Focuses on advanced techniques that can be used in an attack on an application utilizing Microsoft SQL Server as a backend. These techniques demonstrate how an attacker could use a SQL Injection vulnerability to retrieve the database content from behind a firewall and penetrate the internal network. Also provided are recommendations on how to prevent such attacks.
SQL Server is the best RDBMS, at least according to the current thinking at SQLServerCentral.com, and is fully capable of meeting all of your database needs. However that does not mean you should ignore other platforms. A good DBA will be aware of and perhaps skilled in other platforms and tools, including competing database systems. There has been a lot of buzz about the open source MySQL RDBMS this past year and David Poole takes a look at this server, giving you some points of comparison with
Detailed question/answer paper on deploying SQL Server in a Storage Area Network (SAN) Environment.
One of the most valuable features of SQLServerCentral.com is the discussion forums, where many a DBA has found an answer to their question. Most times on the same day! While we do not moderate the forums, there are still some rules for posting that we hope everyone will take a moment to read.
SQL Server for the most part will maintain itself, updating statistics, choosing optimal query plans, and requiring minimal maintenance to keep running. However to optain optimum performance, a real DBA needs to spend some time checking and tuning indexes, rebuilding them as fillfactors change. This new article from Desiree Harris looks at how you can perform some of these tasks to keep your server performing at the optimum level.
SQL Server is the best RDBMS, at least according to the current thinking at SQLServerCentral.com, and is fully capable of meeting all of your database needs. However not all database systems run on SQL Server and it seems that we often see data from some other system being consolidated on SQL Server for additional processing or reporting. DTS usually handles the load, but there are times that you might want create a linked server to an Oracle system for updating individual rows. New author Adria
A common requirement when building a data warehouse is to be able to get all rows from a staging table where the business key is not in the dimension table. For example, I may want to get all rows from my STG_DATE table where the DateID is not in DIM_DATE.DateID.
Taking a break from SQL Server and DTS, author Haidong Ji shares a few tips and tricks to becoming more productive, whether as a DBA or developer. These hints and tips could help you separate yourself from the pack come review, raise, or interview time.
SQL Server string manipulation using T-SQL leaves lots to be desired. Many postings and complaints about T-SQL deal with strings, but there are ways to work with it. Author Eli Leiba brings us a way to split out portions of a string that contains tokens with a user defined function. Read on to see how this is accomplished and the code used to perform the splitting.
We take a look at each of the major components of a SQL Server's hardware, and examine what can be done to help maximize the performance of your hardware.
By Arun Sirpal
Not every production incident is a database in RECOVERY_PENDING or a corrupted event (like...
It is Friday, the queries are running, and nobody is watching the bill. That...
By Steve Jones
Annabel retired from Redgate Software this week. Across most of my career at Redgate,...
Comments posted to this topic are about the item Extreme DAX: Take your Power...
Comments posted to this topic are about the item What is the Cloud?
Comments posted to this topic are about the item Changing the Schema
I set up a few users on my SQL Server 2022 instance.
CREATE LOGIN User1 WITH PASSWORD = 'Demo12#1' CREATE USER User1 FOR LOGIN User1 GO CREATE LOGIN User2 WITH PASSWORD = 'Demo12#2' CREATE USER User2 FOR LOGIN User2 GO CREATE LOGIN User3 WITH PASSWORD = 'Demo12#3' CREATE USER User3 FOR LOGIN User3 GOI then created a schema that one of them owned. Under this schema, I added a table with some data.
CREATE SCHEMA MySchema AUTHORIZATION User1
GO
CREATE TABLE Myschema.MyTable(myid INT)
GO
INSERT MySchema.MyTable
(
myid
)
VALUES
(1), (2), (3)
GO
SELECT * FROM MySchema.MyTable
GO
I granted rights and verified that User2 could access this table.
GRANT SELECT ON Myschema.MyTable TO User2 GO SETUSER 'USER2' GO SELECT * FROM MySchema.MyTable GOThis worked. Now, I move this schema to a new user.
ALTER AUTHORIZATION ON SCHEMA::Myschema TO User3; GOWhat happens with this code?
SETUSER 'USER2' GO SELECT * FROM MySchema.MyTable GOSee possible answers