Database development

Security Testing SQL Logins with the PWDCOMPARE function

June 3, 2020 by Timothy Smith

In this article, we’ll look at using the built-in PWDCOMPARE function in SQL Server for security testing passwords. While this tool may seem like it exposes a weakness in Microsoft SQL Server because we can test for passwords, it should be of note that an attacker could do the same attack by attempting to login to our database server assuming the attacker was able to access a connection to it. Therefore, this function does not increase the risk of an attack on SQL Server but does help us identify possible weaknesses in our environment so that we can quickly mitigate these risks. In addition, we’ll also combine this with other related tools in SQL Server to help us with logins.

Lever T-SQL for Pinpoint Control of ORDER BY in a Stored Procedure

June 1, 2020 by Frank Solomon

Introduction

The T-SQL ORDER BY clause sorts SQL Server SELECT statement result sets, and it becomes important when we build stored procedures. Unfortunately, the syntax offers no flexible way to directly control the ORDER BY clause behavior with argument values. This means we don’t have an easy way to control the specific column or columns that the ORDER BY clause sorts. Additionally, SQL Server does not offer a flexible way to directly control the ascending or descending order of any ORDER BY clause column with argument values. Of course, we can certainly hard-code the ORDER BY clause in a stored procedure, but this approach becomes fixed in stone. We could try a dynamic SQL solution, involving a stored procedure code that dynamically builds and executes SQL Server statements inside a stored procedure. However, this technique becomes tricky, and it can lead to SQL injection attacks. Other techniques might rely on CASE statements, and their complexity can become overwhelming as the column count grows. This article spotlights a clean, efficient, pinpoint T-SQL stored procedure technique that directly sorts one, some, or all SELECT statement result set columns. The technique avoids dynamic SQL, and it operates directly in a stored procedure. The article also shows how to set the ascending or descending sort order of specific columns.

Explore the DATABASEPROPERTYEX() function for SQL Server databases

May 28, 2020 by Rajendra Gupta

In this article, we explore a SQL function to extract SQL database metadata using the DATABASEPROPERTYEX function.

Getting Started with the SQLPackage Utility

May 28, 2020 by Aveek Das

In this article, I’m going to explain in detail about the SQLPackage utility that is provided by Microsoft in order to automate database deployments. In my previous article regarding Data-Tier Applications in SQL Server, I have mentioned how to create a DACPAC and a BACPAC file from an existing SQL Server Database. The underlying technology behind creating the DACPAC and the BACPAC files is the SQLPackage utility, which helps to create those files.

Impact of the Column order in SQL Server Composite Indexes

May 28, 2020 by Rajendra Gupta

In this article, we will explore the Composite Index SQL Server and the impact of key order on it. We will also view SQL Server update statistics to determine an optimized execution plan of the Compositive index.

Using tSQLt for Test-Driven Data Warehouse Development (TDWD)

May 21, 2020 by Haroon Ashraf

This is the second part of a conceptual article for data professionals and enthusiasts interested to work on a test-driven data warehouse development concept by using tSQLt an industry recognized SQL unit testing framework.

Import XML documents into SQL Server tables using SSIS packages

May 21, 2020 by Rajendra Gupta

This article guides you through importing XML documents into SQL tables using SSIS packages.

The JSON_QUERY() function to extract objects from JSON Data

May 19, 2020 by Rajendra Gupta

In this article, we will explore JSON_QUERY() functions in SQL Server to extract JSON objects and array from the JSON Data.

An Overview of the XML Task in SSIS Packages

May 18, 2020 by Rajendra Gupta

Introduction

We can use an SSIS package to perform various tasks such as data import, transform, and get output in various formats. Once we launch Visual Studio 2019 and create an integration services project, it shows you various tasks in the SSIS toolbox. In this article, we will explore the XML Task in the SSIS.

MySQL Create Table statement with examples

May 13, 2020 by Nisarg Upadhyay

In this article, I am going to explain the MySQL CREATE TABLE statement with examples. The following syntax contains basic statements to create a table in MySQL.

Lever T-SQL to dynamically define duplicate SQL Server database table rows

May 11, 2020 by Frank Solomon

Introduction

Lever T-SQL to handle duplicate rows in SQL Server database tables article highlighted T-SQL features that detect and handle duplicate SQL Server table rows. The techniques work well, but they rely on fixed duplicate row definitions. This article extends those techniques, showing how to define duplicate rows in a dynamic way.

The Concept of Test-Driven Data Warehouse Development (TDWD) with tSQLt

May 7, 2020 by Haroon Ashraf

This is a conceptual article consisting of two parts with enough supported material for any data professional or enthusiast with databases or data warehouse development background willing to go a step ahead by using an industry-recognized SQL unit testing framework called tSQLt.

