Oneway Wrapping PL/SQL Programs
Hello,
I have wrapped my PL/SQL package successfully through wrap utility, but it can be easily unwrapped by some websites like 'http://www.codecrete.net/UnwrapIt' or unwrap mechanism.
I need one way encryption for my program. Please suggest if there is any alternative.
Thanks & Regards
Pritish
Edited by: 1004790 on Jun 6, 2013 6:11 AM
No computer program in any language can be encrypted in a way that prevents someone that owns the server on which the code is running from reversing that encryption. The code, after all, has to be sent to the CPU to be executed. You can find sites that unwrap PL/SQL just like you can find tools that will generate C source code for the Oracle executable or the Java source for whatever JAR file you'd like to consider.
The best you can do is to buy something like PFCLObfuscate that will obfuscate the code before calling the wrap utility (and calling the older version of the wrap utility which is a touch harder to unwrap and for which there are fewer online unwrapping tools). That requires money to buy the tool, though, and it will add complexity to your code management and deployment process since you have to maintain both a readable and an obfuscated version of the code and ensure that the right thing gets deployed and that no one inadvertently causes there to be differences between the two. And an attacker could still unwrap your code and still see exactly what it is doing, it would just be a bit harder to follow.
Justin
Similar Messages
-
Hi,
The below mentioned link is with reference to a question which has been asked by the user regarding how to encrypt pl./sql programs .. and the answer which has been given is using WRAP command ,..
Encrypt PL/SQL
At the same stage, later on, if I want to decrypt the PL/SQL program and want to view the original contents ... how can I achieve this ???
RegardsHi,
Thanks for your reply .. Well, the below is what I got the oracle documentation ..
The header can contain comments. For example, the Wrap Utility converts
CREATE PACKAGE
-- Author: J. Hollings
-- Date: 10/15/99
banking AS
minimum_balance CONSTANT REAL := 25.00;
insufficient_funds EXCEPTION;
END banking;
into
CREATE PACKAGE
-- Author: J. Hollings
-- Date: 10/15/99
banking wrapped
0
abcd ...
Now, you said, the user who has created it can view the original code, how is that possible ?? Do you mean, if i login with my user id and password (with whom I have encrypted the program) I only can view the code ( the original code) ?? Please clarify
Regards -
How to create and execute PL/SQL program or Procedure from Java (JDBC)
hi all,
user will enter the Pl/Sql program from User-Interface. that program has to be create in DB and execute that.
due to some confusions, how to execute this from Java, i (user) entered the same logic through a Procedure.
my Java code is
Statement st = con.createStatement();
Statement.execute(procedure_query); // procedure name is myPro
CallableStatement cs = con.prepareCall("{call myPro}");
(as given in SUN docs - http://java.sun.com/docs/books/tutorial/jdbc/basics/sql.html)
but its not creating the procedure.
and i tried to run a procedure (which is already created) with CallableStatement, and this is also not working.
how to get this.
thanks and regards
pavanHi,
SInce the PL/SQL block is keyed in dynamically, you probably want to use the anonymous PL/SQL syntax for invoking it:
// begin ? := func (?, ?); end; -- a result is returned to a variable
CallableStatement cstmt3 =
conn.prepareCall(“begin ? := func3(?, ?); end;”);
// begin proc(?, ?); end; -- Does not return a result
CallableStatement cstmt4 =
Conn.prepareCall(“begin proc4(?, ?); end;”);
SQLJ covered in chapter 10, 11, and 12 of my book furnish a more versatile dynamic SQl or PL/SQL mechanisms.
Kuassi
- blog http://db360.blogspot.com/
- book http://db360.blogspot.com/2006/08/oracle-database-programming-using-java_01.html -
Calling Transaction Import Concurrent Program in PL/SQl program
Hi,
I am trying to run Transaction Import process by calling the concurrent program in my pl/sql program.I think I am passing all the right paramters which are necessary.But the actual PAXTRTRX is never being called and I am not getting any request ID back.No exception is being thrown.Following is how I am calling the concurrent program...
p_tran_imp_request_id := fnd_request.submit_request
( application => 'PA'
, program => 'PAXTRTRX'
, sub_request => FALSE
, argument1 => 'My Transaction Source name here'
, argument2 => 'My batch name here'
,argument3 => 'my TXN_INTERFACE_ID here'
If I run the PRC: Transaction Import from front end...the process is run and import was completed just fine.But I am not able to call concurrent program from my program.Is there anything I am missing...Is there any thing I need to do before I call the concurrent program...
