[Previous entry: "Information Week on the mod_plsql 0-day bug"] [Next entry: "exploit code released for the DB18 AUTH_ALTER_SESSION bug - how to make any user a DBA"]
How to connect to the database using Perl - with two way communication
January 31st, 2006 by Pete
Post to del.icio.us
Post to Furl
I was playing with Perl and Oracle a couple of weeks ago and was pulling my hair out trying to build dynamic SQL (I know, I know.... SQL Injection is an issue) through SQL*Plus with Perl. i wanted to create dynamic strings, pass them to a standard Perl function thatw ould accept the SQL, add in SQL*plus commands like, "set pages 0" and then run the SQL and collect the results into a hash for dealing with. I played for ever and could not get it working and as is usual with these things the answer to the problem came to me in the middle of the night. I was using a here document and passing it a back tick command - i.e. the shell was executing it. I realised that its DOS!!! or rather the modern (if you can call it modern) equivelant. DOS has no idea about "here documents". I gave up trying to get DOS to work as its not in the same league as Linux when it comes to simple scripts like this, so i did it on Linux instead.
Out of interest I did a quick search on google and found an excellent page on Yong Huang's site titled "Oracle and Perl". This is a superb page that explains the ins and outs of piping to and from SQL*plus using two way communication. It also gives a simple Perl DBI example and also a simple one way pipe first. The two way communication example is exactly what I needed for DOS. I didn't try it as I had done what I needed on Linux anyway but this is a great page and well worth a visit. As usual Yong provides great information.
