There are 16 entries for the tag SQL

Why it’s easy being a hacker – A SQL injection case study

Why it’s easy being a hacker – A SQL injection case study – basically asserting that the top search results around learning MySQL/SQL all have terribly flawed code examples. Hardly surprising I guess, however I wonder how recent some of those posts are. I’m not a PHP kinda guy, but certainly a lot of blog posts I’ve seen in the .NET community that contain “quick” sample code have usually had some kind of disclaimer on them – whether that disclaimer is actually read or not is another matter altogether. Tags: SQL, Security

SQL Delta 5.0

I think I’ve briefly mentioned SQL Delta a couple of times in previous posts. SQL Delta is a tool which competes with RedGate’s SQL suite of tools, and it’s one which I purchased a while ago for some database comparison/syncing work. SQL Delta offers both structure and data comparison in the one tool, which makes it really good value for money. Since then it’s been a handy addition to my toolkit, and one which I’ve meant to blog about for a while now. This post is not that blog, instead, it’s a quick update to mention that they’ve just...

SQL Server Express 2008 CTP

A while ago I was looking at versions of SQL Server Express (I forget why), and wondered when a 2008 version was going to be available. Well it seems there is a CTP version available now. Tags: SQL

Remove trailing characters (and a small rant)

Often when coding I’ll search for a snippet of code to avoid reinventing the wheel. Code re-use is good, right? From now on, whenever a search like that ends up sending me over to experts-exchange.com (which is a signup, members only site that shows the question text for all to see but masks the answers to entice people to sign up) I’m going to make an effort to write up a free version of  the answer here. I really dislike that site, because all hits from there are a complete waste of time for a non member....

SQL epic fail?

Often, when throwing databases together using SQL Management Studio, I end up missing a feature of Domino Designer - the ability to add a short comment against a table (or in Domino terms, a view). There are times when it would be really nice to add a small amount of descriptive information to accompany a database model. This leads me to ask 2 questions; Does the act of asking this question indicate a fail in terms of database design? Is there some other way that database people of the world use...

"SQL 2005 Tools Install Experience is the suck"

Every time I go to install the non-express SQL 2005 Management Studio I end up fighting with the installer for quite some time. It's pretty tedious, and there are plenty of other people out there having this problem. Previously I've managed to get the install process to work through various means, each time forgetting to document the steps I took. Turns out it doesn't matter, as there's a much easier method: "SQL 2005 Tools Install Experience is the suck" details an obvious and simple fix: But I did find the answer!  The trick is to browse to the Tools folder...

SQL Server Web Report Viewer Issues on Windows 2008 Server/IIS7

About a year back I wrote a quick post detailing a problem (and a fix) for an issue I was having with the SQL Server Web Report Viewer on Windows 2008 Server/IIS7 (the 'RSClientController is undefined' error). Most of the comments implied that the article helped people, however a few people weren't able to follow what was written. Partly because I wrote it very quickly at the time it was happening, and didn't grab a screenshot at the time. So I've just gone back and made a quick update to the article so that it now includes a bit...

Taffy DB

The description of TaffyDB reads: Taffy DB is a free and opensource JavaScript library that acts as thin data layer inside Web 2.0 and Ajax application Think of it as a SQL database in your web browser. Ok, I thought of that - and it scares me. Yet, intrigues me at the same time. Technorati Tags: SQL,JavaScript


  LINQPad is a handy tool for anyone who works with LINQ: LINQPad is more than just a LINQ query tool: it's a code snippet IDE. Instantly execute any C# 3 or VB 9 expression or statement block! Best of all, LINQPad is free and needs no installation: just download and run.  The executable is under 2MB and is self-updating. Fun! Tags: ASP.NET , SQL , LINQ

SQL Server 2005 support ends next Tuesday

As a headline, it sounds pretty serious, but it's only support for Service Pack 0 (RTM) that's finishing on the 10th. The only people who should be concerned are people who have some specific reason for not being able to move to either SP1 or SP2. For 2000 shops, support for SQL2000 SP3a also ends on the 10th. Tags: SQL

SQL Server Web Report Viewer Issues on Longhorn/IIS7

It seems I've come across yet another AXD related issue. This time with the SQL Server Web Report Viewer Control which was being served up via IIS7 on a Longhorn server. As soon as the page loaded I was getting JavaScript errors of 'RSClientController is undefined'. The report had been working fine on development boxes, so I was pretty sure it was either related to the deployment or IIS. In checking the source of the page I found the following entry: <script src="/Reserved.ReportViewerWebControl.axd? OpType=Resource&amp;Version=8.0.50727.817&amp;Name=Scripts.ReportViewer.js" type="text/javascript"></script> Which of course didn't exist when I pasted the URL into...

SQL Server 2005 SP2 now available

SQL Server 2005 SP2 is now available for all versions. Link: Microsoft SQL Server 2005 Service Pack 2 Link: What's New in SQL Server 2005 SP2 Tags: Microsoft, SQL

Generate SQL data INSERT statements from a table

If you've ever had to work with reference data across multiple instances of the same application, or have simply needed to script data contained in a table, then you'll know what I'm talking about here. I've needed to do this a few times recently, and finally managed to come across something which does exactly what I needed. Here's the blurb from the description, which sums it up better than I have here: This procedure generates INSERT statements using existing data from the given tables and views. Later, you can use these INSERT statements to generate the data....

Visual Studio Team Edition for Database Professionals

Database change control and versioning is an incredibly important part of development which can occasionally be overlooked. While there are some good tools out there to help make this task easier, a lot of what I've seen so far has been incredibly manual. Microsoft is hoping to make this task easier with the release of Visual Studio 2005 Team Edition for Database Professionals. I guess they're hoping to make some money too. Team Edition for Database Professionals gives you a new database project, which you can use to manage your database as well as integrate it with Team...

SQL Server: Singular vs Plural Table Names

I've only been working with SQL Server for a couple of years, and although I've been exposed to a lot of different parts of it, there are still some things I've not been forced to spend a lot of time thinking about. One of those things is naming conventions for SQL Objects. I recently did a large piece of work which involved creating a few new tables in an existing database. Without thinking about it too much, I picked plural names for these tables, and thought nothing of it until a colleague pointed out that typically SQL tables...

Connection Strings (and nothing else)

ConnectionStrings is one of those sites which deals with only one thing, but deals with it very well. In their case, the subject is hopefully quite obvious. The site contains samples and variants of connection strings to pretty much every database out there. Handy. Tags: SQL