Any help in this issue is greatly appreciated.
ThanksHi,
Thanks for the advise. Yes I was calling the initialize function but I was passing wrong application id and responsibility id to that.Now that is taken care of.
Thanks -
PL/SQL program not working when connect database via SqlNet
Hi,
This is a segment of a PL/SQL program before opening a cursor using input descriptor. It is working fine ( to get the value of unOutputCount ) without connect to a database via SqlNet, can anyone tell me why it is not working ( unOutputCount return 0)while connecting to a database via SqlNet and how to make it work without opening a cursor before DESCRIBE OUTPUT ...?
EXEC SQL ALLOCATE DESCRIPTOR GLOBAL 'input_111'
WITH MAX 100;
EXEC SQL ALLOCATE DESCRIPTOR GLOBAL 'output_111'
WITH MAX 100;
EXEC SQL PREPARE STMT1 FROM :psSqlStatement;
EXEC SQL DECLARE CURSOR1 CURSOR FOR STMT1;
EXEC SQL DESCRIBE INPUT STMT1
USING DESCRIPTOR GLOBAL 'input_111';
/* Get count of input parameters in statement */
EXEC SQL GET DESCRIPTOR GLOBAL 'input_111' :unInputCount = COUNT;
EXEC SQL DESCRIBE OUTPUT STMT1
USING DESCRIPTOR GLOBAL 'output_111';
/* Get count of output parameters in statement */
EXEC SQL GET DESCRIPTOR GLOBAL 'output_111'
:unOutputCount = COUNT;Hi,
Welcome to Oracle OTN Forums!
I changed your code a little. I think this help you
CREATE OR REPLACE
PROCEDURE xx_test
IS
v_pid VARCHAR2(100);
v_cn VARCHAR2(100);
v_id VARCHAR2(1000);
v_val VARCHAR2(1000);
CURSOR C1
IS
(SELECT product_id, 'PRODUCT_ID' cn
FROM product1 );
BEGIN
FOR V1 IN C1
LOOP
FETCH C1 INTO v_pid, v_cn;
dbms_output.put_line('==== '||v_pid||'==== '||v_cn);
EXECUTE IMMEDIATE
'SELECT product_id, DECODE(COUNT (product_id),1,MAX (product_id))||'''||V_CN||''' as val
FROM product1
WHERE product_id =:a
GROUP BY product_id)' INTO v_id, v_val USING v_pid;
dbms_output.put_line('==== '||v_id||'==== '||v_val);
EXECUTE IMMEDIATE 'UPDATE product2 SET '||v_cn||' = ' ||''''|| v_val ||''''|| ' WHERE product_id = :b' USING v_pid;
dbms_output.put_line('++++ '||v_cn||'++++ '||v_val||'++++ '||v_pid);
END LOOP;
END xx_test; -
REP-1419: 'beforereport': PL/SQL program aborted.
Hi,
We transmitted a payment batch file to one of our Banks (via FTP). First time it failed because our Bank ftp details were changed overnight and the folder where we transfer the file (via PGP) is missing. Now the Bank has recreated the directory and gave full access to transmit the file. After getting the intimation from the Bank, we cancelled our Payment Batch program and resubmitted the Payment batch once again. However, this time the Payment Batch is ending at Format stage itself. And throwing the above error < REP-1419: 'beforereport': PL/SQL program aborted.>
Now I do not know why the formatting is failing when all directories are exisiting and have full access ? Do we need to revalidate the already validated and approved invoices? Do we need to delete the earlier file that was created in the morning?
Can anyone throw some light on this?
I appreciate your help.
(PS: all other information including, vendor, vendor sites, bank, pay group and etc are all fine)check the code in reports before parameter form.
