SQL Server

SQL Injection Tips, Part 2

SQL injection is probably the most common and easiest hacking technique out there. Now, don’t think I condone it, I’m just trying to make you aware of some of the techniques used. Let’s say for example your database on a website runs a query that looks like the following: SELECT

Make several SQL Server connections partecipate to the same transaction

You can reuse resources from other connections by resorting to two little known SQL Server’s stored procedures, which allow several connections to share the same transactional space: sp_bindsession and sp_getbindtoken. In particular the sp_getbindtoken stored procedure lets you retrieve the current transaction’s token (a string that identifies its own transactional

Be Careful How You Name SQL Server Stored Procedures

When creating stored procedures in a database other then the Master database, avoid using the ‘sp_’ prefix. System stored procedures are the only ones that should use the ‘sp_’ prefix. The issue is not that naming a procedure in this manner causes errors executing the procedure, but rather it slows

Use the OpenRowSet Function to Run a Query on a Remote SQL Server

You can use the OPENROWSET( ) function to run a query on a remote SQL server by using the following syntax: SELECT *FROM OPENROWSET(‘SQLOLEDB’, ‘remote_server_name’; ‘sa’; ‘password’,’SQL statement’) Here replace ‘remote_server_name’ with the name of the remote server on which you want to run the query. If necessary, replace ‘sa’

Start and Stop SQL Server 7.0 on Windows 98/95 With SCM.Exe Utility

If you are running the windows 98/95 version of SQL Server, then you can use the Windows 98/95 specific scm.exe utility to stop and start SQL Server. The scm.exe utility actually mimics Windows NT commands, such as net start and net stop for starting and stopping the services. For example,

Primary Key Identity

Question: I have installed Service Pack 4 for SQL Server and Service Pack 4 for NT. I still receive this same error. Your Q&A suggests that this problem was fixed in one of the service packs. I suppose the only fix is a scheduled DBCC check on each table in