APEX 5 New Package Features

To get a proper list of the new packages and API's APEX 5 provides us, we have to wait for the documentation of course. But if you're impatient and want to now more, you can get a list of all package procedures and functions by running this SQL on the APEX 5 Early Adopter instance:

select distinct s.synonym_name, p.procedure_name
from all_procedures p join all_synonyms s on p.object_name = s.table_name
where p. (more...)

APEX 5 New Authorization Evaluation Point Features

In APEX 4 you can define Authorization Schemes. This is a very useful feature to prevent code repetition all over the place. For instance and Authorization Scheme "Is Admin" might use a select on one or more tables (or web service calls or whatever is necessary) to determine whether a user, the :APP_USER, has an Admin role or not. And you can use any value in session state, like :APP_ID or :APP_PAGE_ID in your query (more...)

APEX 5 New Substitution Syntax Features

You've probably all heard about XSS, a.k.a. Cross Site Scripting. One of the ways you make yourself vulnerable to XSS is by creating JavaScript in your APEX applications that accepts unescaped user input - either direct or data retrieved from the database.
As a - very stupid and simple - example, create a Page with a Text Item (say P3_TEXT).  Next create a Dynamic Action that executes this snippet of Javascript on Page (more...)

APEX 5 New Runtime API Lockdown Features

In APEX 4.x the developer could implement a feature that involves a call to the APEX API. E.g. you could create new pages on the fly if you would like to (just examine an export file for the how-to). You could drop an application using a procedure from the APEX_INSTANCE_ADMIN package. You could drop a user using APEX_UTIL.REMOVE_USER. If this is all on purpose and secured than that's fine. But maybe you (more...)

APEX 5 New Password Reset Features

Now and then it happens when we're logging in into our APEX instance: We have to change our password again .... And that means, typing it in an awful number of times:
1. Current Password
2. New Password (and of course preferably the same as the current one ...)
3. Confirm New Password
4. Press Apply Changes
5. Press Retun
6. And we're back at Square One : The login screen - and here we type (more...)