May be the related objects are not there. You can try opening this report in the new version and compile the before parameter form trigger
Rajesh Alex -
WebADI: How to find out which integrator executed the upload PL/SQL program
Hi,
I understand that we can create a integrator to upload data to EBS and execute a PL/SQL program.
Is there any way to find out which INTEGRATOR executed this PL/SQL program?
Thanks.
RegardsAlternatively:
select name, plsql_debug from sys.all_plsql_object_settings -
What are the best books to purchase for pl/sql programming?
What are the best books to purchase for pl/sql programming?
I am new to this field and I am looking for the best books to help me in pl/sql programming. Can someone please suggest?
ThanksIn my opinion one of the best to start
Oracle PL/SQL Programming, Third Edition
Steven Feuerstein -
Help needed in executing pl/sql programs
hi all
iam new to PL/SQL programming
i have installed oracle 9i
iam trying to practice some sample pl/sql programs
i have opened oracle 9i and typed these commands
sql>ed sum
then a notepad opens where i type my pl/sql program and save it and then return back to oracle 9i and type this
sql>@ sum
then my pl/sql program gets executed.......but iam not getting any output
its comig as procedure implemented succesfully
is it compulsory to open notepad to execute pl/sql progams or we can direclty type the programs in oracle 9i
please help in this matter ASAP
Regards
SureshYes, you can type the program directly at the SQL prompt, but editing will be a bit difficult.
You should use some good editor that allows you to edit properly and then run like you did.
You need to do:
SQL> set serveroutput onbefore running your program to see dbms_output messages. -
Performance issue while wrapping the sql in pl/sql block
Hi All,
I am facing performance issue in a query while wrapping the sql in pl/sql block.
I have a complex view. while quering the view using
Select * from v_csp_tabs(Name of View I am using), it is taking 10 second to fetch 50,000 records.
But when I am using some conditions on the view, Like
Select * from v_csp_tabs where clientid = 500006 and programid = 1 and vendorid = 1, it is taking more then 250 secs. to return the result set.
now the weird part is this is happening only for one programID, that is 1
I am using Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - 64bit Production
Any one please suggest what are the things i need to check..
I am sorry, I could not provide you the explain plan, because this is in production and I do not have enough prevelage.
Thank you in advance.
Thnx,
BitsBits wrote:
I have a complex view. while quering the view using
Select * from v_csp_tabs(Name of View I am using), it is taking 10 second to fetch 50,000 records.
But when I am using some conditions on the view, Like
Select * from v_csp_tabs where clientid = 500006 and programid = 1 and vendorid = 1, it is taking more then 250 secs. to return the result set.That's one problem with views - you never know how they will be used in the future, nor what performance implications variant uses can have.
>
now the weird part is this is happening only for one programID, that is 1
Any one please suggest what are the things i need to check..
I am sorry, I could not provide you the explain plan, because this is in production and I do not have enough prevelage.I understand what you are saying - I have worked at similar sites. HiddenName is correct in suggesting that you need to get execution plans but sometimes getting privileges from the DBA group is simply Not Going To Happen. Its wrong but that's the way it is. Follow through on HiddenName's suggested to get help from somebody who has the privleges needed
Post the query that view view is executing. Desk checking a query is NOT ideal but is one thing we can do.
I don't suppose you can see V$ views on production - V$SQL and V$SQL_PLAN (probably not if you can't generate plans, but its worth a thought) -
Which PL/SQL developer tool is best to develop the PL/SQL program?
Hi, all, who know which PL/SQL developer tool is best to develop the PL/SQL program? it is jdeveloper or designer or third party developer tool? please let me know, Thanks!
To be honest , I have been using only Notepad or
a simple Textpad ..to this date.
While these tools may be of help in indenting and beautification of code, I feel you lose your debugging skills and forget the SQL-PL/SQL syntax with them.
Cheers
Ashwin N. -
Shell script calling SQL Program and passing parameters
Hi guys,
Greetings from Toronto. Is it possible to pass a string or strings as parameters to a sql program from a shell script ?
