$ cat q.sql
create or replace procedure p
is
begin
dbms_output.put('This is trade secret!');
end;
/
$ wrap iname=q.sql
PL/SQL Wrapper: Release 9.0.1.0.0- Production on Thu May 23 16:20:55
2002
Copyright (c) Oracle Corporation 1993, 2001. All Rights Reserved.
Processing q.sql to q.plb
$ grep "trade secret" q.plb
1This is trade secret!:
Is there a way to encode that text?
Yong Huang
a := 'a';
w := 'secret';
x := 'This ';
y := 'is ';
z := 'trade ';
dbms_output.put_line(x||y||a||'z||w);
Though I can't imagine why you would have DBMS_OUTPUT in any production
code.
Daniel Morgan
It is quite annoying, all variable names and types remain visible, many
assignments are easy to read, cursor declarations are visible, etc.
If you write a piece of PL/SQL whose contents are proprietary, it's
difficult to hide how they function without making it unintelligible e.g.
using meaningless variables, etc.
Andy
"Daniel Morgan" <dmo...@exesolutions.com> wrote in message
news:3CED654C...@exesolutions.com...
What I teach my students is to put text into procedures they are going to wrap
that is intended to mislead or obfuscate the real text. So, for example, you
might define 26 separate words (rather than the 5 I did above) and just choose
to not use 21 of them. With very little effort you can obscure anything as you
will clearly see if you run the SELECT statement below"
SELECT TRANSLATE ('zhks ks a sfcrfz', 'abcdefghijklmnopqrstuvwxyz',
'abcdfeghkjilmnopqrszuvwxyt ')
from dual;
Daniel Morgan
"Daniel Morgan" <dmo...@exesolutions.com> wrote in message
news:3CEE6216...@exesolutions.com...
> Andrew Hardy wrote:
>
> > But even that leaves all the text in clear view.
> >
> What I teach my students is to put text into procedures they are going to
wrap
> that is intended to mislead or obfuscate the real text. So, for example,
you
> might define 26 separate words (rather than the 5 I did above) and just
choose
> to not use 21 of them. With very little effort you can obscure anything as
you
> will clearly see if you run the SELECT statement below"
>
> SELECT TRANSLATE ('zhks ks a sfcrfz', 'abcdefghijklmnopqrstuvwxyz',
> 'abcdfeghkjilmnopqrszuvwxyt ')
> from dual;
True, it's just a pity that you need to think about how to hide code when
you should be thinking about writing it clearly!
Andy
>
> Daniel Morgan
>
Crude but effective for small pieces of text
x := chr(123) || chr(65) || ...
hth
connor
--
==============================
Connor McDonald
"Some days you're the pigeon, some days you're the statue..."
I can file a feature enhancement request on Metalink. It's only going
to take the wrap developer one or two more hours to achieve the goal.
Just a little obfuscation on their side is enough.
Yong
Connor McDonald <connor_...@yahoo.com> wrote in message news:<3CEEA8...@yahoo.com>...
As a side note ... what is DBMS_OUTPUT.PUT_LINE doing in wrapped code?
Daniel Morgan
That's just an example. In our real code, we have a lot of htp.p
calls. This is Oracle9i Application Server. htp.p or htp.print is used
to output HTML code. I used dbms_output.put_line as an example since
it does the same thing and people are less familiar with the htp
package.
Regards,
Yong Huang
Daniel Morgan <dmo...@exesolutions.com> wrote in message news:<3CF258EA...@exesolutions.com>...
Thanks.
I use the htp and htf packages too and understand what you were trying to communicate.
The reason I asked is that it is not uncommon to find put_line in production code and it makes me quake in
fear.
Daniel Morgan