Software:Oracle Application Express

From HandWiki
Short description: Web-based software development environment
Oracle APEX
Oracle logo.svg
Developer(s)Oracle Corporation
Stable release
23.2 / November 14, 2023 (2023-11-14)
Operating systemWindows, Linux, Oracle Solaris, HP-UX, IBM AIX[1]
LicenseOracle Technical Network License (proprietary[2])
Websiteapex.oracle.com

Oracle APEX (also known as APEX) is an enterprise low-code application development platform from Oracle Corporation. APEX is used for developing and deploying cloud, mobile and desktop applications. The platform is a web - based integrated development environment (IDE) with a range of features including wizards, drag-and-drop layout and property editors to simplify the process of building applications and pages.

Oracle APEX IDE

Background

APEX simplifies the process of creating cloud and mobile applications that serve as a frontend to a database server, among other things.[3]

APEX is currently a fully-supported no-cost feature of the Oracle Database and can be installed anywhere Oracle Database runs. APEX is also offered on Oracle's Cloud across various services including Autonomous Database Cloud Services and the stand-alone fully managed APEX Application Development service.[4]

Releases

Oracle APEX can be installed on any Oracle database from version 9.2 or higher and starting from Oracle 11g it is installed with the database by default. APEX 4.0 and higher can be installed on an Oracle 10.2.0.3 or higher database. APEX 5.0 and higher can be installed on all editions (SE1, SE and EE) of the Oracle database, 11.1.0.7 or higher with a valid Oracle Database Technical Support agreement; From APEX 18.1, the minimum database version is 11.2.0.4. It can also be used with Oracle Database 11g Express Edition (XE), but is supported through the Oracle Technology Network discussion forum, and not through Oracle Support Services.

Product Name Version Released Notes
HTML DB 1.5 2004 First release.[5]
HTML DB 1.6 2004 Added themes.[5]
HTML DB 2.0 2005 Added SQL Workshop.[5]
Application Express 2.1 January 2006 HTMLDB was renamed to APEX. Version 2.1 of APEX was bundled with the free Oracle Express Edition (XE) database.
Application Express 2.2 2006 Packaged Applications.[5]
Application Express 3.0 2007 This version featured several new features, including PDF Printing, Flash charting and Access Application Migration.[5]
Application Express 3.0.1 July 2007 This version could also be installed into an Oracle XE database.
Application Express 3.1 Spring 2008 This included a new major feature known as Interactive Reporting (enabled end-users to customize a report without programmer intervention, using techniques such as filtering, sorting, group-by, choosing displayed columns, etc. The user can even save multiple versions of their customized reports. The programmer can limit which features are enabled). Also added support for BLOB data type.[5]
Application Express 3.2 2009 Forms conversion.[5]
Application Express 4.0 June 2010 Some notable features are declarative Dynamic Actions (which allow reacting to changes on a page without the developer having to write custom Javascript) and Plugins (which allow developers to create custom components such as items, regions and processes, that can be re-used across pages and applications). Also added Websheets and RESTful Web.[5]
Application Express 4.1 August 2011 Notable new features included improved (customized) error handling, use of ROWID for updates a data upload feature for end-users and improved WebSheets (a hybrid of a spreadsheet and a Wiki, built using Apex itself).
Application Express 4.1.1 February 2012 Notable new features included new theme (cloudy) and various templates.
Application Express 4.2 October 2012 Notable new features such as application builder for mobile, mobile and responsive themes and HTML5 support.
Application Express 4.2.1 December 2012 Bug Fixes.
Application Express 4.2.2 April 2013 Bug Fixes, Improved PDF printing, new Survey Builder packaged application.
Application Express 4.2.3 September 2013 This is a cumulative patch set for Application Express 4.2.0, Application Express 4.2.1, and Application Express 4.2.2.
Application Express 4.2.4 December 2013 This is a cumulative patch set for Application Express 4.2.0, Application Express 4.2.1, Application Express 4.2.2 and Application Express 4.2.3.
Application Express 4.2.5 April 2014 This is a cumulative patch set for Application Express 4.2.0, Application Express 4.2.1, Application Express 4.2.2, Application Express 4.2.3 and Application Express 4.2.4.
Application Express 4.2.6 September 2014 This is a cumulative patch set for Application Express 4.2.0, Application Express 4.2.1, Application Express 4.2.2, Application Express 4.2.3, Application Express 4.2.4 and Application Express 4.2.5.
Application Express 5.0 April 2015 Notable features are focused on developer productivity and improving the User Interface of user applications. This version introduces Page Designer, a browser-based IDE which provides drag and drop layouting of page components, property editor, and much more, reducing the need to go from page to page to make changes. Version 5.0 also introduces Universal Theme, a responsive user interface for user applications which can easily and extensively be customized using Template Options and Theme Roller (which enables on-the-fly theming of an application).[1][6]
Application Express 5.0.1 July 2015 This is a cumulative patch set for Application Express 5.0.0.[7][8]
Application Express 5.0.2 October 2015 This is a cumulative patch set for Application Express 5.0.0 and Application Express 5.0.1.[1][9]
Application Express 5.0.3 December 2015 Application Express 5.0.3.[1][10]
Application Express 5.0.4 July 2016 This is a cumulative patch set for Application Express 5.0.0 and Application Express 5.0.3[11]
Application Express 5.1 December 2016 Notable features include a new "Interactive Grids" component which provides an editable grid, Oracle JET-based charting, updated Universal Theme with Live Template Options and RTL support, several UX enhancements, updates to Packaged Apps, and three new Productivity Apps: Quick SQL, REST Client Assistant, and Competitive Analysis.
Application Express 5.1.1 March 2017 This is a cumulative patch set for Application Express 5.1.0[12]
Application Express 5.1.2 June 2017 This is a cumulative patch set for Application Express 5.1.0 and Application Express 5.1.1[13]
Application Express 5.1.3 September 2017 This is a cumulative patch set for Application Express 5.1.0 - Application Express 5.1.2
Application Express 5.1.4 December 2017 This is a cumulative patch set for Application Express 5.1.0 - Application Express 5.1.3[14]
Application Express 18.1.0 May 2018 Oracle has released the latest version of APEX and keeping in line with their naming convention APEX has jumped from version 5.1.4 to 18.1- Application Express 5.1.4[15]
Application Express 18.2.0 September 2018 This release includes new features such as:
  • Updated Font APEX
  • JavaScript API Documentation
  • Side by Side Master Detail
  • New Dashboard Page
  • Declarative Static List of Values
  • Sample Dataset Enhancements
Application Express 19.1.0 March 2019 This release includes new features such as:
  • REST-enabled Forms
  • New Form component
  • Data Loading
  • Dark Theme
  • JET Chart enhancements
  • REST enabled database objects
  • JavaScript APIs
Application Express 19.2.0.00.18 November 2019 This release includes new features such as:
  • Faceted Search
  • New Team Development
  • Enhanced Popup LOV
  • Expanded Shared LOVs
  • REST Enabled Interactive Grid
  • Data Loading into Existing Tables
  • Upgraded Oracle JET
  • Dark Mode theme style in Universal Theme
Application Express 20.1.0.00.13 April 2020 This version includes the following features:

