How To Make Your Queries Perform Like They Used To
Photo by Chad Kirchoff on Unsplash
Prefer watching on YouTube?
In the ideal world, you fully test how your SQL Server will handle upgrading to...
2017-09-19
186 reads
Bert Wagner
How To Make Your Queries Perform Like They Used To
Photo by Chad Kirchoff on Unsplash
Watch this week's video on YouTube
In the ideal world, you fully test how your SQL Server will handle upgrading to the latest version. You're able to catch...
2017-09-19
14 reads
';SELECT *: How Unicode Homoglyphs Can Thwart Your Database Security
For the past couple weeks I've been writing about how to protect your database from a SQL injection attack. Today, we will keep the trend going by looking at how...
2017-09-12
56 reads
How to Safely Parameterize Table Names
Protecting against SQL Injection Part 2
Watch this week's video on YouTube
Last week we talked about building dynamic SQL queries and how doing so might leave you open to SQL injection...
2017-09-05
16 reads
Warning! Are your queries vulnerable to SQL injection?
Watch this week's video on YouTube
Looking for a script to find possible SQL injection vulnerabilities on your server? Scroll to the bottom of this post.
OWASP names SQL injection as...
2017-08-29
18 reads
How to Search and Destroy Non-SARGable Queries on Your Server
Unexpected SQL Server Performance Killers #3
Watch this week's video on YouTube
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled...
2017-08-22
19 reads
How to Eliminate Ugly Nested REPLACE() Functions
Watch this week's video on YouTube
How many times have you had to transform some column value and ended up stacking several nested SQL REPLACE() functions like this?
-- Input: Red,...
2017-08-15
13 reads
SQLskills is Giving Away Free Training!
SQLskills is giving away free training for their performance tuning and optimization classes. My entry for the competition is below. If you decide to enter for yourself, entries are...
2017-08-11
8 reads
Why Parameter Sniffing Isn't Always A Bad Thing (But Usually Is)
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled from my collection of "things I didn't know I was...
2017-08-08
11 reads
Are your indexes being thwarted by mismatched datatypes?
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled from my collection of "things I didn't know I was...
2017-08-01
10 reads
Blogs
Stop Using Pandas for Aggregations — Try DuckDB Instead
If you've ever loaded a 2 GB CSV into pandas just to run a...
Understanding Fabric Ontology
By James Serra
What problem is Fabric Ontology trying to solve? For years, most data conversations have...
QUOTENAME Basics: #SQLNewBlogger
By Steve Jones
Recently I ran across some code that used a lot of QUOTENAME() calls. A...
Forums
Stairway to Reliable Database Deployment Level 3 – Rehearsing Changesets Across Environments
Comments posted to this topic are about the item Stairway to Reliable Database Deployment...
QUOTENAME Quote Parameters
Comments posted to this topic are about the item QUOTENAME Quote Parameters
Limit the Blast Radius
Comments posted to this topic are about the item Limit the Blast Radius
Question of the Day
QUOTENAME Quote Parameters
When I use QUOTENAME(), I can optionally provide the character used to surround the string in the result. Can I use any character?
See possible answers