Memory-Optimized Table Variables in SQL Server

May 6, 2020 by Esat Erkec

This article will cover the usage details and performance advantages of the memory-optimized table variables.

Build an ASP.NET app with Azure SQL Database

May 6, 2020 by Gilad Maayan

In this article, you will learn about Azure SQL Database and its uses. Then the article splits into two sets of tutorials. The first part will show you how to create a single database in Azure SQL Database. The second tutorial will show you how to build an ASP.NET app in Azure SQL Database.

Extract scalar values from JSON data using JSON_VALUE()

May 5, 2020 by Rajendra Gupta

In this article, we will explore JSON_VALUE() function in SQL Server to extract scalar values from JSON data.

Modifying JSON data using JSON_MODIFY() in SQL Server

May 4, 2020 by Rajendra Gupta

This article explores JSON_MODIFY() function to modify JSON Data in the SQL Server.

An introduction to Data-Tier applications in SQL Server

April 29, 2020 by Aveek Das

In this article, I’m going to introduce the data-tier applications in SQL Server. As the official documentation from Microsoft says – “Data-tier applications in SQL Server are a logical entity that can be used to develop and manage most of the SQL Server objects like tables, views, stored procedures, functions etc. as a self-contained package“. Essentially, what that means is it is a component of SQL Server, using which we can develop, build, test and deploy databases for SQL Server just like we can do for any other web or desktop applications.

Lever T-SQL to handle duplicate rows in SQL Server database tables

April 24, 2020 by Frank Solomon

Duplicate rows in a SQL Server database table can become a problem. We will see how we can find and handle those duplicate rows using T-SQL in this article.

Pagination in SQL Server

April 14, 2020 by Esat Erkec

Pagination is a process that is used to divide a large data into smaller discrete pages, and this process is also known as paging. Pagination is commonly used by web applications and can be seen on Google. When we search for something on Google, it shows the results on the separated page; this is the main idea of the pagination.

How to update the T-SQL Toolbox database

April 6, 2020 by Frank Solomon

Introduction

In an earlier article, Solve Time Zone, GMT, and UTC problems using the T-SQL Toolbox database, I described T-SQL Toolbox, a free, open-source SQL Server database that handles time zone, date, and time calculations in a clean and efficient way. Available here at the CodePlex Archive, and here at GitLab, T-SQL Toolbox relies on time zone and time zone adjustment data in its two tables for many of its own calculations. However, T-SQL Toolbox does not update that data. I built primitive C-Sharp and VB.net applications that extract the latest time zone and time zone adjustment data from the Windows registry, and I discussed those applications in that earlier SQL Shack article. In the article, I explained that we can build SQL Server UPDATE statements with this extracted data, and then update the T-SQL Toolbox tables. This article describes a better approach and a better solution.

Table-Valued Parameters in SQL Server

April 6, 2020 by Esat Erkec

Table-Valued Parameters aka TVPs are commonly used to pass a table as a parameter into stored procedures or functions. They are helpful in a way, we can use a table as an input to these routines and we can get rid of dealing more complex steps to achieve this process.

How to compare two SQL databases from Visual Studio

April 3, 2020 by Nemanja Popovic

Visual Studio is an application that is used by many developers and it has different kinds of features that can facilitate the developer’s work. Among these features, Visual Studio offers users the feature to compare two SQL databases via its Schema compare feature.

Dynamic Pivot Tables in SQL Server

April 2, 2020 by Aveek Das

In this article, I am going to explain how we can create a dynamic pivot table in SQL Server. Pivot tables are a piece of summarized information that is generated from a large underlying dataset. It is generally used to report on specific dimensions from the vast datasets. Essentially, the user can convert rows into columns. This gives the users the ability to transpose columns from a SQL Server table easily and create reports as per the requirements.

Understanding Dynamic Data Masking in SQL Server

April 2, 2020 by Aveek Das

In this article, I’m going to explain the Dynamic Data Masking feature in SQL Server. As it goes by the name, Dynamic Data Masking is one of the security features that was introduced in SQL Server 2016. In an ever-growing digital era, the security of ones’ data has become one of the most important and expensive deals. Everyone expects their data to be protected as their own asset and like to treat it with the highest efficiency possible.

Introduction to Row-Level Security in SQL Server

March 31, 2020 by Aveek Das

In this article, I’m going to discuss Row-Level Security in SQL Server. RLS or Row-Level Security as the name suggests is a security mechanism that restricts the records from a SQL Server table based on the authorization context of the current user that is logged in. This means the records from the tables are displayed based on who the user is and to which records do the user has access to. This is usually done to allow specific users to have access to their data only without permission to view other users’ data.