APEX + Redwood: The user interface of APEX and the App Builder has been refreshed to align with Redwood, Oracle's new user experience design system.

Faceted Search Enhancements: Allowing implement a cascading list of values, conditional facets, and compact count display

Friendly URLs: The URL syntax for APEX apps has been simplified to allow for friendlier URLs at runtime.

Improvements in Deployments and Exports: Automatic Backups, Export App as Zip and One-Click Remote App Deployment.

Native PDF Printing: You can now print PDF files directly from Interactive Grids.

Mega Menus: Render the navigation menu as a collapsible floating panel that displays all navigation items at once.

Application Express 20.2.0.00.20 October, 2020 This release includes the following features:
  • All New Cards Component
  • Automations
  • Faceted Search Enhancements
  • Report Printing Enhancements
  • REST Data Source Synchronization
  • REST Data Source Connector Plug-ins
  • New Web Credential types
  • Redwood Light Theme Style
  • Developer Experience
  • New and Improved Items
Application Express 21.1.0 May, 2021 This release of APEX introduces:
  • New Maps component
  • Application Data Loading
  • Support for Calendars and Maps with Faceted Search
  • Several major enhancements to REST Data Sources, Reporting, Security, Universal Theme and Theme Roller.

In addition, announces the APEX GitHub repository to find starter apps, sample apps, and plug-ins.

Application Express 21.2.0 November 2021 This release includes new features such as:
  • Smart Filters
  • Progressive Web Apps
  • Universal Theme & UI Updates
  • Faceted Search Enhancements
  • Updated Alert and Confirm Dialogs
  • Geocoding and Map Items

Patch version 4 (APEX product version will be updated to 21.2.4), was last updated on February 28, 2022.

