You are browsing archives for
Its pretty often that I run across SQL code that supposed to handle empty or null varchar values. But a lot of the time it doesn’t. And usually its because a developer has made the false assumption that null has a length of 0. It doesn’t. LEN(NULL) IS NULL. LEN(NULL) does not = anything. LEN(NULL) […]
Michael Sutton has run a test to see how many websites have SQL injection issues and finds that 11% of the websites he tests are potentially vulnerable. The article is well written in that he discusses the methods used to select urls for testing, the change he uses to attempt a non-destructive SQL injection, and […]
SQL Server’s MONEY data type is where you should be looking first if you are storing something like prices and order totals. But what about pesky GST and VAT values? These sometimes need to extend out to 6, 8 or even more decimal places in order to calculate the correct tax inclusive price. Along comes […]
One of the tasks regularly performed in ETL processes is using BCP or BULK INSERT to import large amounts of data into a empty database. You might be using these tools to import a single file into a table, or many files into a table. Either way, SQL Server is going to want to update […]
Applies to: SQL Server 2000, SQL Server 2005 (Yukon) It’s pretty often I see the need for a database to be renames. Sometimes its because a developer has given their database a very generic name, or sometimes becuase the use of the database has shifted. Renaming a database is a pretty easy task (make sure […]
– Don’t start column names with FK_ – Always name a FK column the same as the PK I happened to glance a database model today that had a column naming scheme that scared me: column names that started with FK_. I’m pretty sure the designer was intending to show that the column was actually […]
