Currently browsing tag

SQL

SQL Injection Attacks

How to Prevent SQL Injection Attacks

What do Sony Pictures, PBS, Microsoft, Yahoo, LinkedIn, and the CIA have in common? These organizations and their web sites have all been successfully breached using what has become the weapon of choice for hackers: SQL injection. SQL, or the Structured Query Language, is the command-and-control language for relational databases such …

Dynamic SQL result stored in a TABLE

Dynamic SQL result stored in a TABLE Introduction As we all know that the dynamic SQL is not good where performance is concern. But sometimes we don’t have other choices. As I personally think that, no developer chooses the dynamic SQL with interest, but they choose it as they have …

CLR Integration with MS SQL Server

CLR Integration with MS SQL Server Introduction My friend told me that the CLR Integration is quite complex. I think that nothing is complex if we understand it properly. So in this article I am trying to discuss about MS SQL server CLR integration. I try to demonstrate it as …

MySQLi prepared statements

MySQLi prepared statements pre { background-color:#444; white-space:pre-wrap; font-size:85%; padding:0px 6px; } Lessons learned: Prepared statements are 13 percent faster than normal statements with escaping Prepared statements are 8 percent faster than normal statements without escaping To get improvements, you need at least 10000 inserts for 1 statement Using insert…set is …

Table Variable with Dynamic SQL

Table Variable with Dynamic SQL Introductions The table variable gives us the high degree of flexibility to work with T-SQL construct. Most of the developer uses the table variable to find the desired solutions due to its simplicities. Here in this article I am not discussing related to table variable. …

Disadvantages of ORM

Disadvantages of ORM ORM has attracted a lot of attention in the last years. So let’s get a bit deeper into it.The biggest advantage of ORM is also the biggest disadvantage: queries are generated automatically queries can’t be optimized queries select more data than needed, things get slower, more latency(some …

Dynamic SQL With spexecutesql

Dynamic SQL With sp_executesql () Dynamic SQL is a part of the development. It is not a good idea to use the dynamic SQL. But the real facts are that, in such kind of situation we must use the dynamic SQL. Here in this article I am trying to illustrate …

Blocking in SQL Server

Blocking in SQL Server In this article I am trying to explain the Blocking. What is it Blocking in SQL Server is a scenario where one connection to SQL Server locks one or more records, and a second connection to SQL Server requires a conflicting lock type on the record …

spprocoption

sp_procoption One of my friends asks me to run a stored procedure, when he starts the MS SQL server. His main problem is to run the stored procedure automatically when he starts the MS SQL Server. This article is related to auto starts the stored procedure when the MS SQL …

SQL 2008 FILESTREAM storage

SQL 2008 FILESTREAM storage SQL Server never is good to storing unstructured data like video, graphics file, MS-Office file etc.  Before SQL server 2008, we have two choices to manage such kind of data mentioned bellow.  1.    By using VARBINARY(MAX) columns inside the database.   2.    Store the data outside …

CROSS APPLY on SQL 2005

CROSS APPLY on SQL 2005 A new feature of Microsoft SQL Server 2005 is “CROSS  APPLY”. It restricted “INNER JOIN” between a table (outer query) and a table-valued function (common usage), or derived table from correlated subquery. The table-valued function is evaluated only for the parameter values supplied by the …