Re: SQL Server for Oracle DBAs

From: joel garry <>
Date: Tue, 3 Jun 2008 14:32:59 -0700 (PDT)
Message-ID: <>

On Jun 3, 1:00 pm, "Tony Rogerson" <> wrote:
> "This is such an important topic, and not as many people are aware of it as
> I thought. Before we start with an answer, let's define the term SQL
> injection. SQL injection occurs when an application program accepts
> arbitrary SQL from an untrusted source (think "end user"), blindly adds it
> to the application's SQL, and executes it. It "

The Tom referred to in "asktom" has stated he enjoys explaining the differences between Oracle and the other db engines. I suggest you (and any other person going between engines) buy his books and study them carefully.

> Like I said - SQL Injection and the link you posted is all about coder
> problems; sloppy coding leads to SQL injection attacks - common to all
> databases.
> Seriously, if you don't know what SQL Injection is - what the hell are you
> doing teaching?

I must say, I've seen lots of SQL-server and mysql and php error messages on web pages, some definitely not a good idea.


-- is bogus.
"How to Break Web Software"
word: bopho
Received on Tue Jun 03 2008 - 16:32:59 CDT

Original text of this message