Skip to content

Could SQL Injection be dangerous even when perfectly safe?

SQL Injection is something I would expect any reader of my blog to be familiar with. Despite being one of the oldest database attack methods, it still persists for decades on the OWASP Top Ten list of critical security risks to web applications.

In fact, instead of dying out, it only seems to be getting more clever and even automated. With “hacker bots” scouring the web and automatically probing for injection vulnerabilities to exploit. I know, as I’ve once been a victim of such attacks in the past.

But today I’m not actually going to talk about that. Today, I’m going to ask the question: When is SQL Injection dangerous, even if it’s perfectly safe?

Read More »Could SQL Injection be dangerous even when perfectly safe?

T-SQL Tuesday #152 – Which version of my database was deployed? It depends!

This month’s T-SQL Tuesday is hosted by Deb the DBA (b|t), who invites us to give a long rant about a question that a coworker could be asking us, without knowing what they’ve just gotten themselves into by doing that.

Well… I’ve got just the thing 🤭

Read More »T-SQL Tuesday #152 – Which version of my database was deployed? It depends!

Should the Database and Application projects be in the same Repository?

Following the rise in popularity of DevOps for Databases, many interesting questions are being asked on the topic.

One of these questions is: Should your SQL Database project be in the same source control repository and solution as the App code project? Or maybe they should be in the same repository but separate solutions? Or maybe they should be in completely separate repositories?

Read More »Should the Database and Application projects be in the same Repository?

Compare SQL Server Instance Properties

A few years ago, I created a couple of T-SQL scripts that can be used for comparing instance-level and database-level properties between two HA/DR replicas. Originally, this supported comparing only two servers. But recently, following a fan request, I upgraded the script to support an unlimited number of servers that you can compare to each other.

So, I figured, if one person found this useful, there must be more out there that would need this, right?

Read More »Compare SQL Server Instance Properties

T-SQL Tuesday #150 – My First Tech Job

This month’s #tsqltuesday is hosted by Kenneth Fisher (b|t), who wants us to share stories about our first tech job (or first job ever if it makes for a good story).

My first job ever was delivering a magazine door-to-door in one neighborhood. It doesn’t actually make for a good story as it’s pretty bland and boring. Except maybe for how when I got my first paycheck (which was a measly 50 shekels for one morning’s work), I was so excited that my hands literally trembled and I had a stupid grin on my face that I couldn’t get rid of for the next hour or so (it’s stupid, I know, but come on, I was barely in high-school at the time).

I imagine that wasn’t very interesting, so I’ll tell you about my first real job (which was indeed a tech job).

Read More »T-SQL Tuesday #150 – My First Tech Job