Defensive Db Programming Chapter 02

This is the review of the second chapter of the book Defensive Database Programming.  The title of this chapter is “Code Vulnerabilities Due to SQL Server MisConceptions.”

This chapter examines three common misconceptions:

  1. WHERE clause conditions will always be evaluated in the same order
  2. SET and SELECT always change the values of variables
  3. Data will be returned in some “natural order”

Another misconception is that DBAs and Developers know these misconceptions.  As frequently as we are reminded of these things, it is not enough and we need to continue to remind ourselves about these misconceptions as well as teach others the same thing.

As was shown in the first chapter, we have been given some samples of how these statements are proved invalid.  Due to the proof of the misconception, we are also given some alternatives to code against them.

This is the kind of information that should be required reading for anybody who needs to write a stored procedure or a script that touches a database.  Even for seasoned professionals, the samples laid out in this chapter need to be examined.  I think most of us could find an application in our current environments where we could apply these principles right away.

In this chapter we also see another use for the “Numbers” table.  This chapter is also rather easy to read and written well.  I hope you enjoy reading it as well.

1 Comment - Leave a comment
  1. [...] This post was mentioned on Twitter by Jorge Segarra, Jason Brimhall. Jason Brimhall said: New post: Defensive Db Programming Chapter 02 (http://bit.ly/c6riBg) [...]

Leave a comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">








Calendar
July 2010
M T W T F S S
« Jun   Aug »
 1234
567891011
12131415161718
19202122232425
262728293031  
Content
SQLHelp

SQLHelp


Welcome , today is Saturday, November 1, 2014