Shell Script
# Accept system input parameters
p_user_id=$1
p_job_id=$2
sqlplus.exe -s $p_user_id @$RD_PATH/rd_test.sql $p_user_id $p_job_id
SQL Program (rd_test.sql)
-- Accept system input parameters
define p_user_id = &1
define p_job_id = &2
-- Wondering if its possible to pass these 3 parameters from a shell script program.
-- (1) rd_test-$p_job_id-3-1.lis
-- (2) RD_PRINTER(rd_test,3)
-- (3) t_data
select
t_data=''rd_test-'||'''$p_job_id'''||'-1-1.txt''
t_data_dir=''.''
ksh $RD_PATH/another_shell_prog.sh $p_user_id $p_job_id '||a.rd_value||' '
||b.rd_value||' rd_test-$p_job_id-3-1.lis $RD_PRINTER(rd_test,3) '||
'$t_data $t_data_dir'||'
exit_status=$?
check_command'
from rd_job_parameter b, rd_job_parameter a
where a.job_id = &2
and a.jp_module_id = 'RDTEST'
and b.job_id = a.job_id
and b.module_id = a.module_id
/As always, its not something I have to solve this minute. Any help would be appreciated
and I will be thinking of the problem.
Thanks
Raj
Edited by: Raj404261 on Jun 25, 2009 11:40 AM
Edited by: Raj404261 on Jun 25, 2009 5:29 PMHi Sean,
Thanks for the reply. I am not at work yet. I already do have the if condition to call 2 separate sql scripts. I was hoping them to be reduced to one sql script. That's why I was hoping to pass some of those values to the select statement as parameters.
Here is what I was hoping to pass from the shell script based on an IF condition. The good thing about it is that I can hard code these 3 parameters in the shell script in the IF and ELSE conditions. Is it possible to tag these 3 hard coded values in the command line after $p_job_id and then capture these 3 parameters in the SQL program ?
1. rd_test-$p_job_id-3-1.lis or rd_test-$p_job_id-3-1.lis
2. RD_PRINTER(rd_test,3) or RD_PRINTER(rd_test,4)
3. t_data=''rd_test-'||'''$p_job_id'''||'-1-1.txt''
Shell script :
# Accept system input parameters
p_user_id=$1
p_job_id=$2
if [condition]
sqlplus.exe -s $p_user_id @$RD_PATH/rd_test.sql $p_user_id $p_job_id
else
sqlplus.exe -s $p_user_id @$RD_PATH/rd_test.sql $p_user_id $p_job_id
fi
ksh $RD_PATH/another_shell_prog.sh $p_user_id $p_job_id '||a.rd_value||' '
||b.rd_value||' rd_test-$p_job_id-3-1.lis $RD_PRINTER(rd_test,3) '||
'$t_data $t_data_dir'||' -
Version Control of PL/SQL programs in Database
Is there a version control feature available in Oracle v9.x ???
I am trying to implement version control on PL/SQL programs(Packages/Functions/Procedures). I should be able to rollback to old version and keep the system running if the latest ones failed. This should be done automatically without bringing the database down or recompiling the PL/SQL programs and also users do not need to reconnect(users might be caught in a LOCK and might get their sessions killed by DBA...)
Ex: I have heard that in .NET, u can have more than one version of a DLL and have only one version active. If we want to go back to the old version of the DLL, u don't need to recompile the DLL to make it active. I am looking something similar to this....
I have thought of several ways like creating a small repository table for my PL/SQL programs and store the PL/SQL code in the repository and based on the situation, compile only that program (which might be a OLD or a NEW version) and so forth... But this does not satisfy the requirement of rolling back to the old version without recompiling.(RENAMING a PL/SQL program feature doesn't seem to be implemented yet...)
I don't want to use Designer just for this purpose...
Any ideas..
Thanks,
PurushAre you dealing with code that's being called remotely (i.e. via a database link)?
No
I'd be concerned about the concept of rolling back code changes in production on a regular basis-- that would seem to indicate problems that ought to be addressed in development and QA. Rolling back code in production seems like it ought to be a rather painful process, if only because it indicates a massive failure elsewhere.