APEX 22.1 May 2022 This release introduces new features such as:
  • Approvals component and Unified Task List
  • Simplified create page wizards
  • Readable application exports in JSON or YAML formats
  • Service worker customization for PWAs
  • Persistent authentication
  • Built-in data generator
APEX 22.2 November 2022 This release introduces new features such as:
  • Application search
  • Invoke API processes
  • Approvals enhancements for deadlines and expiration
  • PWA shortcuts, install screenshots, and web share
  • Geolocation and metatags support
  • New date picker
  • Refreshable dynamic content region
  • CLOB session state
APEX 23.1 May 2023 This release introduces new features such as:
  • Template Components
  • PWA Push Notifications
  • Modernized Object Browser
  • Control Background Execution
  • Execution Chains
  • Invoke API for REST Sources
  • Discover REST Sources with Swagger
  • Copy Pages from Create Page
  • Save and Run from Code Editor
APEX 23.2 November 2023 This release introduces new features such as:
  • Application Working Copies
  • Workflow
  • New Page Items: Combobox, Image Upload, QR Code Generator
  • Custom Map Backgrounds
  • Support for Fusion Apps Extensions
  • Store Static Resources in Object Storage
  • Ubiquitous Database Search for Oracle Database 23c

Background

Oracle APEX has gone through many name changes since its inception in 2000. Names include:

  • Flows[16]
  • Oracle Platform[17]
  • Project Marvel
  • HTML DB[18]
  • Application Express (APEX) aka Oracle APEX[19]

APEX was created by Mike Hichwa a developer at Oracle, after the development of his previous project, WebDB, started to diverge from his original vision. Although APEX shares some functionality with Web DB, it was developed from scratch, and there's no upgrade path from Web DB to APEX. When tasked with building an internal web calendar, Hichwa enlisted the help of Joel Kallman and started development on a project called Flows. Hichwa and Kallman co-developed the Web Calendar and Flows, adding features to Flows as they needed them to develop the calendar. Early builds of Flow had no front-end, so all changes to an application had to be made in SQL*Plus via inserts, updates and deletes.[20]

APEX is extensively used internally by Oracle to develop its support sites. The AskTom knowledge base, online store, Dev Gym, and livesql run on APEX.

Oracle APEX Advantages

  • Oracle programmers (and DBAs familiar with PL/SQL) can use their skill set to develop web applications
  • Easy to create mock-ups using pre-built themes
  • Easy to deploy (end user opens a URL to access an APEX application)
  • Scalable (can be deployed to laptops, stand-alone servers or Oracle RAC installations)
  • Server-side processing and validations
  • Basic support for group development
  • Free hosting of demo applications provided by Oracle
  • APEX applications can run on the free Oracle Express Edition (XE) database
  • Individual components of an application can be retrieved or identified using SQL, facilitating customized reports
  • Easily adheres to the SQA development/test/production model (while not exposing DB passwords)
  • Helps put the focus on the DB model supporting a solution (versus coding in Java, .NET or PHP - you only need JavaScript)
  • Easily supports a standardized theme across application sets (and the changing of that theme)
  • While the primary purpose is to interact with load Oracle data tables, it integrates with different datasources such as local database, remote Oracle database or any web service via the REST API
  • Semi-technical end users with SQL skills can build their own web pages and reports

Low Code Environment

While APEX has existed since 2004 in one form or another, it has recently been included in a new category of application development platforms called Low Code. These low-code environments can trace their origins to 4GL programming languages and rapid application development(RAD) tools.[21] Since APEX was originally marketed as a RAD tool, this progression is a logical one. APEX allows the easy building of web applications with no code. Where the requirements are more complex, APEX allows the extension of the Low Code objects through a declarative framework. This framework lets the developer define custom logic and business rules as well as create an enhanced user interface. The developer can do this through the inclusion of SQL, PL/SQL, HTML, JavaScript, or CSS as well as APEX plug-ins. So APEX permits developers to go from no code to low code to more code.[22][23]

Security

There is a common misconception that the abstracted nature of APEX applications results in a relatively secure user environment. However, APEX applications suffer from the same classes of application security flaws as other web applications based on more direct technologies such as PHP, ASP.net and Java.

The main classes of vulnerability that affect APEX applications are: SQL injection, Cross -site scripting (XSS), and Access Control.

