| A community of more than 1,600,000 database professionals and growing |
| | | Good Practices for Software Development This editorial was originally published on Apr 24, 2014. It is being re-published as Steve is out of the office. Would you post your password on a wall in your office? Of course not, because other employees, the cleaning crew, even guests walking around your office would be able to access your system with your account. When I read Brian Kelly's post on passwords in files, that's what I thought of. Sticking credentials in a file, where they're subject to any kind of search, is a bad idea. However this happens all the time. Combine this with a few other "common practices" like using sa to connect to a database and building dynamic SQL, and you might as well just set blank passwords and invite someone to have fun with your database. It's sad that we continue to see these types of software development practices in 2014, and especially poor to see them from companies that sell software. There is so much information out there on building software that is of higher quality and is much more secure. However all too often I find developers just aren't implementing these practices. There are probably a myriad of reasons why, and I wish we had more ways to better train people, disseminate the information, and enforce it's use. Ultimately we can only do what we can. However I'd encourage those of you that see poor practices taking place to have a word with the developer (internally), or send a note to the vendor. If it's more important to make a few more dollars than implement better practices, I'd encourage you to publicly call some attention to the matter. Maybe a little exposure to the dark side of software development will pressure managers to require more secure work over time. Steve Jones from SQLServerCentral.comJoin the debate, and respond to today's editorial on the forums |
|
| | ADVERTISEMENT | | | | Database migrations inside Visual Studio Feeling the pain of managing and deploying database changes manually? Redgate ReadyRoll creates SQL migration scripts you can use to version control, build and release, and automate deployments. Try it free |
| | | | Don’t just fix SQL Server problems, prevent them from happening SQL Monitor helps teams looking after SQL Server be more proactive. Not only does SQL Monitor alert you to current issues, it gives you the information you need to stop them happening in the future. Download SQL Monitor now and get a 14 day free trial |
|
|
|
| | | | | Shubhankar Thatte from SQLServerCentral.com This article gives an example of loading partitioned tables incrementally using SSIS More » |
| | Additional Articles from SimpleTalk When your application is running slowly, the reflex action is to blame the database queries. It is certainly true that some of the more extravagant delays can be fairly blamed on a missing index or unnecessary locking, but there are other potential villains in the drama, including the network and the application itself. Dan Turner points out that you could save a lot of time and money by working out for sure where the problems lie before diving into the detail. More » |
| | DevOps is gaining ground everywhere. By offering a route to releasing software faster, with fewer errors, it can give companies which adopt it an immediate advantage. Unfortunately, it’s not something you can just buy or decide to do tomorrow. Instead, it’s a shift that needs the right guidance to become reality. More » |
| | Andy Galbraith from SQLServerCentral Blogs Do you like Log Shipping? Before my time at Ntirety I had done quite a bit of work with failover clustering... More » |
| | Arun Sirpal from SQLServerCentral Blogs I love the query store, it is powerful (can be dangerous) , easy to use and packed full of information. I... More » |
|
|
| | | Today's Question (by Steve Jones): My system has the MAXDOP set at 8 to prevent a query from using all 16 cores. For my index rebuild, I want this to complete this as quickly as possible overnight and use all 16 cores for only the index rebuild. What is the easiest way to do this? |
Think you know the answer? Click here, and find out if you are right. We keep track of your score to give you bragging rights against your peers.
This question is worth 1 point in this category: Indexing. We'd love to give you credit for your own question and answer.
To submit a QOTD, simply log in to the Contribution Center. |
|
|
| |
| ADVERTISEMENT | | Automate your workload and manage more databases and instances with greater ease and efficiency by combining metadata-driven automation with powerful tools like PowerShell and SQL Server Agent. Automate your new instance-builds and use monitoring to drive ongoing automation, with the help of an inventory database and a management data warehouse. Get your copy from Amazon today. | |
|
|
|
|
|
|
| Yesterday's Question of the Day |
| Yesterday's Question (by Steve Jones): I want to import a file into my R session. The file is loaded in f:\datasets\NFL. However, when I try to read the file, I get this: > read.file("2016QB.tsv", sep="\t") Error: could not find function "read.file" I need to set the working folder of my session. How can I set this to the correct folder?
