Hi everyone, currently I'm using PowerBuilder 2017 connected to Oracle 19C. During some audit test of my app I received some notifications about my tool.
When I have SQL scripts embedded in my code, if I run the tool and test the memory, those scripts appear in the memory and that will be a risk because the query appear in plain text. I tried to move those scripts and use a datastore components instead of my query. But unfortunately the script remains in memory.
Something like this:
My old script in the code
SELECT sys_context('userenv','client_identifier') INTO :client_id FROM dual;
lds_data = Create n_ds
lds_data.DataObject = 'd_sys_context' //Datastore with the SQL sentence
ll_Row = lds_data.retrieve()
client_id = lds_data.getitemstring(ll_Row,"data")
if isvalid(lds_data) then destroy(lds_data)
Can you please help me to solve my issue. How can I avoid this issue. Should I change my code to connect securely, because I use a simple code to connect to the database? I'm using machine code compilation 32 bits.
sqlca.logid = "My user"
sqlca.logpass = "My pwd"
connect using sqlca;