5.4 DBMS_ASSERT Usage Guidelines
Choosing the correct DBMS_ASSERT verification routines to use is important, and using them correctly is just as important. Here are some usage guidelines:
Guideline |
||
| 1 | Do not perform unnecessary uppercase conversions on identifiers. | Example |
| 2 | When using ENQUOTE_LITERAL, escape single quotation marks in the input. | Example |
| 3 | Check and reject NULL or empty return results from DBMS_ASSERT (test for NULL, '', and '""' ). | |
| 4 | Protect all the injectable parameters and code paths. | Example |
| 5 | Prefix all the calls to DBMS_ASSERT with the owning schema, SYS. | |
| 6 | If DBMS_ASSERT exceptions may be raised from a number of input strings, define and raise exceptions explicitly to ease debugging during application development. | Example |