Answer: setwd("f:/Datasets/NFL") Explanation: The correct answer here is the setwd() function with the path included. The path needs forward slashes to work. The backslash is an escape character in R. An alternative for doing this is : setwd("f:\\Datasets\\NFL") Ref: Data Import - click here » Discuss this question and answer on the forums |
|
|
| | | | Jonas Gunnarsson from SQLServerCentral.com The procedure generates an import script for SQL Server Management Studio diagrams.
Easy to use, takes one diagram name and an optional parameter, if is first diagram to script.
List the database diagram for current database: select * from sysdiagrams;
The script is based on several other scripts, see the References in script.
Example of usage: execute tool.ScriptDiagram 'First', 1; execute tool.ScriptDiagram 'Second', 0; execute tool.ScriptDiagram 'Third', 0; Further reading Getting started with SQL Server database diagrams Visual Database Tools (fixed links and use only tab in code) (2017-10-23 cleanup procedure) More »
|
|
|
| Database Pros Who Need Your Help |
| | Here's a few of the new posts today on the forums. To see more, visit the forums. transactions per second multiple databases - Hi, We have a server with 300 databases and need to know correctly the tranactions /second of each database for the... StartDate and EndDate in same column - I have a date column below RunDate , I want to create two column StartDate and EndDate like this StartDate = '2004-08-01' ... HA and DR Solution - Based on the discussions that we had internally we initially decided to move with a SQL FCI for our non... Migrate SQL Server to new server - Hello All, I would like to upgrade my SQL Server 2012 to SQL Server 2016. I created new machine and i would... Referencing the same table multiple times - Hi all I'm in the middle of creating a FACT table for our data warehouse. I've got the data I want (and... The server will drop the connection, because the client driver has sent multiple requests while the session is in single-user mode - Around 2am in the morning, certain jobs fails and report fails at the same time. Report (business objects) connects to... Send email when a field is 0 - Hi, I query that will be part of a store procedure. the store procedure will be loading a table, after a... CASE Statement - I need to generate a adhoc report. I need to query a time range(calltime) that is stored as char(5). Querying... Nulls and the CASE statement - Dear DBAs I have a database which includes values such as: Main entrance In Main exit out Main entrance out etc... Removing Time from Date when adding to Gridview - I am trying to run a SELECT statement and post the results to a Gridview in C#. Everything works fine... How to find the first recurring character of a string. - I have a query that finds the first recurring character in a string. For eg : if @str = 'ABCCDA' then i... PURGING DATA - HI All, I have an assignment, to Purging data, with conditions: 1. Keep the full data 6 months (keep all the records... Changing NVARCHAR to VARCHAR... - Dear Experts, As part of tuning on a database , I want to reduce the high physical reads by reducing the number... SQL versus program - Hi all, I'm posting my question in this 2008 forum because we're running SQLServer 2008R2, but it is more a general... Concatenate two columns which have a space between them - Hi guys, I would like to concatenate two columns which have a space between them. I keep getting an error message.... Trying to avoid using CROSS JOIN - Hi all, I've created thousands upon thousands of stored procs, and I can probably count on one hand the number of... Started getting "AcquireConnection method call to the connection manager "Excel Connection Manager" failed with error code 0xC0202009" suddenly - Hello, I have SSIS package which worked fine for last 2 years and was successfully run in last month but suddenly... Need to zip files and load into Source Modified Date , Date folder. - Hi, I have to zip files regularly and load them into destination, the destination folder should be in format YYYY_MM. How... DBCC CHECKDB with Msg 8921, Msg 824 - my database has 20 tables. out of which 8 tables is opening but the remaining 12 shows error no backup... using DOS START command inside of xp_cmdshell - What I want to do is to issue a START command inside the xp_cmdshell. This should start a new cmd process with whatever... |
|
| This email has been sent to newsletter@newslettercollector.com. To be removed from this list, please click here.
If you have any problems leaving the list, please contact the webmaster@sqlservercentral.com. | This newsletter was sent to you because you signed up at SQLServerCentral.com.
Feel free to forward this to any colleagues that you think might be interested.
If you have received this email from a colleague, you can register to receive it here. | This transmission is ©2017 Redgate Software Ltd, Newnham House, Cambridge Business Park, Cambridge, CB4 0WZ, United Kingdom. All rights reserved.
Contact: webmaster@sqlservercentral.com |
|
|
