Languages and coding

Dinesh Asanka
Transaction log usage after TRUNCATE TABLE statment is executed.

Truncate Table Operations in SQL Server

September 25, 2019 by

Truncating a table is removing all the records in an entire table or a table partition. TRUNCATE table is functionally similar to DELETE table with no WHERE clause. However, TRUNCATE table is much faster than DELETE with respect to the time and the resource consumptions which we will look at in this article. TRUNCATE statement removes the data by de-allocating the data pages in the table data. This means that TRUNCATE is similar to drop and re-create the table. Also, it records only the page de-allocations in the transaction log, not the row-wise as in DELETE statement.

Read more »
Jignesh Raiyani
How DDL trigger works over database?

Database Level DDL Triggers on Tables

September 23, 2019 by

This article portrays the different utilization of database DDL Triggers for the Tables with a counting mail alert on schema composition using DDL (Data Definition Language) standard. Using that efficient method we can keep close eyes on monitoring schema changes in any database of SQL Server. We’ll also see how we could monitor these movements and send an alert email to persons responsible to inform about this change.

Read more »
Ed Pollack
Sample form with validation errors that protect the underlying code from SQL injection attacks.

SQL Injection: Detection and prevention

August 30, 2019 by

Summary

With an understanding of what SQL injection is and why it is important to an organization, we can shift into a discussion of how to prevent it. We ultimately want systems where SQL injection is impossible or very difficult to pull off. We then want systems where exploiting bugs is slow, laborious, and likely to raise monitoring alarms within an organization when attempted. The trio of layered security, prevention, and alerting can provide an immense advantage against not only SQL injection, but other data security threats.

Read more »
Ed Pollack
Attempting to locate a SQL injection vulnerability by entering special characters into form fields.

SQL Injection: What is it? Causes and exploits

August 30, 2019 by

Summary

Many security vulnerabilities are discovered, patched, and go away forever. Some linger and continue to plague software development and will continue to do so for years to come. Setting aside social engineering and non-technical attacks, SQL injection remains one of the top security threats to our data, as well as one of the most misunderstood.

Read more »