A Guide to SQL Security in Django
If you encounter Django in your environment, are you thinking about SQL Injection and security? If not, read this article and learn how to protect your data.
2024-11-01
1,023 reads
sql injection
Prevent SQL Injection
SQL Injection continues to be a problem and Steve has a few thoughts today on how to reduce your vulnerabilities.
2024-08-14
226 reads
Protecting Yourself from SQL Injection in SQL Server - Part 2
Aaron Bertrand has some advice on how to protect yourself from SQL Injection, looking at some specific common scenarios.
2015-06-09
4,756 reads
SQL Injection: How it Works and How to Thwart it
This is an extract from the book Tribal SQL. In this article, Kevin Feasel explains SQL injection attacks, how to defend against them, and how to keep your Chief Information Security Officer from appearing on the nightly news.
2014-05-13
6,136 reads
An Extra Defense For SQL Injection Attacks
TDSe-cure is a proxy service to SQL Server to block SQL injection attacks.
2009-01-07
3,016 reads
Blogs
The Book of Redgate: We Value Teams
By Steve Jones
This value is something that I still hear today: our best work is done...
Troubleshooting TempDB Log Full Errors When SSMS Won’t Connect
By gbargsley
Have you ever received the dreaded error from SQL Server that the TempDB log...
Accelerating AI with Confidence: Why Microsoft Purview is Key to Responsible Innovation
By Chris Yates
Artificial intelligence is no longer a distant concept. It is here, embedded in the...
Forums
Planning for tomorrow, today - database migrations
Comments posted to this topic are about the item Planning for tomorrow, today -...
Bottlenecks on SQL Server performance
We have a BI-application that connects to input tables on a SQL Server 2022...
Is there some good routines for updating SQL Server database objects with GitHub
At work we've been getting better at writing what's known as GitHub Actions (workflows,...
Question of the Day
The Tightly Linked View
I try to run this code on SQL Server 2022. All the objects exist in the database.
CREATE OR ALTER VIEW OrderShipping
AS
SELECT cl.CityNameID,
cl.CityName,
o.OrderID,
o.Customer,
o.OrderDate,
o.CustomerID,
o.cityId
FROM dbo.CityList AS cl
INNER JOIN dbo.[Order] AS o ON o.cityId = cl.CityNameID
GO
CREATE OR ALTER FUNCTION GetShipCityForOrder
(
@OrderID INT
)
RETURNS VARCHAR(50)
WITH SCHEMABINDING
AS
BEGIN
DECLARE @city VARCHAR(50);
SELECT @city = os.CityName
FROM dbo.OrderShipping AS os
WHERE os.OrderID = @OrderID;
RETURN @city;
END;
go
What is the result? See possible answers