验证 Oracle 非 SELECT 查询

发布于 2024-11-01 03:07:59 字数 524 浏览 4 评论 0原文

有没有什么方法可以检查 Oracle 的 SQL 查询是否会成功运行(成功是指查询在语法上是正确的,所有表/列名称都存在,用户具有适当的权限等),而无需实际运行它?该查询可能不是 SELECT,但如果它会修改任何数据,我不希望实际发生更改。

我想到了这样的事情:

$valid = false;
$stmt = oci_parse($db, $query);
if(!empty($stmt)) {
  $res = oci_execute($stmt, OCI_DESCRIBE_ONLY|OCI_NO_AUTO_COMMIT);
  if(!empty($res)) {
     $name = oci_field_name($res, 1);
     if(!empty($name)) {
       $valid = true;
     }
  }
  oci_rollback($db);
}

但是如果 $query 中有一些 DDL,我知道 Oracle 会立即提交它。那么有没有什么方法可以在不进行任何修改的情况下检查查询呢?

Is there any way to check if an SQL query for Oracle would run successfully (by successfully I mean that the query is syntactically correct, all the table/column names exist, the user has proper permissions, etc.) without actually running it? The query may be not SELECT, but I do not want the changes to actually happen if it would modify any data.

I thought about something like:

$valid = false;
$stmt = oci_parse($db, $query);
if(!empty($stmt)) {
  $res = oci_execute($stmt, OCI_DESCRIBE_ONLY|OCI_NO_AUTO_COMMIT);
  if(!empty($res)) {
     $name = oci_field_name($res, 1);
     if(!empty($name)) {
       $valid = true;
     }
  }
  oci_rollback($db);
}

But if $query has some DDL in it, I understand that Oracle would commit it immediately. So is there any way to check the query without any modifications happening?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

染年凉城似染瑾 2024-11-08 03:07:59

您可以在包中创建查询。如果创建包时没有错误,则查询一定是正确的。

基于角色的权限可能会导致任何语法检查出现问题。在 runtil 之前不会检查基于角色的权限,因此查询可能在设计时正确(因为开发人员已被授予对表的直接权限),但在运行时会失败(因为用户已被授予相同的权限)一个角色)。

You could create the query in a Package. If the package is created without error then the query must be correct.

Role based rights that can cause issues with any syntax check. Role based rights are not checked until runtil, so it is possible for a query to be correct at design time (because the developer has been granted direct rights to the tables) but fail at runtime (because the user has been granted the same rights in a role).

留蓝 2024-11-08 03:07:59

第 1 步:

在 PHP 代码上,创建一个包含文本的字符串:

Dim myValidationString as string 

myValidationString = " create or replace procedure PROC_TEST_QUERY is " &
                     "       begin                                    " &
                     "         for i in (                             " &
                     "                   {MY_QUERY}                   " &
                     "                  ) loop                        " &
                     "             null;                              " &
                     "         end loop;                              " &
                     "       end;                                     "

第 2 步:

创建一个包含要验证的 SQL 查询的变量:

Dim mySQLstring as string 

mySQLstring =  " SELECT *                               " &
               "   from all_objects                     " &
               "  where owner <> 'SYS'                  " &
               "    and created > sysdate -30           " &
               " UNION ALL                              " &
               " Select *                               " &
               "   from all_objects                     " &
               "  where owner = 'SYS'                   " &
               "    and object_name like 'T%'           " &
               "    and object_type in ('TABLE','VIEW') " 

第 3 步:< /strong>

将字符串内容“{MY_QUERY}”替换为您要验证的SQL语句的内容:

Dim myValidationStringToExecute as string

myValidationStringToExecute = replace(myValidationString, "{MY_QUERY}" , mySQLstring)

STEP 4:

执行验证查询:

DB.EXECUTE(myValidationStringToExecute)

STEP 5:

验证如果最后一次调用 (DB.EXECUTE.....) 引发错误。
如果是,则查询无效
如果否,则查询有效

STEP 1:

on your PHP code, create a string containing the text:

Dim myValidationString as string 

myValidationString = " create or replace procedure PROC_TEST_QUERY is " &
                     "       begin                                    " &
                     "         for i in (                             " &
                     "                   {MY_QUERY}                   " &
                     "                  ) loop                        " &
                     "             null;                              " &
                     "         end loop;                              " &
                     "       end;                                     "

STEP 2:

create a variable containing the SQLquery you want to validate:

Dim mySQLstring as string 

mySQLstring =  " SELECT *                               " &
               "   from all_objects                     " &
               "  where owner <> 'SYS'                  " &
               "    and created > sysdate -30           " &
               " UNION ALL                              " &
               " Select *                               " &
               "   from all_objects                     " &
               "  where owner = 'SYS'                   " &
               "    and object_name like 'T%'           " &
               "    and object_type in ('TABLE','VIEW') " 

STEP 3:

replace the string content "{MY_QUERY}" with the content of the SQL statement you want to validate:

Dim myValidationStringToExecute as string

myValidationStringToExecute = replace(myValidationString, "{MY_QUERY}" , mySQLstring)

STEP 4:

execute the validation query:

DB.EXECUTE(myValidationStringToExecute)

STEP 5:

verify if the last call (DB.EXECUTE.....) raise an error.
if yes, the query is invalid
if no , the query is valid

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文