How to Safely Parameterize Table Names
Protecting against SQL Injection Part 2
Watch this week's video on YouTube
Last week we talked about building dynamic SQL queries and how doing so might leave you open to SQL injection...
2017-09-05
7 reads
Bert Wagner
Warning! Are your queries vulnerable to SQL injection?
Watch this week's video on YouTube
Looking for a script to find possible SQL injection vulnerabilities on your server? Scroll to the bottom of this post.
OWASP names SQL injection as...
2017-08-29
11 reads
How to Search and Destroy Non-SARGable Queries on Your Server
Unexpected SQL Server Performance Killers #3
Watch this week's video on YouTube
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled...
2017-08-22
9 reads
How to Eliminate Ugly Nested REPLACE() Functions
Watch this week's video on YouTube
How many times have you had to transform some column value and ended up stacking several nested SQL REPLACE() functions like this?
-- Input: Red,...
2017-08-15
10 reads
SQLskills is Giving Away Free Training!
SQLskills is giving away free training for their performance tuning and optimization classes. My entry for the competition is below. If you decide to enter for yourself, entries are...
2017-08-11
1 reads
Why Parameter Sniffing Isn't Always A Bad Thing (But Usually Is)
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled from my collection of "things I didn't know I was...
2017-08-08
5 reads
Are your indexes being thwarted by mismatched datatypes?
In this series I explore scenarios that hurt SQL Server performance and show you how to avoid them. Pulled from my collection of "things I didn't know I was...
2017-08-01
3 reads
One SSMS Trick That Will Make You a Faster Query Builder
Watch this week's video on YouTube
Here's the scenario: you copy and paste some code into a query you are building. A few minutes later you need that same snippet...
2017-07-25
6 reads
How to Use SQL Temporal Tables For Easy Point-In-Time Analysis
Watch this week's video on YouTube
Have you ever needed to look at what data in a table used to look like?
If you have, it probably took a knuckle-cracking filled...
2017-07-20
7 reads
Here's a Quick Way To Generate a Running Total in SQL Server
Watch this week's video on YouTube
Historically it's been difficult to accomplish certain tasks in SQL Server.
Probably the most annoying problem I had to do regularly before SQL Server 2012...
2017-07-18
23 reads
Blogs
Fabric as a Data Mesh Enabler: Rethinking Enterprise Data Distribution
By Chris Yates
For decades, enterprises have approached data management with the same mindset as someone stuffing...
Truncate Table Pitfalls
Truncate Table Pitfalls Truncating a table can be gloriously fast—and spectacularly dangerous when used carelessly....
dataMinds Connect 2025 – Slides & Scripts
You can find all the session materials for the presentation “Indexing for Dummies” that...
Forums
Technological Dinosaurs or Social Dinosaurs?
Comments posted to this topic are about the item Technological Dinosaurs or Social Dinosaurs?
DBCC CHECKIDENT
Comments posted to this topic are about the item DBCC CHECKIDENT
Distributed Availability Group Health: T-SQL and Zabbix
Comments posted to this topic are about the item Distributed Availability Group Health: T-SQL...
Question of the Day
DBCC CHECKIDENT
What is returned as a result set when I run this command without a new seed value?
See possible answers