While there are certainly no shortage of attacks made on corporations every day, how long before countries make determined efforts to disrupt their enemies' economies with digital war? It's a scary thought, and given the poor security habits of so many developers, it's possible that many companies might find themselves struggling to conduct businesses while under attack. It might not be any different than if conventional weapons were being used near our facilities.
The state of coding by so many "developers" today is somewhat scary. It's not even old applications that are vulnerable to SQL Injection, but even new systems that have poor security practices being used that are vulnerable.
I think that secure coding practices like these should be implemented by anyone writing software. I think examples, frameworks, and presentations about coding shouldn't use simple passwords and bypass checks. Yes, it's a pain for those that teach, but it also means that shoddy coding practices aren't proliferated as people borrow your code and alter your examples.
Security is a problem, but I think a lot of the issues would be minimized if we, as an industry and professionals, learned to write more secure code as a matter of habit, not as an additional feature to be added later.
“With SQL Monitor, we can be proactive in our optimization process, instead of waiting until a customer reports a problem,” John Trumbul, Sr. Software Engineer. Optimize your servers with a free trial.
Easy release management
Deploy your .NET apps, services, and SQL Server databases in a single, repeatable process with Red Gate’s Deployment Manager. Get started now
Maybe the best way of helping the busy database professional to get started with practical PowerShell-based administration is to pull together all the essential community cmdlets into a toolkit for the POSH DBA, and explain how and why you'd use them. More »
This metric counts the number of principals who are members of the sysadmin fixed server role. SQL Server relies on role-based security to manage permissions. If multiple IT system administrators have permissions to set up new SQL Server logins, they might be inclined to do so as part of the sysadmin role. Adding a normal user to the sysadmin role could pose a security risk and is not recommended unless the principal is highly trusted. More »
SQL Server 2012 Integration Services Design Patterns is a book of recipes for SQL Server Integration Services (SSIS). Design patterns in the book show how to solve common problems encountered when developing data integration solutions. Because you do not have to build the code from scratch each time, using design patterns improves your efficiency as an SSIS developer. In SSIS Design Patterns, we take you through several of these snippets in detail, providing the technical details of the resolution. Get your copy from Amazon today.
Yesterday's Question of the Day
(by Rob Stebbens):
This is a really simple problem that caught out all of my staff, with them making an incorrect assumption regarding the use of MAX(). A currency table contains the following data.
What does this query return?
Select max(date), max(exchange_rate)
The correct answer is 2013-07-14,0.011999
It is important to remember that each MAX() function is evaluated individually
A common mistake is to assume that the MAX peforms filtering on the results set. Because there is no WHERE clause the max function will aggregate using the entire contents of the table and find the maximum date (2013-07-14) . The subsequent MAX on exchange_rate will perform and aggregation on the same data set returning, 0.011999.
The SQL Data File Information script displays all data files within a SQL Server database with the following relevant properties: FileName, FileLocation, FileSizeMB, SpaceUsedMB, AvailableSpaceMB, %FreeSpace, FileGrowthMB and FileGroupName.
Simply run script in SSMS after selecting the database you want the script to run against.
Getting Current Stock Report
- Hi All,
I have a table for maintaining stocks as follows,
InventoryId - bigint
TransactionDate - datetime
InwardId - int
ProductId - int
InventoryStatus - int (0 - Available, 1 - Sold)
ReferenceNo - nvarchar(50)
Full Outer Join
- The Input data looks like that :
Current Month Previous Month Previous Year
500 10 1
Insert performance in SSIS
- Hi all,
I was reading up on this article:
And I was wondering in the article it was about updating the tables...
This newsletter was sent to you because you signed up at SQLServerCentral.com.
Feel free to forward this to any colleagues that you think might be interested.
If you have received this email from a colleague, you can register to receive it here.