Defensive Database Programming with SQL Server

Home SQL .NET SysAdmin Opinion Blogs Forums About

The goal of defensive programming is to produce resilient code that responds gracefully to the unexpected. To the SQL Server programmer, this means T-SQL code that behaves consistently and predictably in cases of unexpected usage, doesn't break under concurrent loads, and survives predictable changes to database schemas and settings. Inside my book, you will find dozens of practical, defensive programming techniques that will improve the quality of your T-SQL code and increase its resilience and robustness -- Alex Kuznetsov

Defensive Database Programming with SQL Server -- Coming Soon!

By Alex Kuznetsov; Publish Date: March 2010

(Free 8-chapter, 200-page eBook!)

If you would like to receive an email notification when this book is released, please complete this form.

Simple-talk will not share this email address with anyone and, unless you subsequently register for the Simple-Talk newsletter (which we hope you will!), you will receive only two emails as a result; one when the eBook is released and a second when the hard copy book is released on Amazon.

Table of Contents

Chapter 01: Basic Defensive Database Programming Techniques
Chapter 02: Code Vulnerabilities due to SQL Server Misconceptions
Chapter 03: Surviving Changes to Database Objects
Chapter 04: When Upgrading Breaks Code
Chapter 05: Reusing T-SQL Code
Chapter 06: Common Problems with Data Integrity
Chapter 07: Advanced Use of Constraints
Chapter 08: Defensive Error Handling
Chapter 09: Surviving Concurrent Queries (Paperback edition only)
Chapter 10: Surviving Concurrent Modifications (Paperback ediiton only)

Why read this book?

Too often as developers, we stop work as soon as our code passes a few basic tests to confirm that it produces the 'right result' in a given use case. We do not stop to consider the other possible ways in which the code might be used in the future, or how our code will respond to common changes to the database environment, such as a change in the database language setting, or a change to the nullability of a table column, and so on.

In the short-term, this approach is attractive; we get things done faster. However, if our code is designed to be used for more than just a few months, then it is very likely that such changes can and will occur, and the inevitable result is broken code or, even worse, code that silently starts to behave differently, or produce different results. When this happens, the integrity of our data is threatened, as is the validity of the reports on which critical business decisions are often based. At this point, months or years later, and long after the original developer has left, begins the painstaking process of troubleshooting and fixing the problem.

Would it not be easier to prevent all this troubleshooting from happening? Would it not be better to spend a little more time and effort during original development, to save considerably more time on troubleshooting, bug fixing, retesting, and redeploying? This is what defensive programming is all about: we learn what can go wrong with our code, and we proactively apply this knowledge during development. This book is filled with practical, realistic examples of the sorts of problems that beset database programs, including:

-- Changes in database objects, such as tables, constraints, columns, and stored procedures
-- Changes to concurrency and isolation levels
-- Upgrades to new versions of SQL Server
-- Changes in requirements
-- Code reuse
-- Problems causing loss of data integrity
-- Problems with error handling in T-SQL

In each case, it demonstrates approaches that will help you understand and enforce (or eliminate) the assumptions on which your solution is based, and to improve its robustness. Ultimately, the book teaches you how to think and develop defensively, and how to proactively identify and eliminate potential vulnerabilities in T-SQL code.