How to Safely Parameterize Table Names
Protecting against SQL Injection Part 2
Watch this week's video on YouTube
Last week we talked about building dynamic SQL queries and how doing so might leave you open to SQL injection...
2017-09-05
9 reads
Bert Wagner
Warning! Are your queries vulnerable to SQL injection?
Watch this week's video on YouTube
Looking for a script to find possible SQL injection vulnerabilities on your server? Scroll to the bottom of this post.
OWASP names SQL injection as...
2017-08-29
14 reads
How to Search and Destroy Non-SARGable Queries on Your Server
Unexpected SQL Server Performance Killers #3
Watch this week's video on YouTube
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled...
2017-08-22
12 reads
How to Eliminate Ugly Nested REPLACE() Functions
Watch this week's video on YouTube
How many times have you had to transform some column value and ended up stacking several nested SQL REPLACE() functions like this?
-- Input: Red,...
2017-08-15
13 reads
SQLskills is Giving Away Free Training!
SQLskills is giving away free training for their performance tuning and optimization classes. My entry for the competition is below. If you decide to enter for yourself, entries are...
2017-08-11
2 reads
Why Parameter Sniffing Isn't Always A Bad Thing (But Usually Is)
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled from my collection of "things I didn't know I was...
2017-08-08
6 reads
Are your indexes being thwarted by mismatched datatypes?
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled from my collection of "things I didn't know I was...
2017-08-01
6 reads
One SSMS Trick That Will Make You a Faster Query Builder
Watch this week's video on YouTube
Here's the scenario: you copy and paste some code into a query you are building. A few minutes later you need that same snippet...
2017-07-25
7 reads
How to Use SQL Temporal Tables For Easy Point-In-Time Analysis
Watch this week's video on YouTube
Have you ever needed to look at what data in a table used to look like?
If you have, it probably took a knuckle-cracking filled...
2017-07-20
8 reads
Here's a Quick Way To Generate a Running Total in SQL Server
Watch this week's video on YouTube
Historically it's been difficult to accomplish certain tasks in SQL Server.
Probably the most annoying problem I had to do regularly before SQL Server 2012...
2017-07-18
25 reads
Blogs
Advice I Like: Art
By Steve Jones
Superheroes and saints never make art. Only imperfect beings can make art because art...
Why Optimize CPU for RDS SQL Server is a game changer
One feature that I have been waiting for years! The new announcement around optimize...
Performance tuning KubeVirt for SQL Server
Following on from my last post about Getting Started With KubeVirt & SQL Server,...
Forums
i noticed the sqlhealth extende event is on by default , so can i reduce
hi, i noticed the sqlhealth extended event is on by default , and it...
New-AzSqlInstanceServerTrustCertificate - Failed and no clues
Using New-AzSqlInstanceServerTrustCertificate to import a certificate and get the message New-AzSqlInstanceServerTrustCertificate: Long running operation...
Refactoring SQL Code
Comments posted to this topic are about the item Refactoring SQL Code, which is...
Question of the Day
The Read Committed Snapshot Isolation behaviour
I am currently working with Sql Server 2022 and AdventureWorks database. First of all, let's set the "Read Committed Snapshot" to ON:
use master; go alter database AdventureWorks set read_committed_snapshot on with no_wait; goThen, from Session 1, I execute the following code:
--Session 1 use AdventureWorks; go create table ##t1 (id int, f1 varchar(10)); go insert into ##t1 values (1, 'A');From another session, called Session 2, I open a transaction and execute the following update:
--Session 2 use AdventureWorks; go begin tran; update ##t1 set f1 = 'B' where id = 1;Now, going back to Session 1, what happens if I execute this statement?
--Session 1 select f1 from ##t1 where id = 1;See possible answers