This is not on a regular basis at all. Our Database applications are tied with lots of programs which directly control the robots and machines. Certain machines and robots needs to be working all the time and any downtime will cost time and money. To make sure that the implementation goes into production smoothly(without shutting down machines and robots) and then into maintainance mode, we are looking for some kind of source control to control the implementation and make sure to revert back (without shutting down machines and robots) if there are major issues.(There are certain things here which cannot be tested outside of a shop floor due to the physical and other constraints.)
I have thought of otherways like a compile flag (in the DB.. Ex: a packaged variable) to set before compiling and reset after compiling. The programs on the shopfloor will always read this flag and check buffer(time taken to do this will have to be considered) before calling a DB txns and if the flag is set, buffer the txns and and move on to the next task the machine should do. The next time it call a txn. if the flag is reset, it checks the buffer and if buffer exists, execute the buffer txns first.. and then proceed to actual txn. The things that bothers me is time taken to compile the huge package and the no. of txns getting buffered and the overall txn time.
I am trying to come up with some kind of solution for this issue if possible.....
Thanks,
Purush -
Help! PL/SQL Programming standards
Hello,
I need help from experienced developers urgently.
I am in process of applying for new job and I have received two documents from my potential employer (software company).
One document represents design and programming standards and other documents represents test PL/SQL package that is written according to those rules.
My task is to analyze programming standards and send my opinion about correctness of those standards, whether they are according to current best practices or not, whether they represent current industrial standards in programming in general and specifically in PL/SQL programming and so on. I have already sent them my answer and I wish to estimate my chances of getting that job.
Abstract from standard:
1. All variables and objects should be named according to their type (integer, varchar, character...etc) (sufix Hungarian notation)
2. All variables in PL/SQL should be prefixed with “v_” and written in camel case
3. SQL and PL/SQL built in functions should all be written in lower case.
4. All procedures should be prefixed with “pr_”
5. All functions should be prefixed with “fn_”
6. All packages should be sufixed with “_pkg”
7. View names should be prefixed with “v_”
8. All tables in Oracle schema should be prefixed with that schema name
9. Variables declared in package specification should be prefixed with “pksv_“
10. Variables declared in package body should be prefixed with “pkbv_“
11. Embeded SQL query in FOR LOOP statements should never be used because programm code is „dirty“ and unreadable.
example:
instead of : FOR v_User_Rec in (select * from all_users) LOOP...
use: FOR v_User_Rec in cursor_name LOOP...
12. Every query that retrieves more than 1000 rows should be optimized.
13. Font for writing code in PL/SQL Developer editor should be Arial and tabs should be used.
I would appreciate replies from experienced PL/SQL developers especially those that have also experience in other programming languages.
I have sent my answer to employer that programming standard is according to best practices and according to industry standard.
I am worried a little about that Hungarian notation, is it still being used?
If not when it was stopped being used?
What are my chances of getting job?
Would you hire a programmer that works according to those standards?
Thanks.Hi,
Welcome to the forum!
924589 wrote:
Hello,
I need help from experienced developers urgently.
I am in process of applying for new job and I have received two documents from my potential employer (software company).
One document represents design and programming standards and other documents represents test PL/SQL package that is written according to those rules.
My task is to analyze programming standards and send my opinion about correctness of those standards, whether they are according to current best practices or not, whether they represent current industrial standards in programming in general and specifically in PL/SQL programming and so on. I have already sent them my answer and I wish to estimate my chances of getting that job.There is no agreement about what the "best practice" is. I'm sure you'll see that as soon as you have 2 replies. I'll tell you what I use and how strictly I do it, what I find useful, and what other experienced programmers seem to do, in my experience.
Abstract from standard:
1. All variables and objects should be named according to their type (integer, varchar, character...etc) (sufix Hungarian notation)I use suffixes that show, not only the data type, but how the variable is being used. Fo example, abbr means an abbreviation (something that reminds you of the full spelling), cd means a code (something that does not necessarily resemble its meaning), name is a complete name (not abbreviated or coded). These are all VARCHAR2 types. (Actually, cd may be a NUMBER.) I do this for maybe 25% of the variables I use in production code, when I think confusion with other variables, or doubts about the meaning, would be likely. For column names in tables, I might do it more than 50% of the time. Many people don't bother at all.
