Defensive Database Programming - Red Gate Software

More documents

Recommendations

Info

Chapter 2: Code Vulnerabilities due to SQL Server MisconceptionsSELECT @i = -1 ;SELECT @i AS [@i before the assignment] ;SET @i = ( SELECT 1UNION ALLSELECT 2) ;SELECT @i AS [@i after the assignment] ;@i before the assignment-------------------------1Msg 512, Level 16, State 1, Line 6Subquery returned more than 1 value. This is not permittedwhen the subquery follows =, !=, = or when thesubquery is used as an expression.@i after the assignment------------------------1Listing 2-11: SET may leave a variable unchanged if it raises an error.Similarly, if SELECT raises an error, the value of the variable can also be left unchanged.Run Listing 2-12 and you will get the same output as in Listing 2-11.SET NOCOUNT ON ;DECLARE @i INT ;SELECT @i = -1 ;SELECT @i AS [@i before the assignment] ;SELECT @i = 1WHERE ( SELECT 1 AS nUNION ALLSELECT 2) = 1 ;66
Chapter 2: Code Vulnerabilities due to SQL Server MisconceptionsSELECT @i AS [@i after the assignment] ;Listing 2-12: SELECT may leave a variable unchanged if it raises an error.Understanding how SET and SELECT behave is very important. In particular, thebehavior of SELECT demonstrated in Listing 2-9, whereby it leaves a variable unchangedif the selected result set is empty, can lead to the dreaded infinite loop.Use set-based solutions where possibleOf course, wherever possible we should avoid procedural, row-by-row processing inour T-SQL code, in favor of proper set-based aggregation. However, sometimes loopsare unavoidable.In order to demonstrate the infinite loop problem, create the Orders table shown inListing 2-13 and populate it with sample data.CREATE TABLE dbo.Orders(OrderID INT NOT NULL ,OrderDate DATETIME NOT NULL ,IsProcessed CHAR(1) NOT NULL ,CONSTRAINT PK_Orders PRIMARY KEY ( OrderID ) ,CONSTRAINT CHK_Orders_IsProcessedCHECK ( IsProcessed IN ( 'Y', 'N' ) )) ;GOINSERT dbo.Orders( OrderID ,OrderDate ,IsProcessed)SELECT 1 ,'20090420' ,'N'UNION ALL67
Page 5 and 6:
Chapter 2: Code Vulnerabilities due
Page 7 and 8:
Enforcing Data Integrity in the App
Page 9 and 10:
About the AuthorAlex Kuznetsov has
Page 11 and 12:
IntroductionResilient T-SQL code is
Page 13 and 14:
IntroductionCh. 02: Code Vulnerabil
Page 15 and 16: IntroductionSpecific examples demon
Page 17: IntroductionWhat this book does not
Page 21 and 22: Chapter 1: Basic Defensive Database
Page 57 and 58: Chapter 2: Code Vulnerabilitiesdue
Page 59 and 60: Chapter 2: Code Vulnerabilities due
Page 65: Chapter 2: Code Vulnerabilities due
Page 75: Chapter 2: Code Vulnerabilities due
Page 78 and 79: Chapter 3: Surviving Changes to Dat
Page 104 and 105: 104
Page 106: Chapter 4: When Upgrading Breaks Co
Page 109 and 110: Chapter 4: When Upgrading Breaks Co
Page 117 and 118:
Chapter 4: When Upgrading Breaks Co
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 130 and 131:
Page 132 and 133:
Chapter 5: Reusing T-SQL CodeThe Da
Page 134 and 135:
Chapter 5: Reusing T-SQL CodeIt is
Page 136 and 137:
Chapter 5: Reusing T-SQL CodeAverag
Page 138 and 139:
Chapter 5: Reusing T-SQL CodeBEGINS
Page 140 and 141:
Chapter 5: Reusing T-SQL CodeWe als
Page 142 and 143:
Chapter 5: Reusing T-SQL CodeLet's
Page 144 and 145:
Chapter 5: Reusing T-SQL CodeStateC
Page 146 and 147:
Chapter 5: Reusing T-SQL CodeStateC
Page 148 and 149:
Chapter 5: Reusing T-SQL CodeBEGIN
Page 150 and 151:
Chapter 5: Reusing T-SQL CodeSELECT
Page 152 and 153:
Chapter 5: Reusing T-SQL CodeReusin
Page 154 and 155:
Chapter 5: Reusing T-SQL CodeIt is
Page 156 and 157:
Chapter 5: Reusing T-SQL CodeINSERT
Page 158 and 159:
Chapter 5: Reusing T-SQL CodeListin
Page 160 and 161:
Chapter 5: Reusing T-SQL CodeUnique
Page 162 and 163:
162
Page 164 and 165:
Chapter 6: Common Problems with Dat
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
Chapter 7: Advanced Use ofConstrain
Page 211 and 212:
Chapter 7: Advanced Use of Constrai
Page 213 and 214:
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
Page 221 and 222:
Page 223 and 224:
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Page 243 and 244:
Page 245 and 246:
Page 247 and 248:
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
Page 255 and 256:
Chapter 8: Defensive ErrorHandlingT
Page 257 and 258:
Chapter 8: Defensive Error Handling
Page 259 and 260:
Page 261 and 262:
Page 263 and 264:
Page 265 and 266:
Page 267 and 268:
Page 269 and 270:
Page 271 and 272:
Page 273 and 274:
Page 275 and 276:
Page 277 and 278:
Page 279 and 280:
Page 281 and 282:
Page 283 and 284:
Page 285 and 286:
Page 287 and 288:
Page 289 and 290:
Page 291 and 292:
show all

Defensive Database Programming - Red Gate Software

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?