APEX applications inherently use PL/SQL constructs as the base server-side language. As well as accessing data via PL/SQL blocks, an APEX application will use PL/SQL to implement authorization and to conditionally display web page elements. This means that generally APEX applications suffer from SQL injection when these PL/SQL blocks do not correctly validate and handle malicious user input. Oracle implemented a special variable type for APEX called Substitution Variables (with a syntax of &NAME) and these are not safe and lead to SQL Injection. Where the injection occurs within a PL/SQL block an attacker can inject an arbitrary number of queries or statements to execute. Escaping special characters and using bind variables is the right way to code to ensure no XSS and SQL injection.

Cross-Site Scripting vulnerabilities arise in APEX applications just like other web application languages. Oracle provides the htf.escape_sc() function to escape user data that is displayed within a rendered HTML response. The reports that APEX generates also provide protection against XSS through the Display As setting on report columns. Originally the default was for reports to be created without any escaping of the columns, although recent versions now set the column type to escape by default. Column definitions can be queried programmatically to check for columns that do not escape the value.

To control access to resources within an APEX application a developer can assign authorization schemes to resources (such as pages and items). These must be applied consistently in order to ensure that resources are appropriately protected. A typical example of inconsistent access-control being applied is where an authorization scheme is set for a Button item, but not the associated Process that is performed when the button is clicked. A malicious user can perform the process (through JavaScript) without requiring the actual Button to be accessible.

Since APEX 4.0, the Application Builder interface provides some limited assessment of the security posture through the Advisor utility.

Third-party libraries

Developers may improve and extend their APEX applications by using third-party libraries that APEX comes standard with. Among them are jQuery Mobile (HTML5 based user interface),[24] jQuery UI (user interface for the web),[25] AnyChart (JavaScript/HTML5 charts),[26] CKEditor (web text editor)[27] and others. Experts[28] say it is an advantage of applying the latest APEX patches that the external libraries that come with APEX carry an update, too. However, many of the libraries come out with newer versions more frequently than there are APEX patches.[29][30]

APEX and Oracle Database Express Edition (XE)

Oracle APEX can be run inside Oracle Database Express Edition (XE), a free entry-level database. Although the functionality of APEX isn't intentionally limited when running on XE, the limitations of the database engine may prevent some APEX features from functioning. Also, Oracle XE has limits for CPU, memory and disk usage.[31]

APEX and Oracle Autonomous Database

With Oracle APEX and Autonomous Database, the configuration, patching, monitoring, and upgrading of all Oracle APEX components is fully managed by Oracle. Developers can therefore focus on application development and deployment without any hassles of upkeep or manual maintenance. The feature functionality includes Oracle SQL Developer Web (database actions), Oracle REST Data Services (ORDS), Oracle XML DB features, Spatial and more.[32]

APEX Service

Oracle APEX Application Development, also known as APEX Service is a fully managed low-code application development and deployment platform in Oracle Cloud Infrastructure (OCI).[33] With this service, developers get APEX and an underlying Oracle Autonomous Database. This service also includes SQL Developer Web (Database Actions) for database actions and Oracle REST Data Services (ORDS).

