In this article I will discuss some new ideas that can result in either modifying SQL statements or injecting SQL code even if the code has escaped the delimiting characters. I will start with some best practices for constructing delimited identifiers and SQL literals, and then I'll show you new ways attackers can inject SQL code in order to help you protect your applications.
Check out SSIS, the SQL Server 2005 replacement for the older Data Transformation Services. You might find SSIS to be a great solution for automating SQL Server.
With Windows 2003 now clustered, you're ready to begin to clustering SQL Server 2005. In this presentation, you'll see how to cluster SQL Server 2005 and some best practices in how to configure the SQL Server cluster after the fact.
The suggested method illustrates a way how such tampering by an authorized user can be detected. While this method doesn't provide tamper-prevention measures, but as there is no such thing as ultimate security, detection of such tampers will help maintaining the integrity of information in a great way
In this video for beginners you'll begin to learn how to write queries that use more than one table using T-SQL. Kathi walks you through common tactics to efficiently pull out data from a normalized system.
The benefits of SQL Server 2005's new snapshot isolation feature are well known, but SQL Server developers also need to understand the downstream ramifications of snapshot isolation.
This document describes the problem and the workaround in SQL Server 2000, and the solution and recommendation in SQL Server 2005.
Binary objects like Word documents, MP3 files, or any other non-data file can be challenging to load into SQL Server. In this presentation, Brian shows you how to use SQL Server Integration Services (SSIS) to load BLOB resume files into SQL Server by using the Import Column transform.
While no disaster recovery plan provides ironclad protection, your company will be far less vulnerable to an extended business disruption from a disaster with a plan than without one.
SQL Server Management Studio just doesn't cut it for complicated configuration and monitoring implementations. Learn how to implement your own SQL Service Broker (SSB) control bus solution to serve the needs of complex SQL Server-based messaging solutions.
By DataOnWheels
Thanks to everyone who joined the blog party this month. I noticed three themes...
By Vinay Thakur
This week has training on AI – Cyber security experts – Omar Santos and...
Following on from my previous post on building The Burrito Bot, I want to...
Comments posted to this topic are about the item What's new in R 4.6
Comments posted to this topic are about the item Interesting Changes in R, which...
Comments posted to this topic are about the item PostgreSQL String Functions Part 1
When thinking about the identity property and sequence objects, which of these can generate values before an insert statement is executed?
See possible answers