Tag Archives: SQL Server

The benefits of Stored Procedures

Posted on Sunday, 24 June, 2007 by Colin Mackay

There are a number of ways to access data in SQL Server, or any enterprise DBMS. There are lots of books that discuss getting data in and out of databases and the best ways to do that. Many advocate the … Continue reading

Posted in Uncategorized | Tagged , | 2 Comments

SQL Exception because of a timeout

Posted on Saturday, 23 June, 2007 by Colin Mackay

You think it would be easy to find information on exactly what error number a SqlException has when the command timed out. But, it isn’t. MSDN, for all that it is normally an excellent resource, fails to even mention that … Continue reading

Posted in Uncategorized | Tagged , | 4 Comments

SQL Injection Attacks and executing dynamically created SQL

Posted on Friday, 22 June, 2007 by Colin Mackay

There is a very important difference between EXEC[UTE] and sp_executesql that anyone who executes dynamically generated SQL statements ought to know. Typically dynamic SQL is generated when a particular construct is not possible by using parameters alone or when certain … Continue reading

Posted in Uncategorized | Tagged , | Leave a comment

Moving Databases

Posted on Thursday, 21 June, 2007 by Colin Mackay

If you ever move a database from one SQL Server to another you may come across the situation where the logins no longer map to the users in your database (and that’s assuming that the SQL Server you’ve moved the … Continue reading

Posted in Uncategorized | Tagged , , , | Leave a comment

SQL Injection Attacks and Some Tips on How to Prevent Them

Posted on Saturday, 23 April, 2005 by Colin Mackay

Introduction Security in software applications is an ever more important topic. In this article, I discuss various aspects of SQL Injection attacks, what to look for in your code, and how to secure it against SQL Injection attacks. Although the … Continue reading

Posted in Article | Tagged , , , | 1 Comment