Focuses on advanced techniques that can be used in an attack on an application utilizing Microsoft SQL Server as a backend. These techniques demonstrate how an attacker could use a SQL Injection vulnerability to retrieve the database content from behind a firewall and penetrate the internal network. Also provided are recommendations on how to prevent such attacks.
2005-01-05
2,626 reads
This function will take a 64 bitmask string and return the value of bitmask. If you need 128, 256, etc simply change the length of the parameter, being careful to remember you may need to change the return type of int to BigInt if you get too long.
2005-01-04 (first published: 2004-12-30)
241 reads
Detailed question/answer paper on deploying SQL Server in a Storage Area Network (SAN) Environment.
2005-01-04
2,513 reads
A common requirement when building a data warehouse is to be able to get all rows from a staging table where the business key is not in the dimension table. For example, I may want to get all rows from my STG_DATE table where the DateID is not in DIM_DATE.DateID.
2004-12-29
2,168 reads
This function will calculate the number of weekdays between two dates passed. This allows for accurate tracking of "business days" for metrics in many different views.
2004-12-28 (first published: 2004-12-16)
265 reads
We take a look at each of the major components of a SQL Server's hardware, and examine what can be done to help maximize the performance of your hardware.
2004-12-27
2,856 reads
In the Database administration world, it is often necessary to run a query on the production box and then run the same query on the QA or UAT box and compare the results. In this article, I would like to introduce a method that takes advantage of an MS-DOS batch file and SQL Server utility, BCP.exe, to compare the query results executed on two different servers.
2004-12-24
1,828 reads
There is nothing spectacular about using indexes per say. However, on many occasions I have come across a variety of SQL coders that never consider validating that the index they think they are using is efficient or even being used at all. We can all put indexes on the columns that we think will be required to satisfy individual queries, but how do we know if they will ever be used. You see, if the underlying table data is constructed, contains, or is ordered in a particular way, our indexes may never be used. One of the factors around the use of an index is its clustering factor and this is what this article is about.
2004-12-23
3,412 reads
This article is a member of the series Introduction to MSSQL Server 2000 Analysis Services. The series is designed to provide hands-on application of the fundamentals of MS SQL Server 2000 Analysis Services, with each installment progressively adding features and techniques designed to meet specific real - world needs.
2004-12-22
2,027 reads
2004-12-21
2,462 reads
By Steve Jones
If someone is trying to convince you it’s not a pyramid scheme, it’s a...
By Steve Jones
I was looking back at my year and decided to see if SQL Prompt...
In the era of cloud-native applications, Kubernetes has become the default standard platform for...
Hi experts, I have a 3+ TB database on a 2019 sql server which...
Comments posted to this topic are about the item The North Star for the...
Comments posted to this topic are about the item Multiple Escape Characters
In SQL Server 2025, I run this code (in a database with the appropriate collation):
SELECT UNISTR('%*3041%*308A%*304C%*3068 and good night', '%*') AS 'A Classic';
What is returned? See possible answers