer components consist of such blocks. Subprograms Subprograms are named PL/SQL blocks that can accept parameters and can be invoked. You can declare them either as procedures or as functions. Generally use a procedure to perform an action and a function to compute a value. You can store subprograms at the server or application level. Using Oracle Developer components (Forms, Reports, and Graphics), you can declare procedures and functions as part of the application (a form or report) and call them from other procedures, functions, and triggers (see next page) within the same application whenever necessary. Note: A function is similar to a procedure, except that a function must return a value.
Views: 66497 Oresoft LWC
Advanced Databases - Scalar Variables Demo (SQL Server)
 
22:30
How to DECLARE, SET, SELECT, and use scalar variables in SQL Server.
Views: 286 Christian Hur
PLSQL tutorial in Bangla calculation with variable
 
07:42
How to calculate in PL/SQL language. We will learn how to calculate with variable in PL/SQL. Step 1: log in to your sql plus, and Set serveroutput on(calculation with variable). Step 2: Declare some variable to keep your data / number by which you can calculate with variables, Step 3: assign variables number such as (20,30,50 etc), (calculation with variable) Step 4: then use DBMS_OUTPUT.PUT_LINE statement to show the result for calculation with variable Thanks For Watching MdMahfujur Rahman Database Design and Development IDB-BISEW IT Scholarship Project. 01673472384
Views: 705 Mahfujur Rahman