See also

References

  1. 1.0 1.1 1.2 1.3 "Oracle Application Express - Downloads". Oracle. http://www.oracle.com/technetwork/developer-tools/apex/downloads/index.html. 
  2. "Oracle Application Express Documentation". Oracle Help Center. https://docs.oracle.com/cd/E59726_01/doc.50/e39143/toc.htm. 
  3. "Oracle Forms to Java Migration – Necessity & Solutions". https://kumaran.com/blogs/oracle-forms-to-java-migration-necessity-solutions/. 
  4. "Oracle Application Express (APEX): Overview". https://www.oracle.com/technetwork/developer-tools/apex/overview/apex-overview-otn-4491378.pdf. 
  5. 5.0 5.1 5.2 5.3 5.4 5.5 5.6 5.7 "APEX Overview". Oracle Corporation. http://www.oracle.com/technetwork/developer-tools/apex/overview/apex-overview-157752.ppt. 
  6. "Oracle APEX 5.0 released today". Dimitri Gielis Blog. April 15, 2015. http://dgielis.blogspot.ru/2015/04/oracle-apex-50-released-today.html. 
  7. "Oracle APEX 5.0.1 now available". Inside Oracle APEX by Patrick Wolf. July 16, 2015. http://www.inside-oracle-apex.com/oracle-apex-5-0-1-now-available/. 
  8. "Oracle Application Express Patch Set Notes". Oracle. http://www.oracle.com/technetwork/developer-tools/apex/application-express/apex-501-patch-set-notes-2606413.html. 
  9. "Apex 5.0.2 was released". Proactive Support - Oracle Development Tools. October 22, 2015. https://blogs.oracle.com/proactivesupportDevTools/entry/new_apex_version_released_5. 
  10. "Apex 5.0.3 was released". Proactive Support - Oracle Development Tools. December 15, 2015. https://blogs.oracle.com/proactivesupportDevTools/entry/new_apex_version_released_5. 
  11. "Oracle® Application Express Patch Set Notes". http://www.oracle.com/technetwork/developer-tools/apex/application-express/apex-patch-note-504-3094049.html. 
  12. "Oracle® Application Express 5.1.1 Patch Set Notes". http://www.oracle.com/technetwork/developer-tools/apex/application-express/apex-511-patch-set-notes-3661846.html. 
  13. "Oracle Application Express 5.1.2 Patch Set Notes". http://www.oracle.com/technetwork/developer-tools/apex/application-express/apex-512-patch-set-notes-3799708.html. 
  14. "Oracle Application Express 5.1.4 Patch Set Notes". http://www.oracle.com/technetwork/developer-tools/apex/application-express/apex-514-patch-set-notes-4124555.html. 
  15. "Upgrade Oracle Apex from 5.1.x to 18.1". 28 May 2018. https://easyoradba.com/2018/05/28/upgrade-oracle-apex-from-5-1-x-to-18-1. 
  16. "Welcome to Flows for APEX" (in en-US). https://mt-ag.github.io/apex-flowsforapex/. 
  17. "Implementing Oracle API Platform Cloud Service" (in en). https://www.packtpub.com/product/implementing-oracle-api-platform-cloud-service/9781788478656. 
  18. "1 What is Oracle HTML DB?". https://docs.oracle.com/cd/B14117_01/appdev.101/b10992/mvl_intro.htm. 
  19. "Apex Developer | Limestone Digital" (in en-US). 2021-09-03. https://limestonedigital.com/vacancies/apex-developer/. 
  20. "Michael Hichwa". Apress. https://www.apress.com/index.php/author/author/view/id/3487. "Michael Hichwa is the original developer and architect of Oracle Application Express (APEX), aka HTML DB. Michael created APEX as a 100% rewrite of an earlier browser-based application development tool he also created, called Oracle WebDB. He had invaluable technical assistance and guidance from Tom Kyte and the addition of Joel Kallman as a co-developer. Michael and Joel have led APEX developments efforts since 1999" 
  21. Baranouski, Artsiom (2023-02-21). "What is ERP Software Development Process: A Guide to Better Enterprise" (in en). https://aranouski.medium.com/what-is-erp-software-development-process-a-guide-to-better-enterprise-7d3fcc196e9b. 
  22. Kallman, Joel. "From Low Code to High Control". https://blogs.oracle.com/oraclemagazine/from-low-code-to-high-control. 
  23. "Low Code with Oracle Application Express". https://apex.oracle.com/lowcode/. 
  24. "Building a Mobile Web Application Using Oracle Application Express 5.0". Oracle. http://www.oracle.com/webfolder/technetwork/tutorials/obe/db/apex/r50/CreMobileApp_apex50EA/CreMobileApp_apex50EA.html. 
  25. "Application Express Application Builder User's Guide". Oracle. https://docs.oracle.com/database/121/HTMDB/app_comp001.htm#HTMDB29024. 
  26. "Oracle APEX: Using AnyChart products with Oracle Application Express (APEX)". AnyChart. http://www.anychart.com/products/oracleapex/. 
  27. "Oracle chooses FCKeditor for Application Express". CKEditor.com. http://ckeditor.com/blog/Oracle-chooses-FCKeditor-for-Application-Express. 
  28. "Terms and conditions" (in en-US). 2022-07-13. https://lottabet1.in/terms-and-conditions/. 
  29. "Goodies - APEX 4.2.2 included Libraries". Dimitri Gielis Blog. May 8, 2013. http://dgielis.blogspot.ru/2013/05/goodies-apex-422-included-libraries.html. 
  30. "APEX 5 first peek". Grassroots Oracle. March 17, 2014. http://www.grassroots-oracle.com/2014/03/apex-5-first-peek.html. 
  31. "Limitations of the Express Edition". Oracle Corporation. http://docs.oracle.com/cd/E17781_01/install.112/e18803/toc.htm#BEIIIEDG. 
  32. "Oracle APEX on Autonomous Database". https://apex.oracle.com/en/platform/autonomous/. 
  33. "Oracle APEX Application Development". https://www.oracle.com/application-development/apex/. 

Bibliography

External links