In this article I will discuss some new ideas that can result in either modifying SQL statements or injecting SQL code even if the code has escaped the delimiting characters. I will start with some best practices for constructing delimited identifiers and SQL literals, and then I'll show you new ways attackers can inject SQL code in order to help you protect your applications.
Check out SSIS, the SQL Server 2005 replacement for the older Data Transformation Services. You might find SSIS to be a great solution for automating SQL Server.
With Windows 2003 now clustered, you're ready to begin to clustering SQL Server 2005. In this presentation, you'll see how to cluster SQL Server 2005 and some best practices in how to configure the SQL Server cluster after the fact.
The suggested method illustrates a way how such tampering by an authorized user can be detected. While this method doesn't provide tamper-prevention measures, but as there is no such thing as ultimate security, detection of such tampers will help maintaining the integrity of information in a great way
In this video for beginners you'll begin to learn how to write queries that use more than one table using T-SQL. Kathi walks you through common tactics to efficiently pull out data from a normalized system.
The benefits of SQL Server 2005's new snapshot isolation feature are well known, but SQL Server developers also need to understand the downstream ramifications of snapshot isolation.
This document describes the problem and the workaround in SQL Server 2000, and the solution and recommendation in SQL Server 2005.
Binary objects like Word documents, MP3 files, or any other non-data file can be challenging to load into SQL Server. In this presentation, Brian shows you how to use SQL Server Integration Services (SSIS) to load BLOB resume files into SQL Server by using the Import Column transform.
While no disaster recovery plan provides ironclad protection, your company will be far less vulnerable to an extended business disruption from a disaster with a plan than without one.
SQL Server Management Studio just doesn't cut it for complicated configuration and monitoring implementations. Learn how to implement your own SQL Service Broker (SSB) control bus solution to serve the needs of complex SQL Server-based messaging solutions.
By Steve Jones
I’ve often done some analysis of my year in different ways. Last year I...
By Steve Jones
This was Redgate in 2010, spread across the globe. First the EU/US Here’s Asia...
By John
Today is Christmas and while I do not expect anybody to actual be reading...
Comments posted to this topic are about the item Finding Motivation
Comments posted to this topic are about the item The Last Binary Value of...
Comments posted to this topic are about the item SQL Art, Part 2: New...
What does this code return?
SELECT cast(0x2025 AS NVARCHAR(20))Image 1:
Image 2: 
Image 3: 
Image 4: 
See possible answers