How to Safely Parameterize Table Names
Protecting against SQL Injection Part 2
Watch this week's video on YouTube
Last week we talked about building dynamic SQL queries and how doing so might leave you open to SQL injection...
2017-09-05
7 reads
Bert Wagner
Warning! Are your queries vulnerable to SQL injection?
Watch this week's video on YouTube
Looking for a script to find possible SQL injection vulnerabilities on your server? Scroll to the bottom of this post.
OWASP names SQL injection as...
2017-08-29
11 reads
How to Search and Destroy Non-SARGable Queries on Your Server
Unexpected SQL Server Performance Killers #3
Watch this week's video on YouTube
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled...
2017-08-22
9 reads
How to Eliminate Ugly Nested REPLACE() Functions
Watch this week's video on YouTube
How many times have you had to transform some column value and ended up stacking several nested SQL REPLACE() functions like this?
-- Input: Red,...
2017-08-15
10 reads
SQLskills is Giving Away Free Training!
SQLskills is giving away free training for their performance tuning and optimization classes. My entry for the competition is below. If you decide to enter for yourself, entries are...
2017-08-11
1 reads
Why Parameter Sniffing Isn't Always A Bad Thing (But Usually Is)
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled from my collection of "things I didn't know I was...
2017-08-08
5 reads
Are your indexes being thwarted by mismatched datatypes?
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled from my collection of "things I didn't know I was...
2017-08-01
3 reads
One SSMS Trick That Will Make You a Faster Query Builder
Watch this week's video on YouTube
Here's the scenario: you copy and paste some code into a query you are building. A few minutes later you need that same snippet...
2017-07-25
6 reads
How to Use SQL Temporal Tables For Easy Point-In-Time Analysis
Watch this week's video on YouTube
Have you ever needed to look at what data in a table used to look like?
If you have, it probably took a knuckle-cracking filled...
2017-07-20
7 reads
Here's a Quick Way To Generate a Running Total in SQL Server
Watch this week's video on YouTube
Historically it's been difficult to accomplish certain tasks in SQL Server.
Probably the most annoying problem I had to do regularly before SQL Server 2012...
2017-07-18
24 reads
Blogs
A New Word: Foilsick
By Steve Jones
foilsick – adj. feeling ashamed after revealing a little too much of yourself to...
Accelerated Database Recovery for tempdb in SQL Server 2025
Accelerated database recovery was introduced in SQL Server 2019 and provides fast recovery, instantaneous...
Measuring What Matters: Operationalizing Data Trust for CDOs
By Chris Yates
Trust is the currency of the data economy. Without it, even the most advanced...
Forums
Create an HTML Report on the Status of SQL Server Agent Jobs
Comments posted to this topic are about the item Create an HTML Report on...
count the number of NULLs in a row
Hi everyone I have a SP that finds the average based on 3 tables. ...
Deleting data in large table
I have a large table with 17M+ rows for our package record audits. I've...