In this article I will discuss some new ideas that can result in either modifying SQL statements or injecting SQL code even if the code has escaped the delimiting characters. I will start with some best practices for constructing delimited identifiers and SQL literals, and then I'll show you new ways attackers can inject SQL code in order to help you protect your applications.
Check out SSIS, the SQL Server 2005 replacement for the older Data Transformation Services. You might find SSIS to be a great solution for automating SQL Server.
With Windows 2003 now clustered, you're ready to begin to clustering SQL Server 2005. In this presentation, you'll see how to cluster SQL Server 2005 and some best practices in how to configure the SQL Server cluster after the fact.
The suggested method illustrates a way how such tampering by an authorized user can be detected. While this method doesn't provide tamper-prevention measures, but as there is no such thing as ultimate security, detection of such tampers will help maintaining the integrity of information in a great way
In this video for beginners you'll begin to learn how to write queries that use more than one table using T-SQL. Kathi walks you through common tactics to efficiently pull out data from a normalized system.
The benefits of SQL Server 2005's new snapshot isolation feature are well known, but SQL Server developers also need to understand the downstream ramifications of snapshot isolation.
This document describes the problem and the workaround in SQL Server 2000, and the solution and recommendation in SQL Server 2005.
Binary objects like Word documents, MP3 files, or any other non-data file can be challenging to load into SQL Server. In this presentation, Brian shows you how to use SQL Server Integration Services (SSIS) to load BLOB resume files into SQL Server by using the Import Column transform.
While no disaster recovery plan provides ironclad protection, your company will be far less vulnerable to an extended business disruption from a disaster with a plan than without one.
SQL Server Management Studio just doesn't cut it for complicated configuration and monitoring implementations. Learn how to implement your own SQL Service Broker (SSB) control bus solution to serve the needs of complex SQL Server-based messaging solutions.
When mirroring was first released for Azure SQL Database, it used Change Data Capture...
By Steve Jones
One of the things I’ve tried hard to do in database development situations if...
By DataOnWheels
The T-SQL Tuesday topic this month comes James Serra. What career risks have you...
We have two "identical" instances of an ASP.NET web service (or so I have...
Comments posted to this topic are about the item OPENQUERY Flexibility
Comments posted to this topic are about the item A Full Shutdown
Which of these are valid OPENQUERY() uses?
See possible answers