2. All variables in PL/SQL should be prefixed with “v_” and written in camel caseI don't know of any experieced programmers who always use v_. Maybe 1 out of 4 programmers use CamelCase. I use lower case myself in PL/SQL. In languages where names are case-sensitive, this is much more important. I use CamelCase all the time when I program in PostScript.
3. SQL and PL/SQL built in functions should all be written in lower case.I do almost exactly the opposite: I put keywords and built-in funtions in UPPER case, and I find it very helpful. A lot of experienced programmers do the same, though some use lower case, and a few don't follow any pattern.
4. All procedures should be prefixed with “pr_”
5. All functions should be prefixed with “fn_”I don't know anybody who does 4 or 5, or anything like them.
6. All packages should be sufixed with “_pkg”
7. View names should be prefixed with “v_”Some people do 6 and 7, or something similar.
8. All tables in Oracle schema should be prefixed with that schema nameI never seen this. If you want to clarify who owns a table, you can explictly give the owner name, e.g. scott.emp.
9. Variables declared in package specification should be prefixed with “pksv_“
10. Variables declared in package body should be prefixed with “pkbv_“I've never seen 9 or 10 done, but I can see why somebody might find it helpful.
11. Embeded SQL query in FOR LOOP statements should never be used because programm code is „dirty“ and unreadable.
example:
instead of : FOR v_User_Rec in (select * from all_users) LOOP...
use: FOR v_User_Rec in cursor_name LOOP...It's often unnecessary, and it can be more efficient to combine them. Sometimes it simply isn't possible.
If code gets difficult to read, it's often because it's not being modularized properly.
12. Every query that retrieves more than 1000 rows should be optimized.Every query (and other statement) should be optimized, regardless of how many rows it retrieves. How much time you spend optimizing any one query depends on several factors. How often the query is done, and the table sizes are more important than how many rows will be returned.
13. Font for writing code in PL/SQL Developer editor should be Arial and tabs should be used.I find a fixed-width font, such as Courier, is much more convenient.
Whitespace, including tabs, should definitely be used.
I would appreciate replies from experienced PL/SQL developers especially those that have also experience in other programming languages.
I have sent my answer to employer that programming standard is according to best practices and according to industry standard.
I am worried a little about that Hungarian notation, is it still being used?
If not when it was stopped being used?
What are my chances of getting job? Either I'm on the committee that's deciding, and therefore can't tell you, or I'm not, and therefore I don't know.
Would you hire a programmer that works according to those standards?Sure. I'd also hire programmers who preferred other standards, or didn't care about some of the items above. -
Calling a function via dblink in a PL/SQL program
I tried the following in my PL/SQL code:
his_schema.his_function(argument1, argument2)@hisplace
I got an error from the PL/SQL compiler for that one. I am trying to call a function that has been written in another database via a dblink (that has been created; I can use the link from my SQL prompt).
Of course, so far I have only done select on tables using dblink. This is the first time I am trying a function (and of course, from inside a PL/SQL program).
Any pointers would be appreciated.
Thanks,
SriniThe syntax is
rc := his_schema.his_function@hisplace(argument1, argument2);
Maybe you are looking for
-
I use hd simplepass identity protection which works great with firefox 3.6. I updated to firefox 4 and when I tried to use simplepass to log into my bookmarked account firefox gave an error message. I had to uninstall firefox 4 and reinstall 3.6 and
-
Dear gurus, Our clinet want to change nothing but price in released PO, as my knowledge, i can't do it. it's a bad requirement or SAP can do it? please give me a hand. Best wishes, David
-
Where do the photos in iPhoto store in my Mac
Hello: I have tons of pictures and I want to create a book in iPhoto but I dont want to load mi mac with all this photos. Where do the pictures save when I import them to iPhoto. I want to delete them after I finish using them. Thanks. Alex
-
HT4847 How i can download my backup data? And how to manage the data on i Cloud?
How i can download my backup data? And how to manage the data on i Cloud?
-
Hello, we need to post the depreciation with a tax code for the Investment Support, do you know can we indicate a tax code in account in depreciation process? Thank You very much